Restoring Dell to Factory Settings?

I've been trying to restore my Dell latitude D630 to the factory setting, but the system restore on my laptop isn't running properly. A window pops up, asking for permission to continue but when I press continue nothing happens. I was directed here from livechat.

OTL logfile created on: 1/29/2013 2:19:05 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\student\Documents\Downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 41.17% Memory free
4.21 Gb Paging File | 2.55 Gb Available in Paging File | 60.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 5.24 Gb Free Space | 7.04% Space Free | Partition Type: NTFS
Drive G: | 3.73 Gb Total Space | 3.72 Gb Free Space | 99.76% Space Free | Partition Type: FAT32

Computer Name: STUDENT-PC | User Name: student | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/29 14:18:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\student\Documents\Downloads\OTL.exe
PRC - [2013/01/18 02:07:04 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/09/05 09:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/26 02:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/07/02 09:25:14 | 002,232,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe
PRC - [2012/07/02 09:24:54 | 003,790,504 | ---- | M] (Giraffic) -- C:\Program Files\Giraffic\Veoh_Giraffic.exe
PRC - [2012/06/22 07:55:48 | 000,265,952 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2012/06/13 02:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/14 18:12:31 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 03:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/11/28 06:36:30 | 004,692,296 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2011/08/25 14:25:00 | 000,886,760 | ---- | M] (Search-Results) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2008/10/29 00:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/02/28 22:12:59 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
PRC - [2008/01/20 20:24:41 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

========== Modules (No Company Name) ==========

MOD - [2013/01/25 18:24:14 | 000,195,072 | ---- | M] () -- C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\crmAdpt.dll
MOD - [2013/01/25 18:24:14 | 000,189,440 | ---- | M] () -- C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\ctb.dll
MOD - [2013/01/18 02:07:02 | 012,459,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
MOD - [2013/01/18 02:07:02 | 000,460,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppgooglenaclpluginchrome.dll
MOD - [2013/01/18 02:07:01 | 004,012,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
MOD - [2013/01/18 02:06:15 | 000,597,968 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\libglesv2.dll
MOD - [2013/01/18 02:06:15 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\libegl.dll
MOD - [2013/01/18 02:06:13 | 001,552,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\24.0.1312.56\ffmpegsumo.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/21 07:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011/06/20 07:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011/06/20 05:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011/06/20 05:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011/06/20 05:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011/06/20 05:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2011/05/26 03:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2011/05/26 03:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Windows\system32\dmwu.exe -- (WebOptimizer)
SRV - [2013/01/21 22:29:07 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 21:55:13 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/05 09:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 14:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/02 09:25:14 | 002,232,504 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2012/06/22 07:55:48 | 000,265,952 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (avv3753n)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1fefdcg)
DRV - [2012/08/24 14:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/07/26 02:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/06/28 18:15:09 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/04/19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 12:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2008/01/20 20:23:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.daemon-search.com/startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Search-Results)
IE - HKCU\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{155276F4-D2A3-E016-B329-F646B1D9E78C}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{6C59297E-BFFE-4E6A-0BF5-4187155432D8}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
IE - HKCU\..\SearchScopes\{C7576B9D-B442-46bc-AF74-080A9E723E01}: "URL" = http://websearch.sea...1-043BC2A7CF47
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6PQA5mUjUX&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://mystart.incre...PQA5mUjUX&i=26"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40incredibar.com:1.5.0
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B5911488E-9D1E-40ec-8CBB-06B231CC153F%7D:2.5.0
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121012015120
FF - prefs.js..extensions.enabledAddons: %7B336D0C35-8A85-403a-B9D2-65C292C39087%7D:2.0.0.478
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "http://mystart.incre...&&i=26&search="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/09/10 18:11:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/04/14 18:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/09/05 14:40:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/28 09:23:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/21 22:29:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/21 22:29:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/14 14:08:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\student\AppData\Roaming\mozilla\Extensions
[2013/01/21 21:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\student\AppData\Roaming\mozilla\Firefox\Profiles\8noat3am.default\extensions
[2012/08/27 15:51:11 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\student\AppData\Roaming\mozilla\Firefox\Profiles\8noat3am.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012/10/18 22:26:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\student\AppData\Roaming\mozilla\Firefox\Profiles\8noat3am.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/06/10 15:14:52 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\student\AppData\Roaming\mozilla\Firefox\Profiles\8noat3am.default\extensions\[email protected]
[2012/06/03 20:05:25 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Users\student\AppData\Roaming\mozilla\Firefox\Profiles\8noat3am.default\extensions\[email protected]
[2013/01/21 21:51:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\student\AppData\Roaming\mozilla\Firefox\Profiles\8noat3am.default\extensions\trash
[2012/11/23 19:49:58 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\student\AppData\Roaming\mozilla\firefox\profiles\8noat3am.default\extensions\[email protected]
[2013/01/21 21:51:59 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\student\AppData\Roaming\mozilla\firefox\profiles\8noat3am.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012/08/29 14:31:47 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\student\AppData\Roaming\mozilla\firefox\profiles\8noat3am.default\extensions\trash\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012/04/14 18:04:02 | 000,001,945 | ---- | M] () -- C:\Users\student\AppData\Roaming\mozilla\firefox\profiles\8noat3am.default\searchplugins\bing-zugo.xml
[2012/06/10 15:14:21 | 000,002,203 | ---- | M] () -- C:\Users\student\AppData\Roaming\mozilla\firefox\profiles\8noat3am.default\searchplugins\MyStart Search.xml
[2011/08/25 14:21:20 | 000,003,295 | ---- | M] () -- C:\Users\student\AppData\Roaming\mozilla\firefox\profiles\8noat3am.default\searchplugins\search-results.xml
[2013/01/21 22:28:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/21 22:28:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/08/28 09:23:09 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/09/05 14:40:58 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2013/01/21 22:29:09 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/24 17:38:05 | 000,003,739 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/12/26 22:59:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/12/26 22:59:57 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\npbrowserext.dll
CHR - plugin: CTB Dynamic Link Library (Enabled) = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\ctb.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Montiera Chrome Toolbar = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\
CHR - Extension: Google Search = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Web Assistant = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: AVG Safe Search = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: Skype Click to Call = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: AVG Do Not Track = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\student\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

Hosts file not found
O2 - BHO: (ShoppingReport) - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (ShopperReports)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Search-Results Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Search-Results)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Search-Results)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search-Results Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Search-Results)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Search-Results)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Users\student\Saved Games\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (ShopperReports)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (ShopperReports)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E804AF8A-513A-42C9-97E3-79BAEE65AFB6}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\student\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\student\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1760fe40-c181-11e1-b8d0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1760fe40-c181-11e1-b8d0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{fc7f65bf-cb6d-11e0-b27b-001c2321563f}\Shell - "" = AutoRun
O33 - MountPoints2\{fc7f65bf-cb6d-11e0-b27b-001c2321563f}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/29 14:02:59 | 000,000,000 | ---D | C] -- C:\Users\student\Documents\Downloads
[2013/01/27 15:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/01/25 18:34:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/25 18:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/01/25 18:21:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2013/01/21 22:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/20 11:22:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG January 2013 Campaign
[2013/01/01 13:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/01/01 13:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/01/01 13:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[3 C:\Users\student\Desktop\*.tmp files -> C:\Users\student\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/29 14:33:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/29 13:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/29 13:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/29 13:28:27 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/29 13:28:27 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/29 13:27:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/29 13:27:50 | 2136,969,216 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/29 13:15:29 | 082,097,135 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm.prepare
[2013/01/28 21:34:08 | 000,060,956 | ---- | M] () -- C:\Users\student\Documents\Fotografia, 24-01-2013 - 13.28.jpg
[2013/01/28 21:18:01 | 108,118,325 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013/01/28 21:14:54 | 000,061,660 | ---- | M] () -- C:\Users\student\Documents\Fotografia, 24-01-2013 - 13.09 #2.jpg
[2013/01/28 16:33:25 | 000,451,476 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/28 16:33:25 | 000,106,796 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/27 20:47:46 | 009,836,838 | ---- | M] () -- C:\Users\student\Documents\1. SM The Performance - Spectrum.mp3
[2013/01/27 17:33:09 | 000,001,995 | ---- | M] () -- C:\Users\student\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/27 15:20:52 | 000,001,911 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/01/27 15:20:52 | 000,001,911 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/01/25 18:23:52 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/24 23:11:24 | 007,314,222 | ---- | M] () -- C:\Users\student\Desktop\The A Team.mp3
[2013/01/22 22:23:13 | 005,073,547 | ---- | M] () -- C:\Users\student\Desktop\Fotografia.mp3
[2013/01/22 22:21:32 | 001,038,341 | ---- | M] () -- C:\Users\student\Documents\Screenshot (29).png
[2013/01/22 21:54:07 | 002,872,478 | ---- | M] () -- C:\Users\student\Desktop\Coming Home.mp3
[2013/01/21 20:44:58 | 001,343,045 | ---- | M] () -- C:\Users\student\Documents\Screenshot (28).png
[2013/01/21 17:28:13 | 000,296,281 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2013/01/21 16:31:32 | 000,765,115 | ---- | M] () -- C:\Users\student\Desktop\Chanyeol Hoodie.png
[2013/01/21 15:28:27 | 000,520,138 | ---- | M] () -- C:\Users\student\Documents\522psp0i.bmp
[2013/01/20 23:48:56 | 000,000,298 | ---- | M] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job
[2013/01/19 20:17:09 | 000,892,360 | ---- | M] () -- C:\Users\student\Documents\Screenshot (25).png
[2013/01/18 22:08:27 | 000,291,018 | ---- | M] () -- C:\Users\student\Documents\tumblr_mgtzftJbKW1r8fs1io1_1280.jpg
[2013/01/15 22:18:38 | 000,594,379 | ---- | M] () -- C:\Users\student\Documents\Screenshot (21).png
[2013/01/15 21:23:35 | 000,437,069 | ---- | M] () -- C:\Users\student\Documents\Screenshot (20).png
[2013/01/15 01:13:58 | 001,517,376 | ---- | M] () -- C:\Users\student\Desktop\wrar420.exe
[2013/01/15 00:17:37 | 000,587,593 | ---- | M] () -- C:\Users\student\Documents\Screenshot (17).png
[2013/01/15 00:17:31 | 000,595,383 | ---- | M] () -- C:\Users\student\Documents\Screenshot (18).png
[2013/01/15 00:08:43 | 000,190,062 | ---- | M] () -- C:\Users\student\Documents\Screenshot (16).png
[2013/01/14 23:19:54 | 000,271,971 | ---- | M] () -- C:\Users\student\Documents\IMG_0002.JPG
[2013/01/14 23:18:21 | 000,281,312 | ---- | M] () -- C:\Users\student\Documents\IMG_0001.JPG
[2013/01/14 22:50:22 | 000,534,956 | ---- | M] () -- C:\Users\student\Documents\IMG_0013.PNG
[2013/01/13 18:02:32 | 000,790,428 | ---- | M] () -- C:\Users\student\Documents\Screenshot (15).png
[2013/01/13 17:32:42 | 001,422,907 | ---- | M] () -- C:\Users\student\Documents\Screenshot (14).png
[2013/01/13 17:16:53 | 000,587,991 | ---- | M] () -- C:\Users\student\Documents\Screenshot (11).png
[2013/01/12 00:35:15 | 001,254,610 | ---- | M] () -- C:\Users\student\Documents\Screenshot (9).png
[2013/01/12 00:34:38 | 001,170,705 | ---- | M] () -- C:\Users\student\Documents\Screenshot (7).png
[2013/01/02 21:04:57 | 000,232,681 | ---- | M] () -- C:\Users\student\Desktop\Song 4 U.png
[2013/01/02 20:57:31 | 000,147,711 | ---- | M] () -- C:\Users\student\Documents\Chanyeol Angel.jpg
[2013/01/01 13:44:45 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[3 C:\Users\student\Desktop\*.tmp files -> C:\Users\student\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/28 21:34:06 | 000,060,956 | ---- | C] () -- C:\Users\student\Documents\Fotografia, 24-01-2013 - 13.28.jpg
[2013/01/28 21:14:52 | 000,061,660 | ---- | C] () -- C:\Users\student\Documents\Fotografia, 24-01-2013 - 13.09 #2.jpg
[2013/01/27 11:45:29 | 2136,969,216 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/25 18:23:52 | 000,001,995 | ---- | C] () -- C:\Users\student\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/25 18:23:52 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/01/22 22:21:18 | 001,038,341 | ---- | C] () -- C:\Users\student\Documents\Screenshot (29).png
[2013/01/22 22:02:42 | 005,073,547 | ---- | C] () -- C:\Users\student\Desktop\Fotografia.mp3
[2013/01/22 21:50:01 | 002,872,478 | ---- | C] () -- C:\Users\student\Desktop\Coming Home.mp3
[2013/01/22 15:51:47 | 007,314,222 | ---- | C] () -- C:\Users\student\Desktop\The A Team.mp3
[2013/01/21 22:13:34 | 009,836,838 | ---- | C] () -- C:\Users\student\Documents\1. SM The Performance - Spectrum.mp3
[2013/01/21 20:44:37 | 001,343,045 | ---- | C] () -- C:\Users\student\Documents\Screenshot (28).png
[2013/01/21 16:31:32 | 000,765,115 | ---- | C] () -- C:\Users\student\Desktop\Chanyeol Hoodie.png
[2013/01/21 15:28:18 | 000,520,138 | ---- | C] () -- C:\Users\student\Documents\522psp0i.bmp
[2013/01/20 11:22:12 | 000,000,298 | ---- | C] () -- C:\Windows\tasks\ROC_REG_JAN_DELETE.job
[2013/01/19 20:16:50 | 000,892,360 | ---- | C] () -- C:\Users\student\Documents\Screenshot (25).png
[2013/01/18 22:08:23 | 000,291,018 | ---- | C] () -- C:\Users\student\Documents\tumblr_mgtzftJbKW1r8fs1io1_1280.jpg
[2013/01/15 22:18:27 | 000,594,379 | ---- | C] () -- C:\Users\student\Documents\Screenshot (21).png
[2013/01/15 01:13:39 | 001,517,376 | ---- | C] () -- C:\Users\student\Desktop\wrar420.exe
[2013/01/15 00:17:30 | 000,587,593 | ---- | C] () -- C:\Users\student\Documents\Screenshot (17).png
[2013/01/15 00:17:23 | 000,595,383 | ---- | C] () -- C:\Users\student\Documents\Screenshot (18).png
[2013/01/15 00:08:40 | 000,190,062 | ---- | C] () -- C:\Users\student\Documents\Screenshot (16).png
[2013/01/14 23:18:27 | 000,271,971 | ---- | C] () -- C:\Users\student\Documents\IMG_0002.JPG
[2013/01/14 23:18:01 | 000,281,312 | ---- | C] () -- C:\Users\student\Documents\IMG_0001.JPG
[2013/01/14 22:50:14 | 000,534,956 | ---- | C] () -- C:\Users\student\Documents\IMG_0013.PNG
[2013/01/13 18:02:14 | 000,790,428 | ---- | C] () -- C:\Users\student\Documents\Screenshot (15).png
[2013/01/13 17:32:11 | 001,422,907 | ---- | C] () -- C:\Users\student\Documents\Screenshot (14).png
[2013/01/12 00:35:02 | 001,254,610 | ---- | C] () -- C:\Users\student\Documents\Screenshot (9).png
[2013/01/02 21:04:56 | 000,232,681 | ---- | C] () -- C:\Users\student\Desktop\Song 4 U.png
[2013/01/02 20:57:26 | 000,147,711 | ---- | C] () -- C:\Users\student\Documents\Chanyeol Angel.jpg
[2013/01/01 13:44:45 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/05/21 07:42:20 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/05/21 07:42:20 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/04/01 20:06:43 | 000,000,458 | ---- | C] () -- C:\Users\student\iTunes - Shortcut (2).lnk
[2012/04/01 20:06:39 | 000,000,458 | ---- | C] () -- C:\Users\student\iTunes - Shortcut.lnk
[2012/01/19 21:41:22 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2012/01/11 18:21:45 | 000,027,662 | -HS- | C] () -- C:\ProgramData\gfy7j1h4inpa
[2012/01/11 18:05:04 | 000,001,092 | -HS- | C] () -- C:\ProgramData\1emwq51yb8hv6mbae46si771264a7a7703xi67va15p37
[2011/12/24 16:29:54 | 000,000,320 | ---- | C] () -- C:\ProgramData\~Gk7Oy2cCstuGZP
[2011/12/24 16:29:54 | 000,000,224 | ---- | C] () -- C:\ProgramData\~Gk7Oy2cCstuGZPr
[2011/12/24 16:29:32 | 000,000,448 | ---- | C] () -- C:\ProgramData\Gk7Oy2cCstuGZP
[2011/11/26 13:29:50 | 000,005,632 | ---- | C] () -- C:\Users\student\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/25 22:56:33 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/08/25 22:56:33 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BXD2140.DAT
[2011/08/23 08:27:13 | 001,263,689 | ---- | C] () -- C:\Users\student\AppData\Roaming\UserTile.png
[2011/07/01 20:13:11 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2011/07/01 20:13:11 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2011/07/01 20:13:11 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2011/07/01 20:13:11 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2011/07/01 18:26:03 | 000,000,680 | ---- | C] () -- C:\Users\student\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2012/02/18 19:53:53 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB56140$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WFYMAU65\myonlinearcade.com\yume\n
[2011/12/26 14:16:53 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB56140$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WFYMAU65\t.cxt.ms\lso.swf\u.sol
[2012/01/17 20:12:11 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB56140$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WFYMAU65\wbads.vo.llnwd.net\o25\u
[2006/11/02 06:54:18 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 09:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/02 22:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 20:24:29 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/12/24 17:46:19 | 000,000,000 | ---D | M] -- C:\Users\student\AppData\Roaming\AVG2012
[2012/06/28 17:53:18 | 000,000,000 | ---D | M] -- C:\Users\student\AppData\Roaming\DAEMON Tools
[2012/06/28 18:48:47 | 000,000,000 | ---D | M] -- C:\Users\student\AppData\Roaming\DAEMON Tools Lite
[2012/04/14 18:04:56 | 000,000,000 | ---D | M] -- C:\Users\student\AppData\Roaming\OpenCandy
[2012/09/01 00:58:51 | 000,000,000 | ---D | M] -- C:\Users\student\AppData\Roaming\Opera
[2013/01/29 14:04:25 | 000,000,000 | ---D | M] -- C:\Users\student\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Files - Unicode (All) ==========
[2012/12/08 17:21:27 | 008,470,528 | ---- | M] ()(C:\Users\student\Documents\01 ???? (Feat. G-Dragon).mp3) -- C:\Users\student\Documents\01 청개구리 (Feat. G-Dragon).mp3
[2012/12/08 17:14:15 | 008,470,528 | ---- | C] ()(C:\Users\student\Documents\01 ???? (Feat. G-Dragon).mp3) -- C:\Users\student\Documents\01 청개구리 (Feat. G-Dragon).mp3
[2012/12/07 15:43:39 | 010,087,438 | ---- | M] ()(C:\Users\student\Documents\1000??????????.mp3) -- C:\Users\student\Documents\1000年、ずっとそばにいて.mp3
[2012/12/07 15:37:53 | 010,087,438 | ---- | C] ()(C:\Users\student\Documents\1000??????????.mp3) -- C:\Users\student\Documents\1000年、ずっとそばにいて.mp3
[2012/09/02 15:45:18 | 004,282,844 | ---- | M] ()(C:\Users\student\Documents\JINWOON (2AM) - YOU WALKING TOWARD ME ????.mp3) -- C:\Users\student\Documents\JINWOON (2AM) - YOU WALKING TOWARD ME 걸어온다.mp3
[2012/09/02 14:36:44 | 004,282,844 | ---- | C] ()(C:\Users\student\Documents\JINWOON (2AM) - YOU WALKING TOWARD ME ????.mp3) -- C:\Users\student\Documents\JINWOON (2AM) - YOU WALKING TOWARD ME 걸어온다.mp3
[2012/08/27 22:38:05 | 004,124,497 | ---- | M] ()(C:\Users\student\Documents\01 The Empty Space For You (????? ????? ???????).mp3) -- C:\Users\student\Documents\01 The Empty Space For You (너를 위한 빈자리).mp3
[2012/08/27 22:27:19 | 005,329,170 | ---- | M] ()(C:\Users\student\Documents\01 ?????????.mp3) -- C:\Users\student\Documents\01 소년이여.mp3
[2012/08/27 22:26:00 | 005,329,170 | ---- | C] ()(C:\Users\student\Documents\01 ?????????.mp3) -- C:\Users\student\Documents\01 소년이여.mp3
[2012/08/26 22:01:12 | 009,556,021 | ---- | M] ()(C:\Users\student\Documents\03 ???? ??????? ???????.mp3) -- C:\Users\student\Documents\03 내가 노래를 못해도.mp3
[2012/08/26 21:58:22 | 009,556,021 | ---- | C] ()(C:\Users\student\Documents\03 ???? ??????? ???????.mp3) -- C:\Users\student\Documents\03 내가 노래를 못해도.mp3
[2012/06/16 14:50:47 | 008,351,884 | ---- | M] ()(C:\Users\student\Documents\???? - ANDROID (FULL).mp3) -- C:\Users\student\Documents\東方神起 - ANDROID (FULL).mp3
[2012/06/16 14:49:43 | 008,351,884 | ---- | C] ()(C:\Users\student\Documents\???? - ANDROID (FULL).mp3) -- C:\Users\student\Documents\東方神起 - ANDROID (FULL).mp3
[2012/05/06 16:37:54 | 004,124,497 | ---- | C] ()(C:\Users\student\Documents\01 The Empty Space For You (????? ????? ???????).mp3) -- C:\Users\student\Documents\01 The Empty Space For You (너를 위한 빈자리).mp3

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB56140$] -> Error: Cannot create file handle -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\student\Documents\16 ondaa cair mesmo 2.avi:TOC.WMV

< End of report >

#1
Sarah451

Posted 29 January 2013 - 03:21 PM

Advertisements

#2
Jintan

Posted 02 February 2013 - 04:51 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us