Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34
  1. #21
    Member
    Join Date
    Jan 2013
    Posts
    18
    Points
    0

    Default

    Hello, these entries were not listed on the results but the rest of the entries you listed were, should I proceed anyway?

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: McAfee Anti-Phishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [MSKAgentEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [McafWelcome] c:\PROGRA~1\mcafee.com\agent\mcwelcom.exe
    O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

  2. #22
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,524
    Points
    563

    Default

    Hi raf1314,

    Yes. Please continue.

    Those entries were removed when you ran the programs above that zep516 requested you to download/install and run. I only included them to make sure the other programs were thorough.

    Once complete, please post another HJT log for our viewing pleasure.

    Thank you,

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #23
    Member
    Join Date
    Jan 2013
    Posts
    18
    Points
    0

    Default

    Ok, I hope I did this right.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:07:26 AM, on 2/24/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\AVG\AVG2013\avgui.exe
    C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2013\avgfws.exe
    C:\Program Files\AVG\AVG2013\avgidsagent.exe
    C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Skype\Updater\Updater.exe
    C:\Program Files\AVG\AVG2013\avgnsx.exe
    C:\Program Files\AVG\AVG2013\avgemcx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
    O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

    --
    End of file - 8007 bytes

  4. #24
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,524
    Points
    563

    Default

    Hi raf1314,

    You did that just fine!

    How is your computer running now? Are you still having trouble with your sound cutting out on you?

    I see that there is one entry that you either missed or chose not to place a checkmark next to:

    O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe" /MINIMIZED

    Placing a checkmark next to those entries above does not remove the programs from your computer. It just prevents them starting when you boot your computer. uTorrent is a P2P Program. I must warn you that this type of program is of the highest nature that infections are invited into your Computer. My suggestion would be to remove it from your Add/Remove programs.

    P2P Programs can invite spyware, viruses, Trojan horses, or worms into your computer. When shared files are downloaded, your computer can become infected. If you share these files with others, their computer becomes infected as well. You also invite the possibilities of others stealing your personal information such as passwords, online banking accounts, personal files, etc.

    Please read the following link for more information:

    P2P File-Sharing: Evaluate the Risks

    I'd like to ask you to perform another scan.

    Please download >>>OTL<<< to your Desktop:
    • Double click on the to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    In your next reply, please post the following logs:

    OTL/txt
    Extras.txt


    Thank you,

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  5. #25
    Member
    Join Date
    Jan 2013
    Posts
    18
    Points
    0

    Default

    When I did the hijackthis scan I remember checking the utorrent entry... I don't really use utorrent much but I guessing that still wouldnt keep me from getting my pc infected.

    OTL.TXT

    OTL logfile created on: 3/5/2013 1:38:25 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cris\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1022.07 Mb Total Physical Memory | 699.70 Mb Available Physical Memory | 68.46% Memory free
    2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.25% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144.31 Gb Total Space | 107.70 Gb Free Space | 74.63% Space Free | Partition Type: NTFS
    Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: D6S1VN91 | User Name: Cris | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/03/05 01:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    PRC - [2013/02/01 00:44:11 | 001,075,024 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe
    PRC - [2013/01/22 19:03:02 | 028,792,168 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe
    PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
    PRC - [2012/12/10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
    PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
    PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
    PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
    PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
    PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/01/31 13:40:19 | 003,391,488 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bd40b31f\mscorlib.dll
    MOD - [2013/01/31 13:39:19 | 001,966,080 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_01bdb5ee\System.dll
    MOD - [2013/01/02 00:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
    MOD - [2012/10/11 21:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/10/11 21:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
    MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


    ========== Services (SafeList) ==========

    SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/12/10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
    SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
    SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
    DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
    DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
    DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
    DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
    DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
    DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
    DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
    DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
    DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
    DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
    DRV - [2006/03/15 13:38:11 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2005/11/16 15:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
    DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
    DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
    DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
    DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
    DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
    DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
    DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
    DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
    DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2004/06/09 10:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
    DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
    DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = Dell Start Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dell Search Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = Dell Start Page
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Bing

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Start Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {4D77C07B-1350-4AD3-A842-E8C07C1976E9}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{4D77C07B-1350-4AD3-A842-E8C07C1976E9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\..\SearchScopes\{E067F89A-5868-4DD2-94BC-0567FC9CFE22}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=mcafee&hsimp=yhs-01&type=mcafee&p={SearchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/03/04 23:57:03 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/02/18 16:03:55 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Dell Start Page
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    CHR - Extension: Google Docs = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: Missing e = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: SiteAdvisor = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
    CHR - Extension: Morpheon Dark = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
    O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKCU..\Run: [uTorrent] C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.)
    O4 - Startup: C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1359438224484 (WUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downlo...oadManager.cab (Microsoft Download Manager ActiveX control)
    O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0CD45C5-0E00-4C81-B904-244CD88DDC03}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/03/05 01:30:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/02/28 02:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Desktop\Unused Desktop Shortcuts
    [2013/02/23 16:28:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My DVDs
    [2013/02/23 16:15:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
    [2013/02/19 01:53:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
    [2013/02/19 01:53:29 | 000,000,000 | ---D | C] -- C:\JRT
    [2013/02/18 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
    [2013/02/18 15:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
    [2013/02/18 15:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2013/02/18 15:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Sonic
    [2013/02/18 15:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/15 21:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Start Menu\Programs\HiJackThis
    [2013/02/15 21:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2013/02/14 15:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/02/14 15:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
    [2013/02/14 15:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/02/14 15:19:52 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2013/02/14 15:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 15:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
    [2013/02/14 15:15:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2013/02/14 15:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\MFAData
    [2013/02/14 15:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 15:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Avg2013
    [2013/02/13 17:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2013/02/13 17:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2013/02/13 17:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2013/02/13 17:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/13 17:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2013/02/13 17:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2013/02/13 13:05:23 | 000,000,000 | ---D | C] -- C:\aacebe15304883b3ad625d
    [2013/02/11 01:13:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My Data Sources
    [2013/02/09 04:32:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2013/02/09 04:32:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Sun
    [2013/02/09 04:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2013/02/08 18:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
    [2013/02/08 14:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\WMTools Downloaded Files
    [2013/02/07 09:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Apple Computer
    [2013/02/07 09:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
    [2013/02/07 09:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2013/02/07 09:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2013/02/07 09:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2013/02/07 09:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Apple
    [2013/02/07 09:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2013/02/07 09:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2013/02/07 09:19:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Apple Computer
    [2013/02/07 09:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\My Documents\My Videos
    [2013/02/04 02:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
    [2013/02/04 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
    [2013/02/04 01:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
    [2013/02/04 01:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft Help
    [2013/02/04 01:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    [2013/02/04 01:57:50 | 000,000,000 | RH-D | C] -- C:\MSOCache
    [2013/02/04 01:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\ImgBurn
    [2013/02/04 01:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
    [2013/02/04 01:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/03/05 01:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/03/05 00:54:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/03/04 23:56:26 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/03/04 23:56:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/03/04 23:56:19 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
    [2013/03/04 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
    [2013/03/04 18:58:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
    [2013/03/04 14:00:01 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
    [2013/03/04 10:10:01 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
    [2013/03/02 00:09:39 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/03/01 18:28:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/03/01 11:41:39 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2013/02/24 22:44:13 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 13:36:09 | 000,452,610 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/02/24 13:36:09 | 000,073,954 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/02/24 04:26:59 | 000,001,021 | ---- | M] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/24 04:06:00 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/24 04:05:05 | 000,261,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013/02/23 18:43:56 | 000,134,278 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/23 16:15:30 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat
    [2013/02/23 16:15:02 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\Media Center.lnk
    [2013/02/23 05:07:05 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2013/02/15 20:39:09 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/14 15:21:35 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/02/13 17:14:59 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/13 13:04:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2013/02/12 16:22:27 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 02:58:39 | 006,436,560 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com Xceed Home) -- C:\Documents and Settings\Cris\My Documents\R114282.EXE
    [2013/02/07 09:21:59 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2013/02/05 21:16:40 | 000,000,886 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\faraday_en.jnlp
    [2013/02/04 01:39:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013/02/04 01:24:22 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\BootImage.ima
    [2013/02/04 01:15:53 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
    [2013/02/04 01:15:53 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/02/24 22:44:13 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 04:26:59 | 000,001,021 | ---- | C] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/23 18:43:55 | 000,134,278 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/15 21:31:06 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/15 20:38:59 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/14 15:21:35 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/02/13 17:14:59 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/12 16:21:57 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 03:25:21 | 000,001,989 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\Adobe Photoshop CS5.lnk
    [2013/02/07 09:32:23 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/02/07 09:21:59 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2013/02/07 09:20:05 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/02/07 09:19:47 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2013/02/05 21:12:44 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\faraday_en.jnlp
    [2013/02/04 01:24:18 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\BootImage.ima
    [2013/02/04 01:15:53 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
    [2013/02/04 01:15:53 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
    [2013/02/02 23:21:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\.NANotifyHere
    [2013/01/31 13:06:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2013/01/28 23:15:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2013/01/28 23:12:48 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat

    ========== ZeroAccess Check ==========

    [2005/08/16 04:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2013/02/13 17:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/14 15:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 15:15:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
    [2013/03/05 01:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 15:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/03/05 01:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Dropbox
    [2013/02/04 01:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\ImgBurn
    [2013/02/18 15:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/14 15:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/03/05 01:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\uTorrent

    ========== Purity Check ==========



    < End of report >

    Extras.txt

    OTL Extras logfile created on: 3/5/2013 1:38:25 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cris\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1022.07 Mb Total Physical Memory | 699.70 Mb Available Physical Memory | 68.46% Memory free
    2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.25% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144.31 Gb Total Space | 107.70 Gb Free Space | 74.63% Space Free | Partition Type: NTFS
    Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: D6S1VN91 | User Name: Cris | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 1
    "FirewallDisableNotify" = 1
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe:*:Enabledropbox -- (Dropbox, Inc.)
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
    "C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe" = C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
    "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
    "C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{05410000-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Encyclopedia Deluxe 2005
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
    "{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
    "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
    "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
    "{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
    "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
    "{22644FC4-9EA9-4F67-A76C-91C51E9E0963}" = AVG 2013
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
    "{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
    "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
    "{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
    "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
    "{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
    "{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
    "{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
    "{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
    "{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
    "{6F8CBBFB-7986-4140-91EC-D8C7F1EC8DF3}" = AVG 2013
    "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
    "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
    "{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
    "{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
    "{88FD4472-F950-4083-A6FA-A829AC785B04}" = HP Deskjet 2050 J510 series Product Improvement Study
    "{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
    "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
    "{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}" = 924PLC32
    "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
    "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
    "{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
    "{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}" = HP Deskjet 2050 J510 series Basic Device Software
    "{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
    "{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Google
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
    "ATI Display Driver" = ATI Display Driver
    "AVG" = AVG 2013
    "B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
    "CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
    "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
    "Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
    "EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    "ESPNMotion" = ESPNMotion
    "Google Chrome" = Google Chrome
    "ie8" = Windows Internet Explorer 8
    "ImgBurn" = ImgBurn
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Money2005b" = Microsoft Money 2005
    "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
    "Office14.SingleImage" = Microsoft Office Home and Student 2010
    "PROSet" = Intel(R) PRO Network Connections Drivers
    "RealPlayer 6.0" = RealPlayer Basic
    "Shockwave" = Shockwave
    "StreetPlugin" = Learn2 Player (Uninstall Only)
    "uTorrent" = µTorrent
    "WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
    "WildTangent CDA" = WildTangent Web Driver
    "Windows Media Format Runtime" = Windows Media Format Runtime
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinRAR archiver" = WinRAR 4.20 (32-bit)

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2/14/2013 6:22:45 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:47 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:48 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:50 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:51 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:52 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:54 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/27/2013 10:29:43 PM | Computer Name = D6S1VN91 | Source = Office Software Protection Platform Service | ID = 8200
    Description = License acquisition failure details. hr=0xC004C032

    Error - 2/27/2013 10:29:43 PM | Computer Name = D6S1VN91 | Source = Office Software Protection Platform Service | ID = 1014
    Description = Acquisition of End User License failed. hr=0xC004C032 Sku Id=3850c794-b06f-4633-b02f-8ac4df0a059f

    Error - 2/28/2013 5:04:26 AM | Computer Name = D6S1VN91 | Source = Application Error | ID = 1000
    Description = Faulting application photoshop.exe, version 0.0.0.0, faulting module
    , version 0.0.0.0, fault address 0x00000000.

    [ System Events ]
    Error - 2/2/2013 3:09:32 AM | Computer Name = D6S1VN91 | Source = Cdrom | ID = 262151
    Description = The device, \Device\CdRom0, has a bad block.

    Error - 2/2/2013 3:09:34 AM | Computer Name = D6S1VN91 | Source = Cdrom | ID = 262151
    Description = The device, \Device\CdRom0, has a bad block.

    Error - 2/2/2013 3:09:36 AM | Computer Name = D6S1VN91 | Source = Cdrom | ID = 262151
    Description = The device, \Device\CdRom0, has a bad block.

    Error - 2/11/2013 2:53:03 AM | Computer Name = D6S1VN91 | Source = Print | ID = 6161
    Description = The document Microsoft Word - Pintor_Cristian_3B_Memphis_Newsletter
    owned by Cris failed to print on printer HP Deskjet 2050 J510 series. Data type:
    NT EMF 1.008. Size of the spool file in bytes: 1900544. Number of bytes printed:
    1810636. Total number of pages in the document: 1. Number of pages printed: 1.
    Client machine: \\D6S1VN91. Win32 error code returned by the print processor: 0
    (0x0).

    Error - 2/14/2013 6:21:49 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7034
    Description = The McAfee.com McShield service terminated unexpectedly. It has done
    this 1 time(s).

    Error - 2/15/2013 10:10:13 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5

    Error - 2/15/2013 10:10:13 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5

    Error - 2/16/2013 5:32:07 AM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7034
    Description = The McAfee.com McShield service terminated unexpectedly. It has done
    this 1 time(s).

    Error - 2/16/2013 6:07:07 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5

    Error - 2/16/2013 6:07:07 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5


    < End of report >

  6. #26
    Member
    Join Date
    Jan 2013
    Posts
    18
    Points
    0

    Default

    Sorry I havent replied but when I did the hijackthis scan I remember checking the utorrent entry... I don't really use utorrent much but I guessing that still wouldnt keep me from getting my pc infected.

    Anyways here are the logs you requested

    OTL.TXT

    OTL logfile created on: 3/5/2013 1:38:25 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cris\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1022.07 Mb Total Physical Memory | 699.70 Mb Available Physical Memory | 68.46% Memory free
    2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.25% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144.31 Gb Total Space | 107.70 Gb Free Space | 74.63% Space Free | Partition Type: NTFS
    Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: D6S1VN91 | User Name: Cris | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/03/05 01:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    PRC - [2013/02/01 00:44:11 | 001,075,024 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe
    PRC - [2013/01/22 19:03:02 | 028,792,168 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe
    PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
    PRC - [2012/12/10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
    PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
    PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
    PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
    PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
    PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/01/31 13:40:19 | 003,391,488 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bd40b31f\mscorlib.dll
    MOD - [2013/01/31 13:39:19 | 001,966,080 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_01bdb5ee\System.dll
    MOD - [2013/01/02 00:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
    MOD - [2012/10/11 21:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/10/11 21:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
    MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


    ========== Services (SafeList) ==========

    SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/12/10 11:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
    SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
    SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
    DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
    DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
    DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
    DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
    DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
    DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
    DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
    DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
    DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
    DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
    DRV - [2006/03/15 13:38:11 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2005/11/16 15:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
    DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
    DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
    DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
    DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
    DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
    DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
    DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
    DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
    DRV - [2005/08/04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2004/06/09 10:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
    DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
    DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = Dell Start Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dell Search Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = Dell Start Page
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Bing

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Start Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {4D77C07B-1350-4AD3-A842-E8C07C1976E9}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{4D77C07B-1350-4AD3-A842-E8C07C1976E9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\..\SearchScopes\{E067F89A-5868-4DD2-94BC-0567FC9CFE22}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=mcafee&hsimp=yhs-01&type=mcafee&p={SearchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/03/04 23:57:03 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/02/18 16:03:55 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Dell Start Page
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.97\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    CHR - Extension: Google Docs = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: Missing e = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: SiteAdvisor = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
    CHR - Extension: Morpheon Dark = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
    O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKCU..\Run: [uTorrent] C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.)
    O4 - Startup: C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1359438224484 (WUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downlo...oadManager.cab (Microsoft Download Manager ActiveX control)
    O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0CD45C5-0E00-4C81-B904-244CD88DDC03}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/03/05 01:30:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/02/28 02:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Desktop\Unused Desktop Shortcuts
    [2013/02/23 16:28:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My DVDs
    [2013/02/23 16:15:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
    [2013/02/19 01:53:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
    [2013/02/19 01:53:29 | 000,000,000 | ---D | C] -- C:\JRT
    [2013/02/18 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
    [2013/02/18 15:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
    [2013/02/18 15:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2013/02/18 15:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Sonic
    [2013/02/18 15:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/15 21:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Start Menu\Programs\HiJackThis
    [2013/02/15 21:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2013/02/14 15:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/02/14 15:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
    [2013/02/14 15:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/02/14 15:19:52 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2013/02/14 15:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 15:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
    [2013/02/14 15:15:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2013/02/14 15:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\MFAData
    [2013/02/14 15:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 15:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Avg2013
    [2013/02/13 17:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2013/02/13 17:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2013/02/13 17:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2013/02/13 17:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/13 17:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2013/02/13 17:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2013/02/13 13:05:23 | 000,000,000 | ---D | C] -- C:\aacebe15304883b3ad625d
    [2013/02/11 01:13:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My Data Sources
    [2013/02/09 04:32:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2013/02/09 04:32:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Sun
    [2013/02/09 04:32:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2013/02/08 18:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
    [2013/02/08 14:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\WMTools Downloaded Files
    [2013/02/07 09:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Apple Computer
    [2013/02/07 09:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
    [2013/02/07 09:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
    [2013/02/07 09:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
    [2013/02/07 09:20:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
    [2013/02/07 09:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Apple
    [2013/02/07 09:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
    [2013/02/07 09:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
    [2013/02/07 09:19:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Apple Computer
    [2013/02/07 09:15:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\My Documents\My Videos
    [2013/02/04 02:04:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
    [2013/02/04 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
    [2013/02/04 01:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
    [2013/02/04 01:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft Help
    [2013/02/04 01:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    [2013/02/04 01:57:50 | 000,000,000 | RH-D | C] -- C:\MSOCache
    [2013/02/04 01:20:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\ImgBurn
    [2013/02/04 01:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
    [2013/02/04 01:15:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ImgBurn
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/03/05 01:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/03/05 00:54:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/03/04 23:56:26 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/03/04 23:56:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/03/04 23:56:19 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
    [2013/03/04 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
    [2013/03/04 18:58:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
    [2013/03/04 14:00:01 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
    [2013/03/04 10:10:01 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
    [2013/03/02 00:09:39 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/03/01 18:28:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/03/01 11:41:39 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2013/02/24 22:44:13 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 13:36:09 | 000,452,610 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/02/24 13:36:09 | 000,073,954 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/02/24 04:26:59 | 000,001,021 | ---- | M] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/24 04:06:00 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/24 04:05:05 | 000,261,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013/02/23 18:43:56 | 000,134,278 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/23 16:15:30 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat
    [2013/02/23 16:15:02 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\Media Center.lnk
    [2013/02/23 05:07:05 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2013/02/15 20:39:09 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/14 15:21:35 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/02/13 17:14:59 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/13 13:04:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2013/02/12 16:22:27 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 02:58:39 | 006,436,560 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com Xceed Home) -- C:\Documents and Settings\Cris\My Documents\R114282.EXE
    [2013/02/07 09:21:59 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2013/02/05 21:16:40 | 000,000,886 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\faraday_en.jnlp
    [2013/02/04 01:39:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013/02/04 01:24:22 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\BootImage.ima
    [2013/02/04 01:15:53 | 000,001,546 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
    [2013/02/04 01:15:53 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
    [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/02/24 22:44:13 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 04:26:59 | 000,001,021 | ---- | C] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/23 18:43:55 | 000,134,278 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/15 21:31:06 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/15 20:38:59 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/14 15:21:35 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/02/13 17:14:59 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/12 16:21:57 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 03:25:21 | 000,001,989 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\Adobe Photoshop CS5.lnk
    [2013/02/07 09:32:23 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/02/07 09:21:59 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
    [2013/02/07 09:20:05 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/02/07 09:19:47 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
    [2013/02/05 21:12:44 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\faraday_en.jnlp
    [2013/02/04 01:24:18 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\BootImage.ima
    [2013/02/04 01:15:53 | 000,001,546 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
    [2013/02/04 01:15:53 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
    [2013/02/02 23:21:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\.NANotifyHere
    [2013/01/31 13:06:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2013/01/28 23:15:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2013/01/28 23:12:48 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat

    ========== ZeroAccess Check ==========

    [2005/08/16 04:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2013/02/13 17:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/14 15:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 15:15:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
    [2013/03/05 01:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 15:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/03/05 01:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Dropbox
    [2013/02/04 01:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\ImgBurn
    [2013/02/18 15:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/14 15:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/03/05 01:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\uTorrent

    ========== Purity Check ==========



    < End of report >

    Extras.txt

    OTL Extras logfile created on: 3/5/2013 1:38:25 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cris\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1022.07 Mb Total Physical Memory | 699.70 Mb Available Physical Memory | 68.46% Memory free
    2.40 Gb Paging File | 1.93 Gb Available in Paging File | 80.25% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144.31 Gb Total Space | 107.70 Gb Free Space | 74.63% Space Free | Partition Type: NTFS
    Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: D6S1VN91 | User Name: Cris | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 1
    "FirewallDisableNotify" = 1
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe:*:Enabledropbox -- (Dropbox, Inc.)
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup -- (Hewlett-Packard Co.)
    "C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe" = C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
    "C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
    "C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
    "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{05410000-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Encyclopedia Deluxe 2005
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
    "{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
    "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
    "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
    "{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
    "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
    "{22644FC4-9EA9-4F67-A76C-91C51E9E0963}" = AVG 2013
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
    "{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
    "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
    "{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
    "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
    "{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
    "{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
    "{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
    "{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
    "{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
    "{6F8CBBFB-7986-4140-91EC-D8C7F1EC8DF3}" = AVG 2013
    "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
    "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
    "{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
    "{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
    "{88FD4472-F950-4083-A6FA-A829AC785B04}" = HP Deskjet 2050 J510 series Product Improvement Study
    "{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
    "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
    "{94721EA3-7EA6-43EA-B99C-A5D0E3C66240}" = 924PLC32
    "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
    "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
    "{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
    "{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}" = HP Deskjet 2050 J510 series Basic Device Software
    "{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
    "{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Google
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
    "ATI Display Driver" = ATI Display Driver
    "AVG" = AVG 2013
    "B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
    "CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
    "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
    "Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
    "EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    "ESPNMotion" = ESPNMotion
    "Google Chrome" = Google Chrome
    "ie8" = Windows Internet Explorer 8
    "ImgBurn" = ImgBurn
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Money2005b" = Microsoft Money 2005
    "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
    "Office14.SingleImage" = Microsoft Office Home and Student 2010
    "PROSet" = Intel(R) PRO Network Connections Drivers
    "RealPlayer 6.0" = RealPlayer Basic
    "Shockwave" = Shockwave
    "StreetPlugin" = Learn2 Player (Uninstall Only)
    "uTorrent" = µTorrent
    "WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
    "WildTangent CDA" = WildTangent Web Driver
    "Windows Media Format Runtime" = Windows Media Format Runtime
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinRAR archiver" = WinRAR 4.20 (32-bit)

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Dropbox" = Dropbox

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2/14/2013 6:22:45 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:47 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:48 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:50 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:51 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:52 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/14/2013 6:22:54 PM | Computer Name = D6S1VN91 | Source = ESENT | ID = 490
    Description = svchost (1728) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
    for read / write access failed with system error 32 (0x00000020): "The process
    cannot access the file because it is being used by another process. ". The open
    file operation will fail with error -1032 (0xfffffbf8).

    Error - 2/27/2013 10:29:43 PM | Computer Name = D6S1VN91 | Source = Office Software Protection Platform Service | ID = 8200
    Description = License acquisition failure details. hr=0xC004C032

    Error - 2/27/2013 10:29:43 PM | Computer Name = D6S1VN91 | Source = Office Software Protection Platform Service | ID = 1014
    Description = Acquisition of End User License failed. hr=0xC004C032 Sku Id=3850c794-b06f-4633-b02f-8ac4df0a059f

    Error - 2/28/2013 5:04:26 AM | Computer Name = D6S1VN91 | Source = Application Error | ID = 1000
    Description = Faulting application photoshop.exe, version 0.0.0.0, faulting module
    , version 0.0.0.0, fault address 0x00000000.

    [ System Events ]
    Error - 2/2/2013 3:09:32 AM | Computer Name = D6S1VN91 | Source = Cdrom | ID = 262151
    Description = The device, \Device\CdRom0, has a bad block.

    Error - 2/2/2013 3:09:34 AM | Computer Name = D6S1VN91 | Source = Cdrom | ID = 262151
    Description = The device, \Device\CdRom0, has a bad block.

    Error - 2/2/2013 3:09:36 AM | Computer Name = D6S1VN91 | Source = Cdrom | ID = 262151
    Description = The device, \Device\CdRom0, has a bad block.

    Error - 2/11/2013 2:53:03 AM | Computer Name = D6S1VN91 | Source = Print | ID = 6161
    Description = The document Microsoft Word - Pintor_Cristian_3B_Memphis_Newsletter
    owned by Cris failed to print on printer HP Deskjet 2050 J510 series. Data type:
    NT EMF 1.008. Size of the spool file in bytes: 1900544. Number of bytes printed:
    1810636. Total number of pages in the document: 1. Number of pages printed: 1.
    Client machine: \\D6S1VN91. Win32 error code returned by the print processor: 0
    (0x0).

    Error - 2/14/2013 6:21:49 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7034
    Description = The McAfee.com McShield service terminated unexpectedly. It has done
    this 1 time(s).

    Error - 2/15/2013 10:10:13 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5

    Error - 2/15/2013 10:10:13 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5

    Error - 2/16/2013 5:32:07 AM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7034
    Description = The McAfee.com McShield service terminated unexpectedly. It has done
    this 1 time(s).

    Error - 2/16/2013 6:07:07 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5

    Error - 2/16/2013 6:07:07 PM | Computer Name = D6S1VN91 | Source = Service Control Manager | ID = 7006
    Description = The ScRegSetValueExW call failed for FailureActions with the following
    error: %%5


    < End of report >

  7. #27
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,524
    Points
    563

    Default

    Hi raf1314,

    I don't really use utorrent much but I guessing that still wouldnt keep me from getting my pc infected.
    uTorrent itself, along with the many other P2P Programs are designed to distribute or receive files. P2P Programs them selves, may not contain viruses, though it is always possible to inadvertently obtain a virus by downloading an infected file. All it takes is one time, one bad file to get infected. You just have to be aware of where the files that you download come from. I've known friends to share files that they do not realize are infected till it's too late.

    Researching logs can take some time, please be patient while we have a look at yours.

    Have you had any sound issues since we fixed the majority of the unnecessary startup programs with HJT?

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  8. #28
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Hi raf1314,

    Just a few items to clean up in the log,

    We need to run an OTL Fix first.

    Run again





    Code:
    :commands
    [CreateRestorePoint]
    
    :otl
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    O4 - HKLM..\Run: [] File not found
    O4 - HKCU..\Run: [uTorrent] C:\Documents and Settings\Cris\Application Data\uTorrent\uTorrent.exe (BitTorrent Inc.)
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    [2013/02/18 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
    [2013/02/18 15:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
    
    :commands
    [emptytemp]
    • Under the Custom Scans/Fixes box at the bottom, paste in the text above into the code box. Not the word code! Just what's in the box.
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
    • If you lose the report, there will be a copy here
    • C:\_OTL\MovedFiles


    Next

    We uninstalled Adobe Reader because it was so out-dated. Adobe Reader is used to read PDF files, so you should have a reader to do that, I'm going to suggest one below for you, the first link is the download. Additional information is provided in the second link for you.

    Download Sumatra PDF - a free reader

    Security Garden: tutorial

    In your next reply post the,

    • OTL "Fix Log"
    • Let us know how your sound is going.


    Joe

  9. #29
    Member
    Join Date
    Jan 2013
    Posts
    18
    Points
    0

    Default

    OTL logfile created on: 3/11/2013 11:28:23 AM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cris\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1022.07 Mb Total Physical Memory | 265.89 Mb Available Physical Memory | 26.01% Memory free
    2.40 Gb Paging File | 1.55 Gb Available in Paging File | 64.38% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144.31 Gb Total Space | 117.59 Gb Free Space | 81.49% Space Free | Partition Type: NTFS
    Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: D6S1VN91 | User Name: Cris | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/03/05 02:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    PRC - [2013/02/28 18:08:21 | 001,274,832 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/01/22 20:03:02 | 028,792,168 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe
    PRC - [2012/12/11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
    PRC - [2012/12/10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
    PRC - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
    PRC - [2012/10/30 05:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
    PRC - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    PRC - [2012/10/22 14:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
    PRC - [2012/10/22 14:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
    PRC - [2012/10/22 14:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/02/28 18:08:19 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll
    MOD - [2013/02/28 18:08:18 | 012,637,136 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
    MOD - [2013/02/28 18:08:16 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
    MOD - [2013/02/28 18:07:21 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll
    MOD - [2013/01/31 14:40:19 | 003,391,488 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bd40b31f\mscorlib.dll
    MOD - [2013/01/31 14:39:19 | 001,966,080 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_01bdb5ee\System.dll
    MOD - [2013/01/29 00:51:57 | 004,537,856 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.3.0\libGLESv2.dll
    MOD - [2013/01/29 00:51:57 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.3.0\libEGL.dll
    MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
    MOD - [2012/10/11 22:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/10/11 22:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
    MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
    SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/12/10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
    SRV - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)


    ========== Driver Services (SafeList) ==========

    DRV - [2012/11/16 00:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
    DRV - [2012/10/22 14:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
    DRV - [2012/10/15 04:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
    DRV - [2012/10/02 04:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
    DRV - [2012/09/21 04:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
    DRV - [2012/09/21 04:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
    DRV - [2012/09/21 04:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
    DRV - [2012/09/14 04:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
    DRV - [2012/01/12 20:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
    DRV - [2012/01/12 20:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
    DRV - [2006/03/15 14:38:11 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2005/11/16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
    DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
    DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
    DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
    DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
    DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
    DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
    DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
    DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
    DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2004/06/09 11:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
    DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
    DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = Dell Start Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dell Search Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = Dell Start Page
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Bing

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Start Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {4D77C07B-1350-4AD3-A842-E8C07C1976E9}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{4D77C07B-1350-4AD3-A842-E8C07C1976E9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\..\SearchScopes\{E067F89A-5868-4DD2-94BC-0567FC9CFE22}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=mcafee&hsimp=yhs-01&type=mcafee&p={SearchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/03/11 11:23:53 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Dell Start Page
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    CHR - Extension: Google Docs = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: Missing e = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Morpheon Dark = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
    O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - Startup: C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1359438224484 (WUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downlo...oadManager.cab (Microsoft Download Manager ActiveX control)
    O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0CD45C5-0E00-4C81-B904-244CD88DDC03}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll File not found
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll File not found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/03/11 11:11:50 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013/03/08 09:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
    [2013/03/05 02:30:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/02/28 03:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Desktop\Unused Desktop Shortcuts
    [2013/02/23 17:28:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My DVDs
    [2013/02/23 17:15:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
    [2013/02/19 02:53:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
    [2013/02/19 02:53:29 | 000,000,000 | ---D | C] -- C:\JRT
    [2013/02/18 16:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2013/02/18 16:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Sonic
    [2013/02/18 16:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/15 22:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Start Menu\Programs\HiJackThis
    [2013/02/15 22:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2013/02/14 16:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/02/14 16:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/02/14 16:19:52 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2013/02/14 16:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 16:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
    [2013/02/14 16:15:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2013/02/14 16:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\MFAData
    [2013/02/14 16:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 16:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Avg2013
    [2013/02/13 18:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2013/02/13 18:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2013/02/13 18:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2013/02/13 18:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/13 18:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2013/02/13 18:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2013/02/13 14:05:23 | 000,000,000 | ---D | C] -- C:\aacebe15304883b3ad625d
    [2013/02/11 02:13:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My Data Sources
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/03/11 11:15:42 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/03/11 11:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/03/11 11:15:35 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
    [2013/03/11 10:54:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/03/11 10:10:01 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
    [2013/03/11 00:44:34 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2013/03/10 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
    [2013/03/10 18:58:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
    [2013/03/10 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
    [2013/03/10 08:09:37 | 000,452,610 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/03/10 08:09:37 | 000,073,954 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/03/08 19:28:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/03/08 09:50:43 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/03/08 03:16:14 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Adobe BMP Format CS5 Prefs
    [2013/03/05 12:01:01 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2013/03/05 02:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/03/02 01:09:39 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/02/24 23:44:13 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 05:26:59 | 000,001,021 | ---- | M] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/24 05:06:00 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/24 05:05:05 | 000,261,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013/02/23 19:43:56 | 000,134,278 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/23 17:15:30 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat
    [2013/02/23 17:15:02 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\Media Center.lnk
    [2013/02/15 21:39:09 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/13 18:14:59 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/13 14:04:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2013/02/12 17:22:27 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 03:58:39 | 006,436,560 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com Xceed Home) -- C:\Documents and Settings\Cris\My Documents\R114282.EXE
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/03/08 02:27:36 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Adobe BMP Format CS5 Prefs
    [2013/02/24 23:44:13 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 05:26:59 | 000,001,021 | ---- | C] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/23 19:43:55 | 000,134,278 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/15 22:31:06 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/15 21:38:59 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/14 16:21:35 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/02/13 18:14:59 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/12 17:21:57 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 04:25:21 | 000,001,989 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\Adobe Photoshop CS5.lnk
    [2013/02/07 10:32:23 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/02/03 00:21:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\.NANotifyHere
    [2013/01/31 14:06:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2013/01/29 00:15:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2013/01/29 00:12:48 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat

    ========== ZeroAccess Check ==========

    [2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2013/02/13 18:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/14 16:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 16:15:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
    [2013/03/11 11:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 16:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/03/11 11:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Dropbox
    [2013/02/04 02:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\ImgBurn
    [2013/02/18 16:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/14 16:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/03/11 11:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\uTorrent

    ========== Purity Check ==========



    < End of report >

    My sound is doing fine, its working properly again so thank you but lately I've been experiencing some video problems with videos on youtube... the video simply stops playing and and also pages take forever to load and eventually I get an error but I didn't have the chance to copy down that error.

  10. #30
    Member
    Join Date
    Jan 2013
    Posts
    18
    Points
    0

    Default

    OTL logfile created on: 3/11/2013 11:28:23 AM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Cris\Desktop
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1022.07 Mb Total Physical Memory | 265.89 Mb Available Physical Memory | 26.01% Memory free
    2.40 Gb Paging File | 1.55 Gb Available in Paging File | 64.38% Paging File free
    Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 144.31 Gb Total Space | 117.59 Gb Free Space | 81.49% Space Free | Partition Type: NTFS
    Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: D6S1VN91 | User Name: Cris | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/03/05 02:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    PRC - [2013/02/28 18:08:21 | 001,274,832 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
    PRC - [2013/01/22 20:03:02 | 028,792,168 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe
    PRC - [2012/12/11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
    PRC - [2012/12/10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
    PRC - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
    PRC - [2012/10/30 05:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
    PRC - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    PRC - [2012/10/22 14:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
    PRC - [2012/10/22 14:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
    PRC - [2012/10/22 14:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
    PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/02/28 18:08:19 | 000,459,728 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppgooglenaclpluginchrome.dll
    MOD - [2013/02/28 18:08:18 | 012,637,136 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
    MOD - [2013/02/28 18:08:16 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
    MOD - [2013/02/28 18:07:21 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\25.0.1364.152\ffmpegsumo.dll
    MOD - [2013/01/31 14:40:19 | 003,391,488 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bd40b31f\mscorlib.dll
    MOD - [2013/01/31 14:39:19 | 001,966,080 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_01bdb5ee\System.dll
    MOD - [2013/01/29 00:51:57 | 004,537,856 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.3.0\libGLESv2.dll
    MOD - [2013/01/29 00:51:57 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\1.0.3.0\libEGL.dll
    MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
    MOD - [2012/10/11 22:56:46 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/10/11 22:56:22 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
    MOD - [2008/04/14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
    SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/12/10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
    SRV - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
    SRV - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)


    ========== Driver Services (SafeList) ==========

    DRV - [2012/11/16 00:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
    DRV - [2012/10/22 14:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
    DRV - [2012/10/15 04:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
    DRV - [2012/10/02 04:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
    DRV - [2012/09/21 04:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
    DRV - [2012/09/21 04:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
    DRV - [2012/09/21 04:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
    DRV - [2012/09/14 04:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
    DRV - [2012/01/12 20:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
    DRV - [2012/01/12 20:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
    DRV - [2006/03/15 14:38:11 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2005/11/16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2005/09/08 06:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
    DRV - [2005/09/08 06:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
    DRV - [2005/09/08 06:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
    DRV - [2005/09/08 06:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
    DRV - [2005/09/08 06:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
    DRV - [2005/09/08 06:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
    DRV - [2005/09/08 06:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
    DRV - [2005/08/25 13:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
    DRV - [2005/08/25 13:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
    DRV - [2005/08/04 05:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2004/06/09 11:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DDMI2.sys -- (SDDMI2)
    DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
    DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = Dell Start Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Dell Search Page
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = Dell Start Page
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = Bing

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Start Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Dell Search Page
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {4D77C07B-1350-4AD3-A842-E8C07C1976E9}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{4D77C07B-1350-4AD3-A842-E8C07C1976E9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKCU\..\SearchScopes\{E067F89A-5868-4DD2-94BC-0567FC9CFE22}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=mcafee&hsimp=yhs-01&type=mcafee&p={SearchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013/03/11 11:23:53 | 000,000,000 | ---D | M]
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Dell Start Page
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.152\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    CHR - Extension: Google Docs = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: Missing e = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
    CHR - Extension: YouTube = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Morpheon Dark = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad\2.0_0\
    CHR - Extension: Gmail = C:\Documents and Settings\Cris\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)
    O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
    O4 - Startup: C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Cris\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/w...?1359438224484 (WUWebControl Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/downlo...oadManager.cab (Microsoft Download Manager ActiveX control)
    O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} Oracle Technology Network for Java Developers (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0CD45C5-0E00-4C81-B904-244CD88DDC03}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll File not found
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll File not found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/03/11 11:11:50 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013/03/08 09:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
    [2013/03/05 02:30:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/02/28 03:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Desktop\Unused Desktop Shortcuts
    [2013/02/23 17:28:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My DVDs
    [2013/02/23 17:15:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Documents\MCE Logs
    [2013/02/19 02:53:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
    [2013/02/19 02:53:29 | 000,000,000 | ---D | C] -- C:\JRT
    [2013/02/18 16:50:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2013/02/18 16:05:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Sonic
    [2013/02/18 16:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/15 22:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Start Menu\Programs\HiJackThis
    [2013/02/15 22:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2013/02/14 16:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/02/14 16:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/02/14 16:19:52 | 000,000,000 | -H-D | C] -- C:\$AVG
    [2013/02/14 16:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 16:18:53 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
    [2013/02/14 16:15:22 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2013/02/14 16:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\MFAData
    [2013/02/14 16:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 16:15:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cris\Local Settings\Application Data\Avg2013
    [2013/02/13 18:14:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
    [2013/02/13 18:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2013/02/13 18:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2013/02/13 18:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/13 18:12:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
    [2013/02/13 18:11:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
    [2013/02/13 14:05:23 | 000,000,000 | ---D | C] -- C:\aacebe15304883b3ad625d
    [2013/02/11 02:13:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Cris\My Documents\My Data Sources
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/03/11 11:15:42 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013/03/11 11:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013/03/11 11:15:35 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
    [2013/03/11 10:54:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013/03/11 10:10:01 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
    [2013/03/11 00:44:34 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2013/03/10 20:40:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
    [2013/03/10 18:58:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
    [2013/03/10 14:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
    [2013/03/10 08:09:37 | 000,452,610 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013/03/10 08:09:37 | 000,073,954 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013/03/08 19:28:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2013/03/08 09:50:43 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/03/08 03:16:14 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Adobe BMP Format CS5 Prefs
    [2013/03/05 12:01:01 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
    [2013/03/05 02:30:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cris\Desktop\OTL.exe
    [2013/03/02 01:09:39 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/02/24 23:44:13 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 05:26:59 | 000,001,021 | ---- | M] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/24 05:06:00 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/24 05:05:05 | 000,261,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013/02/23 19:43:56 | 000,134,278 | ---- | M] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/23 17:15:30 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat
    [2013/02/23 17:15:02 | 000,001,394 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\Media Center.lnk
    [2013/02/15 21:39:09 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/13 18:14:59 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/13 14:04:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2013/02/12 17:22:27 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 03:58:39 | 006,436,560 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com Xceed Home) -- C:\Documents and Settings\Cris\My Documents\R114282.EXE
    [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/03/08 02:27:36 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Adobe BMP Format CS5 Prefs
    [2013/02/24 23:44:13 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\dvd.bmk
    [2013/02/24 05:26:59 | 000,001,021 | ---- | C] () -- C:\Documents and Settings\Cris\Start Menu\Programs\Startup\Dropbox.lnk
    [2013/02/23 19:43:55 | 000,134,278 | ---- | C] () -- C:\Documents and Settings\Cris\My Documents\46eJm.jpg
    [2013/02/15 22:31:06 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.lnk
    [2013/02/15 21:38:59 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\HiJackThis.msi
    [2013/02/14 16:21:35 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
    [2013/02/13 18:14:59 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
    [2013/02/12 17:21:57 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\Adobe PNG Format CS5 Prefs
    [2013/02/11 04:25:21 | 000,001,989 | ---- | C] () -- C:\Documents and Settings\Cris\Desktop\Adobe Photoshop CS5.lnk
    [2013/02/07 10:32:23 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
    [2013/02/03 00:21:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cris\Application Data\.NANotifyHere
    [2013/01/31 14:06:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2013/01/29 00:15:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
    [2013/01/29 00:12:48 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Cris\Local Settings\Application Data\fusioncache.dat

    ========== ZeroAccess Check ==========

    [2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2013/02/13 18:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2013/02/14 16:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
    [2013/02/14 16:15:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
    [2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
    [2013/03/11 11:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
    [2013/02/14 16:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\AVG2013
    [2013/03/11 11:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Dropbox
    [2013/02/04 02:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\ImgBurn
    [2013/02/18 16:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\Leadertech
    [2013/02/14 16:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\TuneUp Software
    [2013/03/11 11:11:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cris\Application Data\uTorrent

    ========== Purity Check ==========



    < End of report >

    My sound is doing fine, its working properly again so thank you but lately I've been experiencing some video problems with videos on youtube... the video simply stops playing and and also pages take forever to load and eventually I get an error but I didn't have the chance to copy down that error.

Page 3 of 4 FirstFirst 1234 LastLast