Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

This girl has a virus


  • Please log in to reply

#1
squonk

squonk

    Member

  • Member
  • PipPip
  • 40 posts
She bought a subscription to AVAST. She's explaining that her backup cd also has the virus on it. Windows defender is on here some possible ip address that is mimicking a virus (not sure if I should post it).

OTL logfile created on: 8/4/2012 1:02:44 PM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Debi Torres\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.82 Mb Total Physical Memory | 90.53 Mb Available Physical Memory | 10.12% Memory free
2.00 Gb Paging File | 0.45 Gb Available in Paging File | 22.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 73.24 Gb Total Space | 5.86 Gb Free Space | 8.01% Space Free | Partition Type: NTFS
Drive D: | 75.80 Gb Total Space | 75.35 Gb Free Space | 99.41% Space Free | Partition Type: NTFS
Drive E: | 2.53 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DEBITORRES-PC | User Name: Debi Torres | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/04 13:01:04 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Debi Torres\Desktop\OTL.exe
PRC - [2012/08/03 08:49:19 | 000,686,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
PRC - [2012/07/07 15:29:02 | 001,022,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/03 12:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/06/29 11:04:18 | 000,020,480 | ---- | M] (AG Interactive) -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/03/22 23:07:22 | 000,268,768 | ---- | M] () -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/27 18:23:28 | 002,285,056 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlccore.dll
MOD - [2012/06/27 18:23:24 | 000,051,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
MOD - [2012/06/27 18:23:24 | 000,049,664 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
MOD - [2012/06/27 18:23:22 | 001,868,288 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
MOD - [2012/06/27 18:23:22 | 001,719,296 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,386,560 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,185,856 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,043,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,043,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,042,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,041,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,040,448 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,038,400 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
MOD - [2012/06/27 18:23:22 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
MOD - [2012/06/27 18:23:20 | 010,292,224 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
MOD - [2012/06/27 18:23:20 | 001,318,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
MOD - [2012/06/27 18:23:20 | 000,372,224 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
MOD - [2012/06/27 18:23:20 | 000,265,216 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
MOD - [2012/06/27 18:23:18 | 000,263,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll
MOD - [2012/06/27 18:23:18 | 000,154,624 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
MOD - [2012/06/27 18:23:18 | 000,051,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
MOD - [2012/06/27 18:23:18 | 000,051,200 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
MOD - [2012/06/27 18:23:18 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
MOD - [2012/06/27 18:23:16 | 000,034,816 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,428,032 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,310,784 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,182,272 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,068,608 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,045,568 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
MOD - [2012/06/27 18:23:14 | 000,035,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
MOD - [2012/06/27 18:23:12 | 001,518,080 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
MOD - [2012/06/27 18:23:12 | 001,316,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,135,168 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,046,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,040,960 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,038,400 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,036,352 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,036,352 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,035,328 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
MOD - [2012/06/27 18:23:12 | 000,034,816 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
MOD - [2012/06/27 18:23:10 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,698,368 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,077,824 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,056,320 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,044,544 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,044,544 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,042,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,041,984 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,040,960 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,040,960 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
MOD - [2012/06/27 18:23:08 | 000,036,352 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
MOD - [2012/06/27 18:23:06 | 000,139,264 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
MOD - [2012/06/27 18:23:06 | 000,070,144 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
MOD - [2012/06/27 18:23:06 | 000,070,144 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
MOD - [2012/06/27 18:23:06 | 000,052,736 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
MOD - [2012/06/27 18:23:06 | 000,050,688 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
MOD - [2012/06/27 18:23:06 | 000,035,328 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll
MOD - [2012/06/27 18:23:04 | 000,219,648 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
MOD - [2012/06/27 18:23:04 | 000,091,136 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
MOD - [2012/06/27 18:23:04 | 000,083,968 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
MOD - [2012/06/27 18:23:04 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
MOD - [2012/06/27 18:23:02 | 000,724,992 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
MOD - [2012/06/27 18:23:02 | 000,440,320 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
MOD - [2012/06/27 18:23:02 | 000,198,656 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
MOD - [2012/06/27 18:23:02 | 000,092,160 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
MOD - [2012/06/27 18:23:00 | 000,111,616 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2012/06/27 18:23:00 | 000,035,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/08/03 10:49:34 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/03 12:21:27 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/03/23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/06/29 11:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Running] -- C:\Program Files\AGI\core\4.2.0.10754\AGCoreService.exe -- (AGCoreService)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/03/22 23:07:22 | 000,268,768 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010/03/22 23:05:40 | 000,960,992 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/19 03:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 03:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,202,928 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/07/03 12:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 12:21:53 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/07/03 12:21:52 | 000,113,776 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/06/27 16:33:54 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/06/23 11:23:46 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/05/20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010/04/30 18:09:44 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/04/30 18:09:22 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/04/27 14:41:10 | 000,306,016 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr70.sys -- (rt70x86)
DRV - [2010/03/09 19:37:30 | 001,389,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009/06/10 16:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/05/15 05:28:00 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/06/29 10:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/01/19 21:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/10/13 23:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2992540

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.condui...&ctid=CT3227975
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\URLSearchHook: {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{B0E460EF-B6F8-46B5-8991-BE85DA463845}: "URL" = http://search.condui...&ctid=CT3227975
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...uvazKwRpYN&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/02 11:22:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Debi Torres\AppData\Roaming\Mozilla\Firefox\Profiles\s1l5evj2.default\extensions\[email protected] [2012/04/18 16:33:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Protector by IB\Firefox

[2012/05/15 16:14:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Debi Torres\AppData\Roaming\Mozilla\Extensions
[2012/07/07 15:30:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Debi Torres\AppData\Roaming\Mozilla\Firefox\Profiles\s1l5evj2.default\extensions
[2012/07/07 15:30:03 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Debi Torres\AppData\Roaming\Mozilla\Firefox\Profiles\s1l5evj2.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/04/18 16:33:43 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Debi Torres\AppData\Roaming\Mozilla\Firefox\Profiles\s1l5evj2.default\extensions\[email protected]
[2012/04/18 16:34:46 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Debi Torres\AppData\Roaming\Mozilla\Firefox\Profiles\s1l5evj2.default\extensions\[email protected]
[2012/08/02 11:22:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: RivalGaming = C:\Users\Debi Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\
CHR - Extension: TheBflix = C:\Users\Debi Torres\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn\5.1_0\

O1 HOSTS File: ([2011/11/30 14:11:15 | 000,000,833 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B0D3574E-B41F-4FE9-B976-1E8E303095B9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CDF97EE2-DED0-4369-835E-99DD08225FA5} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C7B972A-49AE-443D-8D44-91A6D6EC89CD}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15BE2146-3986-420A-AB3F-DC4DD3C42D16}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5FC2345F-9345-499A-819F-3A7CA0AA58BB}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{87E0AD4D-A252-4E95-8972-E273353E9E75}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EB6A0E2-0D1C-4D22-A26F-736EAE0B7920}: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (c:\progra~2\bprote~1\22463~1.83\protec~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Debi Torres\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Debi Torres\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/11/02 16:00:00 | 000,000,043 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3b7d20c8-67a2-11e1-8d11-001c256984c9}\Shell - "" = AutoRun
O33 - MountPoints2\{3b7d20c8-67a2-11e1-8d11-001c256984c9}\Shell\AutoRun\command - "" = F:\MotoCastSetup.exe -a
O33 - MountPoints2\{d87c9bfe-e4c2-11e0-9b9e-001c256984c9}\Shell - "" = AutoRun
O33 - MountPoints2\{d87c9bfe-e4c2-11e0-9b9e-001c256984c9}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/04 13:02:00 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Debi Torres\Desktop\OTL.exe
[2012/08/02 14:50:43 | 000,000,000 | ---D | C] -- C:\Program Files\RegZooka
[2012/08/02 11:24:24 | 000,113,776 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2012/08/02 11:22:42 | 000,202,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2012/08/02 11:22:40 | 000,018,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2012/08/02 11:22:22 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2012/08/02 10:40:28 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\AppData\Roaming\EMCO
[2012/08/02 10:39:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EMCO
[2012/08/02 10:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\EMCO
[2012/08/02 09:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/08/02 08:47:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AMMYY
[2012/07/27 07:54:30 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\Desktop\New Folder
[2012/07/19 12:50:06 | 000,000,000 | -H-D | C] -- C:\Users\Debi Torres\Desktop\.picasaoriginals
[2012/07/18 11:03:39 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\AppData\Roaming\Apple Computer
[2012/07/18 11:03:39 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\AppData\Local\Apple Computer
[2012/07/18 11:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/18 10:59:41 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/07/18 10:59:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/07/18 10:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/18 10:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/18 10:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/07/18 10:16:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/07/17 10:08:36 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\Documents\FMREC001
[2012/07/15 07:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/15 07:30:31 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/07/15 07:29:48 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/07/15 07:29:48 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/07/15 07:29:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/07/15 07:29:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/07/13 06:03:52 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\searchplugins
[2012/07/12 22:40:17 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\AppData\Local\appbario2
[2012/07/12 21:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/07/12 21:54:29 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/07/12 21:52:59 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\Documents\searchplugins
[2012/07/12 21:52:59 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\Documents\bProtectorForWindows
[2012/07/12 21:50:05 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\AppData\Roaming\PerformerSoft
[2012/07/12 21:49:58 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2012/07/12 21:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\PC Performer
[2012/07/12 21:49:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\bProtectorForWindows
[2012/07/12 21:49:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2012/07/12 21:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows
[2012/07/12 08:45:27 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/12 08:42:35 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/12 08:42:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/12 08:42:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/12 08:42:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/12 08:42:28 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/12 08:42:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/12 08:42:25 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/11 07:59:56 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/07/07 15:30:07 | 000,000,000 | ---D | C] -- C:\Users\Debi Torres\AppData\Local\CRE
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/04 13:01:10 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/04 13:01:04 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Debi Torres\Desktop\OTL.exe
[2012/08/04 12:52:14 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/04 12:52:14 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/04 12:49:21 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/04 06:52:46 | 000,001,889 | ---- | M] () -- C:\Users\Debi Torres\Desktop\SafeZone Browser.lnk
[2012/08/04 06:52:25 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/04 06:52:25 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2012/08/04 06:52:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/03 14:56:42 | 000,088,576 | ---- | M] () -- C:\Users\Debi Torres\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/03 13:11:49 | 000,020,473 | ---- | M] () -- C:\Users\Debi Torres\Desktop\vickis view.jpg
[2012/08/03 10:49:33 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/03 10:49:33 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/02 16:11:42 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/08/02 12:57:13 | 000,022,744 | ---- | M] () -- C:\Users\Debi Torres\Desktop\533061_4528912104691_1408034007_n.jpg
[2012/08/02 11:18:16 | 000,000,104 | ---- | M] () -- C:\Users\Debi Torres\Desktop\trash.lnk
[2012/08/02 10:39:39 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\EMCO MoveOnBoot v2.lnk
[2012/08/02 09:48:34 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/08/01 14:58:15 | 005,257,574 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/01 14:58:15 | 001,722,342 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/31 15:59:00 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2012/07/31 14:22:00 | 000,001,539 | ---- | M] () -- C:\Users\Debi Torres\Desktop\REJ_9259 VS - Shortcut.lnk
[2012/07/30 14:19:09 | 000,029,014 | ---- | M] () -- C:\Users\Debi Torres\Desktop\paulquote.jpeg
[2012/07/30 13:50:29 | 000,038,118 | ---- | M] () -- C:\Users\Debi Torres\Desktop\304886_423639104354744_144488153_n.jpg
[2012/07/30 13:48:08 | 000,027,955 | ---- | M] () -- C:\Users\Debi Torres\Desktop\531704_423639184354736_1687980751_n.jpg
[2012/07/29 20:19:49 | 000,000,145 | ---- | M] () -- C:\Users\Debi Torres\Desktop\CD Drive - Shortcut.lnk
[2012/07/27 19:51:44 | 000,000,133 | ---- | M] () -- C:\Users\Debi Torres\Desktop\My Messages.url
[2012/07/26 20:50:24 | 000,000,679 | ---- | M] () -- C:\Users\Debi Torres\Documents\010 - Shortcut.lnk
[2012/07/26 20:48:44 | 004,015,795 | ---- | M] () -- C:\Users\Debi Torres\Documents\010.JPG
[2012/07/26 19:41:00 | 000,045,971 | ---- | M] () -- C:\Users\Debi Torres\Desktop\564618_266652570111404_1622132126_n.jpg
[2012/07/24 11:03:17 | 000,000,209 | ---- | M] () -- C:\Users\Debi Torres\Desktop\ui=2&view=bsp&ver=ohhl4rw8mbn4.url
[2012/07/23 16:37:01 | 000,000,379 | ---- | M] () -- C:\Users\Debi Torres\Desktop\Documents - Shortcut.lnk
[2012/07/19 17:27:10 | 000,000,209 | ---- | M] () -- C:\Users\Debi Torres\Documents\All American Pressure Cooker Parts - Pressure Cooker Outlet.url
[2012/07/19 17:21:42 | 000,064,613 | ---- | M] () -- C:\Users\Debi Torres\Documents\5536_107461910679_4358851_n.jpg
[2012/07/19 17:15:08 | 000,023,328 | ---- | M] () -- C:\Users\Debi Torres\Documents\home.htm
[2012/07/19 15:15:33 | 000,063,419 | ---- | M] () -- C:\Users\Debi Torres\Documents\182146_471303989547472_240567900_n.jpg
[2012/07/19 15:15:33 | 000,040,879 | ---- | M] () -- C:\Users\Debi Torres\Documents\552416_10150966331052304_9383026_n.jpg
[2012/07/19 14:26:46 | 000,076,315 | ---- | M] () -- C:\Users\Debi Torres\Documents\2464770400051904897XMiFCv_ph.jpg
[2012/07/19 13:00:24 | 006,737,368 | ---- | M] () -- C:\Users\Debi Torres\Documents\050.JPG
[2012/07/19 12:50:06 | 000,051,844 | ---- | M] () -- C:\Users\Debi Torres\Documents\Scott and I.jpg
[2012/07/19 11:15:30 | 000,049,821 | ---- | M] () -- C:\Users\Debi Torres\Documents\andre missy eric.jpg
[2012/07/19 11:14:52 | 000,061,498 | ---- | M] () -- C:\Users\Debi Torres\Documents\my family.jpg
[2012/07/19 09:59:07 | 000,067,401 | ---- | M] () -- C:\Users\Debi Torres\Documents\544517_10151006653726952_1846284970_n.jpg
[2012/07/19 08:08:31 | 000,032,702 | ---- | M] () -- C:\Users\Debi Torres\Documents\FriendlyWVA.jpg
[2012/07/18 14:58:06 | 000,032,768 | ---- | M] () -- C:\Users\Debi Torres\Documents\nothing-gold.jpg
[2012/07/18 12:04:14 | 000,296,720 | ---- | M] () -- C:\Users\Debi Torres\Documents\333408_446591435365333_528414214_o.jpg
[2012/07/18 11:49:52 | 000,082,370 | ---- | M] () -- C:\Users\Debi Torres\Documents\finalanalysis.jpg
[2012/07/18 11:09:00 | 000,083,816 | ---- | M] () -- C:\Users\Debi Torres\Documents\we_1.jpg
[2012/07/18 11:02:28 | 000,001,664 | ---- | M] () -- C:\Users\Debi Torres\Documents\iTunes.lnk
[2012/07/17 14:49:01 | 000,000,241 | ---- | M] () -- C:\Users\Debi Torres\Documents\Inmate Population Information Detail.url
[2012/07/17 12:03:34 | 000,027,946 | ---- | M] () -- C:\Users\Debi Torres\Documents\Aunt Edie Paula MomGrandma xmas.jpg
[2012/07/17 12:02:22 | 000,044,280 | ---- | M] () -- C:\Users\Debi Torres\Me rodeo time.jpg
[2012/07/17 12:00:51 | 000,091,926 | ---- | M] () -- C:\Users\Debi Torres\Documents\Deborah Ann And Elias.jpg
[2012/07/17 11:43:14 | 000,050,945 | ---- | M] () -- C:\Users\Debi Torres\Documents\DSC00436.JPG
[2012/07/16 09:58:36 | 000,000,291 | ---- | M] () -- C:\Users\Debi Torres\Documents\Sons of Anarchy - 2-sided SS (Navy) - BikerOrNot Store.url
[2012/07/15 07:29:14 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/07/15 07:29:14 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/07/13 16:08:16 | 000,000,185 | ---- | M] () -- C:\Users\Debi Torres\Documents\ADHS Division of Public Health Services Office of Vital Records How Do I Order a Birth-Death Record From Another State.url
[2012/07/12 21:56:32 | 000,000,859 | ---- | M] () -- C:\Users\Debi Torres\Documents\VLC media player.lnk
[2012/07/12 21:19:51 | 022,657,136 | ---- | M] () -- C:\Users\Debi Torres\Documents\vlc-2.0.2-win32.exe
[2012/07/12 10:39:38 | 000,159,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/07 15:29:04 | 000,000,776 | ---- | M] () -- C:\Users\Debi Torres\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/07/07 15:29:04 | 000,000,752 | ---- | M] () -- C:\Users\Debi Torres\Documents\µTorrent.lnk
[2012/07/05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/07/05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/07/05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/03 13:18:23 | 000,020,473 | ---- | C] () -- C:\Users\Debi Torres\Desktop\vickis view.jpg
[2012/08/02 14:39:25 | 000,001,889 | ---- | C] () -- C:\Users\Debi Torres\Desktop\SafeZone Browser.lnk
[2012/08/02 13:17:20 | 000,022,744 | ---- | C] () -- C:\Users\Debi Torres\Desktop\533061_4528912104691_1408034007_n.jpg
[2012/08/02 11:17:50 | 000,000,104 | ---- | C] () -- C:\Users\Debi Torres\Desktop\trash.lnk
[2012/08/02 10:39:39 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\EMCO MoveOnBoot v2.lnk
[2012/08/02 09:48:34 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/07/31 14:22:00 | 000,001,539 | ---- | C] () -- C:\Users\Debi Torres\Desktop\REJ_9259 VS - Shortcut.lnk
[2012/07/30 14:20:09 | 000,029,014 | ---- | C] () -- C:\Users\Debi Torres\Desktop\paulquote.jpeg
[2012/07/30 13:50:52 | 000,038,118 | ---- | C] () -- C:\Users\Debi Torres\Desktop\304886_423639104354744_144488153_n.jpg
[2012/07/30 13:48:33 | 000,027,955 | ---- | C] () -- C:\Users\Debi Torres\Desktop\531704_423639184354736_1687980751_n.jpg
[2012/07/30 10:05:59 | 002,439,293 | ---- | C] () -- C:\Users\Debi Torres\Desktop\IMG_2887.MOV
[2012/07/29 20:19:49 | 000,000,145 | ---- | C] () -- C:\Users\Debi Torres\Desktop\CD Drive - Shortcut.lnk
[2012/07/27 19:51:44 | 000,000,133 | ---- | C] () -- C:\Users\Debi Torres\Desktop\My Messages.url
[2012/07/27 11:59:32 | 004,665,839 | ---- | C] () -- C:\Users\Debi Torres\Documents\009.JPG
[2012/07/27 11:59:32 | 004,015,795 | ---- | C] () -- C:\Users\Debi Torres\Documents\010.JPG
[2012/07/27 11:59:32 | 000,000,679 | ---- | C] () -- C:\Users\Debi Torres\Documents\010 - Shortcut.lnk
[2012/07/27 11:59:31 | 005,540,399 | ---- | C] () -- C:\Users\Debi Torres\Documents\004.JPG
[2012/07/27 11:59:31 | 005,450,304 | ---- | C] () -- C:\Users\Debi Torres\Documents\008.JPG
[2012/07/27 11:59:31 | 004,733,316 | ---- | C] () -- C:\Users\Debi Torres\Documents\006.JPG
[2012/07/27 11:59:30 | 005,203,215 | ---- | C] () -- C:\Users\Debi Torres\Documents\001.JPG
[2012/07/27 11:59:30 | 002,850,725 | ---- | C] () -- C:\Users\Debi Torres\Documents\029.JPG
[2012/07/27 11:59:30 | 002,435,276 | ---- | C] () -- C:\Users\Debi Torres\Documents\027.JPG
[2012/07/27 11:59:29 | 005,293,844 | ---- | C] () -- C:\Users\Debi Torres\Documents\020.JPG
[2012/07/27 11:59:29 | 005,001,861 | ---- | C] () -- C:\Users\Debi Torres\Documents\019.JPG
[2012/07/27 11:59:28 | 005,607,256 | ---- | C] () -- C:\Users\Debi Torres\Documents\018.JPG
[2012/07/27 11:59:28 | 005,317,129 | ---- | C] () -- C:\Users\Debi Torres\Documents\011.JPG
[2012/07/27 11:59:28 | 004,685,035 | ---- | C] () -- C:\Users\Debi Torres\Documents\014.JPG
[2012/07/27 11:59:28 | 004,599,097 | ---- | C] () -- C:\Users\Debi Torres\Documents\016.JPG
[2012/07/26 19:43:16 | 000,045,971 | ---- | C] () -- C:\Users\Debi Torres\Desktop\564618_266652570111404_1622132126_n.jpg
[2012/07/24 11:03:17 | 000,000,209 | ---- | C] () -- C:\Users\Debi Torres\Desktop\ui=2&view=bsp&ver=ohhl4rw8mbn4.url
[2012/07/23 16:37:01 | 000,000,379 | ---- | C] () -- C:\Users\Debi Torres\Desktop\Documents - Shortcut.lnk
[2012/07/19 17:27:10 | 000,000,209 | ---- | C] () -- C:\Users\Debi Torres\Documents\All American Pressure Cooker Parts - Pressure Cooker Outlet.url
[2012/07/19 17:21:42 | 000,064,613 | ---- | C] () -- C:\Users\Debi Torres\Documents\5536_107461910679_4358851_n.jpg
[2012/07/19 17:15:03 | 000,023,328 | ---- | C] () -- C:\Users\Debi Torres\Documents\home.htm
[2012/07/19 15:22:27 | 000,063,419 | ---- | C] () -- C:\Users\Debi Torres\Documents\182146_471303989547472_240567900_n.jpg
[2012/07/19 15:22:07 | 000,040,879 | ---- | C] () -- C:\Users\Debi Torres\Documents\552416_10150966331052304_9383026_n.jpg
[2012/07/19 14:26:46 | 000,076,315 | ---- | C] () -- C:\Users\Debi Torres\Documents\2464770400051904897XMiFCv_ph.jpg
[2012/07/19 13:00:23 | 006,737,368 | ---- | C] () -- C:\Users\Debi Torres\Documents\050.JPG
[2012/07/19 12:50:06 | 000,051,844 | ---- | C] () -- C:\Users\Debi Torres\Documents\Scott and I.jpg
[2012/07/19 11:15:49 | 000,049,821 | ---- | C] () -- C:\Users\Debi Torres\Documents\andre missy eric.jpg
[2012/07/19 11:15:23 | 000,061,498 | ---- | C] () -- C:\Users\Debi Torres\Documents\my family.jpg
[2012/07/19 10:03:05 | 000,067,401 | ---- | C] () -- C:\Users\Debi Torres\Documents\544517_10151006653726952_1846284970_n.jpg
[2012/07/19 08:08:44 | 000,032,702 | ---- | C] () -- C:\Users\Debi Torres\Documents\FriendlyWVA.jpg
[2012/07/18 14:58:35 | 000,032,768 | ---- | C] () -- C:\Users\Debi Torres\Documents\nothing-gold.jpg
[2012/07/18 12:04:52 | 000,296,720 | ---- | C] () -- C:\Users\Debi Torres\Documents\333408_446591435365333_528414214_o.jpg
[2012/07/18 11:50:18 | 000,082,370 | ---- | C] () -- C:\Users\Debi Torres\Documents\finalanalysis.jpg
[2012/07/18 11:09:38 | 000,083,816 | ---- | C] () -- C:\Users\Debi Torres\Documents\we_1.jpg
[2012/07/18 11:02:28 | 000,001,664 | ---- | C] () -- C:\Users\Debi Torres\Documents\iTunes.lnk
[2012/07/17 14:49:01 | 000,000,241 | ---- | C] () -- C:\Users\Debi Torres\Documents\Inmate Population Information Detail.url
[2012/07/17 12:04:39 | 000,027,946 | ---- | C] () -- C:\Users\Debi Torres\Documents\Aunt Edie Paula MomGrandma xmas.jpg
[2012/07/17 12:02:43 | 000,044,280 | ---- | C] () -- C:\Users\Debi Torres\Me rodeo time.jpg
[2012/07/17 12:02:02 | 000,091,926 | ---- | C] () -- C:\Users\Debi Torres\Documents\Deborah Ann And Elias.jpg
[2012/07/17 11:43:30 | 000,050,945 | ---- | C] () -- C:\Users\Debi Torres\Documents\DSC00436.JPG
[2012/07/17 10:09:20 | 002,678,843 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2724.JPG
[2012/07/17 10:09:20 | 002,675,182 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2725.JPG
[2012/07/17 10:09:19 | 003,414,512 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2722.JPG
[2012/07/17 10:09:19 | 003,174,718 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2723.JPG
[2012/07/17 10:09:19 | 002,977,351 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2721.JPG
[2012/07/17 10:09:19 | 002,700,913 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2720.JPG
[2012/07/17 10:09:19 | 002,428,014 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2719.JPG
[2012/07/17 10:09:18 | 002,717,156 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2717.JPG
[2012/07/17 10:09:18 | 002,695,198 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2710.JPG
[2012/07/17 10:09:18 | 002,648,463 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2718.JPG
[2012/07/17 10:09:18 | 002,545,438 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2712.JPG
[2012/07/17 10:09:18 | 002,207,791 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2711.JPG
[2012/07/17 10:09:18 | 000,735,763 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2713.JPG
[2012/07/17 10:09:18 | 000,649,714 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2715.JPG
[2012/07/17 10:09:18 | 000,584,863 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2714.JPG
[2012/07/17 10:09:18 | 000,441,204 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2716.JPG
[2012/07/17 10:09:17 | 002,687,876 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2708.JPG
[2012/07/17 10:09:17 | 002,658,996 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2709.JPG
[2012/07/17 10:09:17 | 002,558,564 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2707.JPG
[2012/07/17 10:09:17 | 002,036,296 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2706.JPG
[2012/07/17 10:09:17 | 001,966,783 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2705.JPG
[2012/07/17 10:09:17 | 001,382,234 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2704.JPG
[2012/07/17 10:09:16 | 002,639,623 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2703.JPG
[2012/07/17 10:09:16 | 002,601,802 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2701.JPG
[2012/07/17 10:09:16 | 002,506,715 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2702.JPG
[2012/07/17 10:09:16 | 002,249,831 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2699.JPG
[2012/07/17 10:09:16 | 002,237,647 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2700.JPG
[2012/07/17 10:09:16 | 002,085,523 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2698.JPG
[2012/07/17 10:09:16 | 001,778,025 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2697.JPG
[2012/07/17 10:09:15 | 002,561,357 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2696.JPG
[2012/07/17 10:09:15 | 002,099,776 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2690.JPG
[2012/07/17 10:09:15 | 002,044,714 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2695.JPG
[2012/07/17 10:09:15 | 001,932,698 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2689.JPG
[2012/07/17 10:09:15 | 001,889,418 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2694.JPG
[2012/07/17 10:09:15 | 001,704,155 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2691.JPG
[2012/07/17 10:09:15 | 001,411,700 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2692.JPG
[2012/07/17 10:09:15 | 001,212,600 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2693.JPG
[2012/07/17 10:09:14 | 002,725,325 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2687.JPG
[2012/07/17 10:09:14 | 002,605,626 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2684.JPG
[2012/07/17 10:09:14 | 002,570,424 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2683.JPG
[2012/07/17 10:09:14 | 002,420,081 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2686.JPG
[2012/07/17 10:09:14 | 002,158,867 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2682.JPG
[2012/07/17 10:09:14 | 001,521,548 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2685.JPG
[2012/07/17 10:09:13 | 002,442,495 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2678.JPG
[2012/07/17 10:09:13 | 002,382,938 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2680.JPG
[2012/07/17 10:09:13 | 002,184,129 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2681.JPG
[2012/07/17 10:09:13 | 002,079,226 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2676.JPG
[2012/07/17 10:09:13 | 001,881,374 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2679.JPG
[2012/07/17 10:09:13 | 001,439,634 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2677.JPG
[2012/07/17 10:09:12 | 002,692,713 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2674.JPG
[2012/07/17 10:09:12 | 002,621,797 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2672.JPG
[2012/07/17 10:09:12 | 002,589,727 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2669.JPG
[2012/07/17 10:09:12 | 002,445,406 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2675.JPG
[2012/07/17 10:09:12 | 002,029,592 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2673.JPG
[2012/07/17 10:09:12 | 001,925,771 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2670.JPG
[2012/07/17 10:09:12 | 001,711,312 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2671.JPG
[2012/07/17 10:09:11 | 002,979,779 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2666.JPG
[2012/07/17 10:09:11 | 002,393,824 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2664.JPG
[2012/07/17 10:09:11 | 002,168,874 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2668.JPG
[2012/07/17 10:09:11 | 002,089,012 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2662.JPG
[2012/07/17 10:09:11 | 001,840,320 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2663.JPG
[2012/07/17 10:09:11 | 001,828,293 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2665.JPG
[2012/07/17 10:09:10 | 002,741,934 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2660.JPG
[2012/07/17 10:09:10 | 002,578,137 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2656.JPG
[2012/07/17 10:09:10 | 002,440,766 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2657.JPG
[2012/07/17 10:09:10 | 002,298,919 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2658.JPG
[2012/07/17 10:09:10 | 002,291,207 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2659.JPG
[2012/07/17 10:09:10 | 002,185,972 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2661.JPG
[2012/07/17 10:09:09 | 002,773,814 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2654.JPG
[2012/07/17 10:09:09 | 002,679,778 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2650.JPG
[2012/07/17 10:09:09 | 002,622,362 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2651.JPG
[2012/07/17 10:09:09 | 002,620,147 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2655.JPG
[2012/07/17 10:09:08 | 002,797,136 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2649.JPG
[2012/07/17 10:09:08 | 002,738,683 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2647.JPG
[2012/07/17 10:09:08 | 002,734,179 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2646.JPG
[2012/07/17 10:09:08 | 002,729,970 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2648.JPG
[2012/07/17 10:09:08 | 002,522,576 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2645.JPG
[2012/07/17 10:09:07 | 002,822,091 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2643.JPG
[2012/07/17 10:09:07 | 002,644,319 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2642.JPG
[2012/07/17 10:09:07 | 002,580,140 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2644.JPG
[2012/07/17 10:09:07 | 002,531,407 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2641.JPG
[2012/07/17 10:09:06 | 002,770,334 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2639.JPG
[2012/07/17 10:09:06 | 002,731,526 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2640.JPG
[2012/07/17 10:09:06 | 002,719,921 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2637.JPG
[2012/07/17 10:09:06 | 002,590,241 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2636.JPG
[2012/07/17 10:09:06 | 002,502,096 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2638.JPG
[2012/07/17 10:09:05 | 002,498,328 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2629.JPG
[2012/07/17 10:09:05 | 002,366,459 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2633.JPG
[2012/07/17 10:09:05 | 002,180,399 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2631.JPG
[2012/07/17 10:09:05 | 001,935,903 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2632.JPG
[2012/07/17 10:09:05 | 001,903,455 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2630.JPG
[2012/07/17 10:09:05 | 001,697,158 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2634.JPG
[2012/07/17 10:09:05 | 001,661,689 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2635.JPG
[2012/07/17 10:09:04 | 002,867,760 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2624.JPG
[2012/07/17 10:09:04 | 002,810,475 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2626.JPG
[2012/07/17 10:09:04 | 002,781,487 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2625.JPG
[2012/07/17 10:09:04 | 002,443,635 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2627.JPG
[2012/07/17 10:09:04 | 002,439,303 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2628.JPG
[2012/07/17 10:09:03 | 003,088,294 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2619.JPG
[2012/07/17 10:09:03 | 002,983,418 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2620.JPG
[2012/07/17 10:09:03 | 002,938,265 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2622.JPG
[2012/07/17 10:09:03 | 002,578,533 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2621.JPG
[2012/07/17 10:09:02 | 003,027,733 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2618.JPG
[2012/07/17 10:09:02 | 002,641,584 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2615.JPG
[2012/07/17 10:09:02 | 002,606,068 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2614.JPG
[2012/07/17 10:09:02 | 002,581,142 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2617.JPG
[2012/07/17 10:09:02 | 002,404,611 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2616.JPG
[2012/07/17 10:09:01 | 002,845,260 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2611.JPG
[2012/07/17 10:09:01 | 002,636,332 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2612.JPG
[2012/07/17 10:09:01 | 002,592,717 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2613.JPG
[2012/07/17 10:09:01 | 002,430,547 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2610.JPG
[2012/07/17 10:09:00 | 002,983,784 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2607.JPG
[2012/07/17 10:09:00 | 002,666,691 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2605.JPG
[2012/07/17 10:09:00 | 002,665,341 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2608.JPG
[2012/07/17 10:09:00 | 002,608,595 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2606.JPG
[2012/07/17 10:08:59 | 002,607,170 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2600.JPG
[2012/07/17 10:08:59 | 002,549,175 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2604.JPG
[2012/07/17 10:08:59 | 002,547,008 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2603.JPG
[2012/07/17 10:08:59 | 002,447,967 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2599.JPG
[2012/07/17 10:08:59 | 002,398,643 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2601.JPG
[2012/07/17 10:08:58 | 002,695,787 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2595.JPG
[2012/07/17 10:08:58 | 002,690,376 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2598.JPG
[2012/07/17 10:08:58 | 002,352,891 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2594.JPG
[2012/07/17 10:08:58 | 002,174,434 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2597.JPG
[2012/07/17 10:08:58 | 002,092,282 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2596.JPG
[2012/07/17 10:08:57 | 002,302,630 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2593.JPG
[2012/07/17 10:08:57 | 001,970,760 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2591.JPG
[2012/07/17 10:08:57 | 001,912,072 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2590.JPG
[2012/07/17 10:08:57 | 001,834,557 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2589.JPG
[2012/07/17 10:08:57 | 001,556,236 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2592.JPG
[2012/07/17 10:08:56 | 002,527,180 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2587.JPG
[2012/07/17 10:08:56 | 002,472,163 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2586.JPG
[2012/07/17 10:08:56 | 002,410,468 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2585.JPG
[2012/07/17 10:08:56 | 002,319,621 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2588.JPG
[2012/07/17 10:08:56 | 002,124,608 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2584.JPG
[2012/07/17 10:08:55 | 002,982,764 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2583.JPG
[2012/07/17 10:08:32 | 054,332,570 | ---- | C] () -- C:\Users\Debi Torres\Documents\MVI_2733.AVI
[2012/07/17 10:08:31 | 003,350,601 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2726.JPG
[2012/07/17 10:08:31 | 002,674,580 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2729.JPG
[2012/07/17 10:08:31 | 002,324,734 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2731.JPG
[2012/07/17 10:08:31 | 002,323,045 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2732.JPG
[2012/07/17 10:08:31 | 001,950,499 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2730.JPG
[2012/07/17 10:08:31 | 001,754,611 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2728.JPG
[2012/07/17 10:08:31 | 001,546,108 | ---- | C] () -- C:\Users\Debi Torres\Documents\IMG_2727.JPG
[2012/07/16 09:58:36 | 000,000,291 | ---- | C] () -- C:\Users\Debi Torres\Documents\Sons of Anarchy - 2-sided SS (Navy) - BikerOrNot Store.url
[2012/07/13 16:08:16 | 000,000,185 | ---- | C] () -- C:\Users\Debi Torres\Documents\ADHS Division of Public Health Services Office of Vital Records How Do I Order a Birth-Death Record From Another State.url
[2012/07/12 21:56:32 | 000,000,859 | ---- | C] () -- C:\Users\Debi Torres\Documents\VLC media player.lnk
[2012/07/12 21:18:43 | 022,657,136 | ---- | C] () -- C:\Users\Debi Torres\Documents\vlc-2.0.2-win32.exe
[2012/07/07 15:29:04 | 000,000,776 | ---- | C] () -- C:\Users\Debi Torres\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/07/07 15:29:04 | 000,000,752 | ---- | C] () -- C:\Users\Debi Torres\Documents\µTorrent.lnk
[2011/11/30 14:11:13 | 000,003,072 | ---- | C] () -- C:\Windows\System32\WgaTray.exe
[2011/11/30 14:11:13 | 000,003,072 | ---- | C] () -- C:\Windows\System32\WgaLogon.dll
[2011/11/30 14:11:13 | 000,003,072 | ---- | C] () -- C:\Windows\System32\OGAVerify.exe
[2011/11/30 14:11:13 | 000,003,072 | ---- | C] () -- C:\Windows\System32\OGAExec.exe
[2011/11/30 14:11:13 | 000,003,072 | ---- | C] () -- C:\Windows\System32\OGAAddin.dll
[2011/09/16 21:36:08 | 000,004,106 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss
[2011/07/15 08:38:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2011/07/15 08:38:25 | 000,000,000 | ---- | C] () -- C:\Users\Debi Torres\AppData\Roaming\Ambient
[2011/07/15 08:14:39 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Electric Clav
[2011/07/15 08:14:39 | 000,000,268 | RH-- | C] () -- C:\Users\Debi Torres\AppData\Roaming\Drums
[2011/07/15 08:14:39 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2011/07/15 08:14:39 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Master
[2011/07/15 08:14:34 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Electric Piano
[2011/07/15 08:14:34 | 000,000,268 | RH-- | C] () -- C:\Users\Debi Torres\AppData\Roaming\Dynamic Library
[2011/07/15 08:14:34 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Metadata Importer
[2011/07/15 08:07:07 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2011/06/11 07:34:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/06/11 07:34:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/06/11 07:33:36 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/05/21 11:51:36 | 000,088,576 | ---- | C] () -- C:\Users\Debi Torres\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

< End of report >


OTL Extras logfile created on: 8/4/2012 1:02:44 PM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Debi Torres\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.82 Mb Total Physical Memory | 90.53 Mb Available Physical Memory | 10.12% Memory free
2.00 Gb Paging File | 0.45 Gb Available in Paging File | 22.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 73.24 Gb Total Space | 5.86 Gb Free Space | 8.01% Space Free | Partition Type: NTFS
Drive D: | 75.80 Gb Total Space | 75.35 Gb Free Space | 99.41% Space Free | Partition Type: NTFS
Drive E: | 2.53 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DEBITORRES-PC | User Name: Debi Torres | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CE7DD4-DD40-476C-B931-7C5EFC4A1C57}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0B800C71-A95C-4EB8-9301-389102F05720}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0BC3BA35-6D1B-437C-BE36-DEA33C53FB92}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0FBB6328-2A95-40CC-A101-D0FBF9EE43B5}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1581B362-EFE7-405D-9D1E-95B79B4111B2}" = rport=139 | protocol=6 | dir=out | app=system |
"{21B4C8F3-64A0-4F4B-AD57-9E65A2B7654E}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{279C1780-125D-4066-926A-6081EDEB4EA6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{28349935-D079-486A-BA0D-F92A37FBB2A2}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2B703A19-002B-407F-8500-DBC269DC2CDC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C9B0F79-D8D1-4B2F-B768-C735D5E6ED8C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{31FDFC2B-1092-4C91-87F6-B97DC883CEB8}" = lport=138 | protocol=17 | dir=in | app=system |
"{354024C1-62DE-441A-842E-69B8DC692F4A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36B36E7A-A52F-47C2-AC3A-501DA1593315}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AD30001-B4DE-4C89-AD32-B8A6B615CA86}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4D59121D-267A-468F-B23E-E6BE39CB68AF}" = lport=139 | protocol=6 | dir=in | app=system |
"{4F50AE95-0F1D-4019-8976-63FBE663C8A7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5D947363-4859-4C07-B8A7-51B0B2B79B0F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{803D6E51-B940-4B1E-913B-71322E667970}" = lport=137 | protocol=17 | dir=in | app=system |
"{86002A40-164D-43BF-B353-D509BE10985B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8679565F-D27F-4F10-8285-8894E7FDDCE9}" = lport=445 | protocol=6 | dir=in | app=system |
"{87829496-0DF1-49C9-B239-E55E069AEDAB}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8C4BB7F8-8DB5-43BA-981A-D48DD8D09A0F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A6F18855-EF1E-45CE-9A7B-9D7516BB08C6}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A8D1F286-BDF7-4260-80AB-53646D52D488}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A98DDF84-83E1-4DEA-A0B1-FC9413628AC6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B97C475B-960F-4612-92DB-20DBB8CD99CE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BD878140-16FC-4BA7-BABD-9542DC36788B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C914DACF-597E-4D07-88FD-0F03C554F074}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CC01D241-B1AC-40BB-B992-CDA831575DAA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D1D2A2AF-0557-4AC7-B9D6-CA24DFBE48DB}" = rport=137 | protocol=17 | dir=out | app=system |
"{D298624A-5AB6-424D-9322-0C446D81C9E7}" = rport=138 | protocol=17 | dir=out | app=system |
"{E661FA1F-E46D-4DAC-8A05-CF1E8EF3916C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ED32AC9F-53D5-46C9-A778-2901B28AD8B4}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F8EC9C2A-9325-4280-B408-B8180028DE5F}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03A4A294-40B4-4734-A4D4-7BDD0A486FC6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{05E189BF-136A-4C5A-931E-562B7EAE71B5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1F7BBD75-5C92-4832-A892-FB7A760CA373}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{23B410AC-6658-47D2-9B22-5D0F23AAE674}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{24ED3A44-4554-487F-8C36-15894701F49B}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{47FE8511-8186-4D34-ACB2-2C5F998A54ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5DDA501B-968F-4404-81FE-9B1A67909BEA}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{74862CB0-4577-4626-AEA7-4F7D9D6E4ADC}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{7E125FA0-2A07-4C0A-A220-C6DF99CB85FD}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7F8824E6-45E1-4745-A148-1960BB1949DC}" = protocol=1 | dir=in | [email protected],-28543 |
"{80656634-4073-4229-91A4-1268D381337D}" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{8838F08C-7C3A-4F2E-B216-83DBDC2D00E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{935A5DA0-931D-496A-ACC2-F124D803E4AE}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{955C2094-CF0F-4C3F-9C04-347A41330828}" = dir=in | app=c:\users\debito~1\appdata\local\temp\ibtmp90bb489\component_358.decrpt |
"{977B646E-0EDD-479D-B3DC-BC977157F843}" = protocol=58 | dir=in | [email protected],-148 |
"{9A1FBF02-B658-4328-B408-AED2E2D56EAD}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{AAA29085-99AA-4628-AA1F-B59566ABC27C}" = dir=in | app=c:\users\debito~1\appdata\local\temp\ibtmp90bb489\component_515.decrpt |
"{AE5DC30F-8AA8-45D5-81DD-1ED9BCA5E0EA}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{B1549EB3-5939-4C2E-AC05-9DFDB043C2DE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B3AEFC99-DC7C-4BDB-B9C5-FC2267A66E89}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{BE889F90-B12E-4B1D-A4B9-65E9F54E9983}" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{C5F8DEFC-B842-43EB-8AEF-2613A87AAD76}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C78B9B91-5A0E-461C-8608-BAEC172D5F71}" = protocol=1 | dir=out | [email protected],-28544 |
"{CB7E2386-497E-4EB9-803F-C67CD8F2B909}" = protocol=58 | dir=out | [email protected],-28546 |
"{D3FEFE2D-1BAA-4680-A33B-96DEE0854875}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{E1224CC1-72FA-45FE-821B-813554DF18DF}" = protocol=58 | dir=in | [email protected],-28545 |
"{FA4ABC8D-4F05-4BE4-A980-8F00BA5EF773}" = dir=in | app=c:\users\debito~1\appdata\local\temp\ibtmp90bb489\component_514.decrpt |
"TCP Query User{0FC43EB5-7822-4A19-9AB7-E11FAE7A7AA4}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{8A0CE2B9-8063-4DB0-AEAE-BE48C7DC0DA7}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{2857dbef-0b50-361c-8690-7d505747009f}" = Webshots Desktop
"{315E57F5-11F9-464C-A923-BD732FCA23E6}" = EMCO MoveOnBoot 2.2
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 wireless USB 2.0 adapter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Internet Security
"Capture NX 2" = Capture NX 2
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP3MMS" = USB MP3 Player Music Manage System
"Picasa 3" = Picasa 3
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/2/2012 3:43:43 PM | Computer Name = DebiTorres-PC | Source = SideBySide | ID = 16842824
Description = Activation context generation failed for "C:\Program Files\Webshots\3.1.5.7619\wsaxupdater.exe".Error
in manifest or policy file "C:\Program Files\Webshots\3.1.5.7619\wsaxupdater.exe"
on line 9. The element description appears as a child of element urn:schemas-microsoft-com:asm.v1^description
which is not supported by this version of Windows.

Error - 8/3/2012 7:57:57 AM | Computer Name = DebiTorres-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/3/2012 10:22:12 AM | Computer Name = DebiTorres-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/3/2012 10:22:23 AM | Computer Name = DebiTorres-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/3/2012 10:22:23 AM | Computer Name = DebiTorres-PC | Source = VSS | ID = 19
Description =

Error - 8/3/2012 10:22:23 AM | Computer Name = DebiTorres-PC | Source = VSS | ID = 8193
Description =

Error - 8/3/2012 10:37:10 AM | Computer Name = DebiTorres-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/3/2012 10:37:24 AM | Computer Name = DebiTorres-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/3/2012 10:37:24 AM | Computer Name = DebiTorres-PC | Source = VSS | ID = 19
Description =

Error - 8/3/2012 10:37:24 AM | Computer Name = DebiTorres-PC | Source = VSS | ID = 8193
Description =

[ System Events ]
Error - 8/3/2012 9:50:23 AM | Computer Name = DebiTorres-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.

Error - 8/3/2012 10:22:13 AM | Computer Name = DebiTorres-PC | Source = DCOM | ID = 10005
Description =

Error - 8/3/2012 10:37:19 AM | Computer Name = DebiTorres-PC | Source = DCOM | ID = 10005
Description =

Error - 8/3/2012 10:46:26 AM | Computer Name = DebiTorres-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 8/3/2012 12:08:10 PM | Computer Name = DebiTorres-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 8/3/2012 12:08:13 PM | Computer Name = DebiTorres-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 8/4/2012 6:36:23 AM | Computer Name = DebiTorres-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 8/4/2012 6:36:25 AM | Computer Name = DebiTorres-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 8/4/2012 6:52:05 AM | Computer Name = DebiTorres-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:50:00 AM on 8/4/2012 was unexpected.

Error - 8/4/2012 6:54:49 AM | Computer Name = DebiTorres-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#3
squonk

squonk

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
I already posted the OTL log report... Thank you for taking your time to help with this problem. Much appreciated.
  • 0

#4
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Your OTL log is five days old. The malware could have created new files in the meantime. That's why I'd like a fresh OTL to work with. :)

So please run a new Quick Scan with OTL and post the resulting log file in your next reply. :thumbsup:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP