Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Hst request, trying to deal with system bloat

(In Progress)
(!)

mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
01-Sep-2013, 08:46 PM #1
Hst request, trying to deal with system bloat
Hi, TSG-ers...

wow, i remember a time when YOU guys did all the work. you've really gone uptown, it seems, but i'm sure it's for the best- at least i'm learning something in the process.
and now i will wait VERY patiently, as requested- but please do let me know if i missed some of the required info.
rather than plunking me into the round file.

thanks in the usual advance...

MEZZ


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:56, on 8/30/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\D\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\D\system32\winlogon.exe
C:\D\system32\services.exe
C:\D\system32\lsass.exe
C:\D\system32\svchost.exe
C:\D\System32\svchost.exe
C:\D\system32\svchost.exe
C:\D\Explorer.EXE
C:\D\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\D\system32\hkcmd.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\D\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
C:\D\system32\svchost.exe
C:\D\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\D\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Security, Utilities\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O2 - BHO: SearchBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775b} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {4D0E1F7F-3B37-741C-5738-414E57A15A45} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)
O3 - Toolbar: SearchBar - {c9a6357b-25cc-4bcf-96c1-78736985d412} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\D\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\D\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] C:\D\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\D\system32\hkcmd.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [ctfmon.exe] C:\D\system32\ctfmon.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\D\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\D\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.blues-brothers.biz
O15 - Trusted Zone: http://download.cnet.com
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/dcode/ActiveX/MSDcode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1346194773765
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\D\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\D\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\D\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\D\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9752 bytes


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Celeron(R) CPU 2.40GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 510 Mb
Graphics Card: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller, 64 Mb
Hard Drives: C: Total - 152625 MB, Free - 4577 MB; E: Total - 305242 MB, Free - 4759 MB;
Motherboard: Dell Computer Corp., 0F5949
Antivirus: AVG AntiVirus Free Edition 2013, Updated: Yes, On-Demand Scanner: Enabled
askey127's Avatar
askey127 askey127 is offline askey127 is authorized to help remove malware.
Malware Removal Specialist with 965 posts.
 
Join Date: Dec 2006
Location: New Hampshire USA
Experience: Teacher at MRU
02-Sep-2013, 11:41 AM #2
Hi mezzerooni,
You do have a problem with insufficient Hard drive space on C:
The CPU and WinXP want about 15% of the drive free for file swapping and housekeeping, etc.
In your case the free space required is about 20Gb. The CPU can slow to a crawl if it doesn't have enough.
You can check free space anytime by using My Computer, Right click on C: drive, choose Properties
Wait until you are done with the items below, then see what photos, tunes, large files you can delete or offload to DVDs, etc.
There are some other things we can do to free up space, like stopping file indexing, or reducing the space indexing uses.
Let's see how this goes first.
----------------------------------------------------------
Get Uninstall List from HJT
Open HiJackThis
Click "Open the Main Tools section"
Click "Open Uninstall Manager"
When you see the list in the box, click the "Save List" button.
Save the file, named uninstall_list.txt, to your desktop.
Exit HiJackThis.
Doubleclick uninstall_list.txt on your desktop, copy and paste the contents in a reply here.
----------------------------------------------
Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
You might want to Save any unsaved work. TFC will close ALL open programs... including your browser!
Double click to run it.
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, it will report the total size of files removed. If it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.

Let me know how it goes, and how much Free space you see after the reboot.
We should be able to get this squared away.
We still need to remove some applications and run some checks for malware, adware etc.

askey127
mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
05-Sep-2013, 04:03 PM #3
thanks, askey 127...
strange- TSG just deleted my short reply of a few minutes ago. but i think i can reconstruct it. mainly i was just thanking you for the effort you've put in so far. i won't be able to run those checks for a couple of hours, but should have results by 24 hours from now, and will get them back to you immediately thereafter. the only thing that fazes me is the HST uninstall list procedure- have never seen or heard of it, but i'm sure i can muddle through before too long.

cheers-
mezz
askey127's Avatar
askey127 askey127 is offline askey127 is authorized to help remove malware.
Malware Removal Specialist with 965 posts.
 
Join Date: Dec 2006
Location: New Hampshire USA
Experience: Teacher at MRU
05-Sep-2013, 07:04 PM #4
If you follow the instruction exactly, you will get the list of installed programs.

That's what I need to start cleaning up your machine.
If you are unable to do it, please tell me.
mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
13-Oct-2013, 02:41 PM #5
hi, askey127.
it took me a ridiculously long time to get around to trying out your advice- maybe a month, but i plead "guilty on the grounds of having been in the middle of a major move". still, do please excuse my rudeness.
the main thing is, the program you recommend- (TFC- Total File Cleaner by OldTimer) is incredible. totally does as advertised.
my 2 harddrives (C- 149 gigs and E- 298 gigs) had been running at appr. 9 gigs and 400 mb, respectively. i had got to the point of using Glary Utilities and CCleaner almost daily, but at best they could never recover more than maybe 20 gigs, and within a day or two the useable space would have plummeted back down to well under a gig in both cases.
after TFC (which did take awhile, and made me more than a little nervous after reading some of the whining in the forums) i was astounded at the results. my C-drive was restored to 45.6 gigs, and my E-drive to 13.6 gigs. it'll be interesting to see how they are looking after a couple days of normal useage, but i'm feeling pretty confident. or at least like if i take normal precautions i should be able to stay well ahead of the space-gobblers.

so wow again, and many, many thanks-
mezz
askey127's Avatar
askey127 askey127 is offline askey127 is authorized to help remove malware.
Malware Removal Specialist with 965 posts.
 
Join Date: Dec 2006
Location: New Hampshire USA
Experience: Teacher at MRU
13-Oct-2013, 03:02 PM #6
TFC had one revision a long while ago; it only lasted a week or two; which was a bit too aggressive in trying to remove files and caused a few problems. Even those problems were showing primarily on infected machines.
Please let me see an Uninstall List, as requested, when you get a chance.
mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
14-Oct-2013, 01:39 AM #7
hi, askey 127-
actually, now that the initial excitement has died down (over suddenly having 60+ gigs of space i didn't have before), i guess i should probably at least try to find the uninstall list you refer to. at this point i am pretty clueless about where to start looking for it, but i imagine the TFC site or the program itself might be good places to start. and if i do locate the list, i will of course be sure to forward it to you.
till then-
mezz
mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
14-Oct-2013, 03:50 AM #8
hi, askey-

when i went back to TFC's program a few minutes ago, the window where i assumed any lists might have appeared was empty. also the system info page had nothing new.
BUT and DUH. i see now that a while ago i started referring to an "HST" uninstall list (no such critter) instead of the "HJT" list, which i will try to bring up now, following your directions, which i see now i have had pretty well all along. that would be a great way to wrap up my birthday....

OKAY, I TRIED. WENT TO HJT, BUT THE BUTTON CLOSEST TO "OPEN MAIN TOOLS SECTION" SAYS "OPEN MISC TOOLS SECTION", AND IF I CLICK ON THAT IT JUST CYCLES ME BACK TO THE MAIN MENU.
ANY SUGGESTIONS AS TO WHERE TO GO FROM HERE (IF ANYWHERE)?

seems like a weird irregularity. looking forward to your reply.

mezz



Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel(R) Celeron(R) CPU 2.40GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 510 Mb
Graphics Card: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller, 64 Mb
Hard Drives: C: Total - 152625 MB, Free - 46773 MB; E: Total - 305242 MB, Free - 14018 MB;
Motherboard: Dell Computer Corp., 0F5949
Antivirus: AVG AntiVirus Free Edition 2014, Updated: Yes, On-Demand Scanner: Enabled
askey127's Avatar
askey127 askey127 is offline askey127 is authorized to help remove malware.
Malware Removal Specialist with 965 posts.
 
Join Date: Dec 2006
Location: New Hampshire USA
Experience: Teacher at MRU
14-Oct-2013, 08:59 AM #9
mezzerooni,
You were right about the Misc Tools Section. My error.

Let's get a lot more information about the machine now.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and use "Save As" to save it to your desktop or somewhere you can find it.
---------------------------------------------
Run a Scan with OTL
  • For WinXP, double click on the OTL icon to run it.
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
    When the scan starts, OTL may appear to be frozen while it runs. Please be patient.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

So we are looking for the content of two logs, OTL.txt, and Extras.txt. They are automatically saved for you in the same place as your OTL.exe download
askey127
mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
17-Oct-2013, 03:40 PM #10
hi, askey-
some minor side issues here, i thought you might be able to shed some light on them. first, am i right in understanding that i can only reply to your messages through TSG- and can't do so straight through gmail?
also: the notepad files both appeared in the taskbar, neither appeared on my desktop- no biggie, i'm sure- just looking for ways i might possibly be screwing up.
possible example- last night i ran the OTL as directed, and did not use any other programs, but by morning (appr. 6 hours later), there seemed not to be any results anywhere. later on, a couple of hours ago, i did some reading up on OTL, and the only difference between the instructions there and the ones you gave me was that this other site said to use the quick scan option, and not the full scan.
so i ran the quick scan, figuring i had little to lose, and after about 15 minutes the two notepad docs appeared in my taskbar. these are the two i am posting in this reply- don't believe i'll need a separate reply for each, but if i do i'm sure it'll be obvious.
if you still think i should run a full scan, please let me know, and i will be glad to do so, of course.
anyhow, here they are, and thanks again (sure are big suckers! i'd hate to see what a full scan would generate!) mezz

OTL logfile created on: 10/17/2013 11:52:02 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 65.99 Mb Available Physical Memory | 12.94% Memory free
2.47 Gb Paging File | 1.47 Gb Available in Paging File | 59.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\D | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 37.14 Gb Free Space | 24.92% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 13.69 Gb Free Space | 4.59% Space Free | Partition Type: NTFS

Computer Name: MEZZBIZZONE | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/16 22:29:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Downloads\OTL.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/09/10 19:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/09/03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/09/02 11:19:00 | 000,669,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013/08/20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013/04/22 10:05:32 | 000,720,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2012/10/08 13:52:14 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/05/04 23:12:20 | 009,725,216 | ---- | M] (VSO Software SARL) -- C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
PRC - [2008/07/11 17:51:32 | 000,423,200 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\D\explorer.exe
PRC - [2006/07/11 14:12:04 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/06/26 09:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2006/05/23 14:37:20 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/10 19:26:53 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/28 15:37:32 | 000,180,624 | ---- | M] () -- C:\D\system32\Primomonnt.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/07/19 19:19:18 | 000,153,600 | ---- | M] () -- C:\D\system32\AI_ContextMenu.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\D\system32\msdmo.dll
MOD - [2006/07/21 01:50:00 | 000,466,944 | ---- | M] () -- C:\D\system32\nvshell.dll
MOD - [2006/05/23 14:37:20 | 000,876,544 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll
MOD - [2006/05/23 14:37:20 | 000,159,744 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll
MOD - [2006/05/23 14:37:20 | 000,024,691 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/10 19:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 08:10:55 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\D\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/08 13:52:14 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2006/07/11 14:12:04 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/07/11 14:11:48 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/06/26 10:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/05/23 14:37:20 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -- (ForcewareWebInterface)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AEAudio.sys -- (AEAudioService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a9vw320m)
DRV - [2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\D\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\D\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/09/02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\D\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/09/02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/09/02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\D\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/09/02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/08/20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/08/01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\D\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/02/19 16:59:43 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\D\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/06/25 10:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\D\system32\drivers\npf.sys -- (NPF)
DRV - [2008/04/13 11:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/30 23:18:42 | 000,651,712 | ---- | M] (VIA - IC Ensemble, Inc.) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\Envy24HF.sys -- (Envy24HFS)
DRV - [2007/02/15 15:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2006/07/10 23:04:42 | 000,013,184 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/07/10 23:04:40 | 000,035,072 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/06/26 10:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\D\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/06/26 10:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/06/26 10:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/06/22 15:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/06/22 15:29:28 | 000,720,176 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\LV302AV.SYS -- (PID_08A0)
DRV - [2006/06/22 15:29:27 | 000,012,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\D\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/10/27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/12 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/24 08:12:44 | 000,004,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/20 15:14:28 | 000,646,825 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2003/11/20 15:13:40 | 001,232,741 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2003/11/20 15:12:56 | 000,059,717 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2003/11/20 15:12:42 | 000,037,048 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/06/30 19:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\D\system32\drivers\omci.sys -- (OMCI)
DRV - [2001/08/17 13:11:30 | 000,096,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\b57xp32.sys -- (b57w2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm071YYca&ptnrS=YKxdm071YYca&ptb=26FAFC46-B8BE-4005-99D7-9BCA979C5906&psa=&ind=2012082923&st=sb&n=77edf2eb&searchfor={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm071YYca&ptnrS=YKxdm071YYca&ptb=26FAFC46-B8BE-4005-99D7-9BCA979C5906&psa=&ind=2012082923&st=sb&n=77edf2eb&searchfor={searchTerms}
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\D\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\D\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\D\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@install daddy.com: C:\Program Files\fbphotozoom\fbphotozoom15.xpi [2012/04/01 12:15:06 | 000,102,423 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/10 05:45:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Mozilla\Extensions
[2013/10/02 10:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Mozilla\Firefox\Profiles\xvc8tip6.default-1380736292156\extensions
[2013/10/15 02:13:35 | 000,001,401 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Mozilla\Firefox\Profiles\xvc8tip6.default-1380736292156\searchplugins\ividi.xml
[2013/10/12 10:55:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/09/25 20:50:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/25 20:50:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/19 18:47:49 | 000,000,898 | ---- | M]) - C:\D\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ividi Helper Object) - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (Unitech LLC)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\D\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\D\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\D\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\D\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKU\S-1-5-21-1993962763-57989841-725345543-1004..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..Trusted Domains: cnet.com ([download] http in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1346194773765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.160.13 64.59.161.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61E11A1F-9C49-440E-8609-12DFBEBB69FA}: DhcpNameServer = 64.59.160.13 64.59.160.15 64.59.161.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF830778-C222-4EB8-A43B-8CCF4136018D}: DhcpNameServer = 64.59.160.13 64.59.161.68
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\D\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\D\system32\userinit.exe) - C:\D\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\D\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/07/25 22:24:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/05/13 14:29:57 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/15 22:46:20 | 000,000,000 | ---D | C] -- C:\D\LastGood
[2013/10/15 22:44:50 | 000,626,688 | ---- | C] (On2.com) -- C:\D\System32\vp7vfw.dll
[2013/10/15 13:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\dvdcss
[2013/10/15 11:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Digiarty
[2013/10/15 11:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Digiarty
[2013/10/15 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2013/10/15 02:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Breaking Bad Season 5 Part 2 S05 2013 WEB-DL 720p x264 AAC 5.1 NimitMak SilverRG
[2013/10/15 02:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\Unitech LLC
[2013/10/15 02:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Unitech LLC
[2013/10/15 01:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Breaking Bad Season 5 Episode 9 720p HDTV [GlowGaze.Com]
[2013/10/13 05:52:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Recent
[2013/10/13 05:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Unused Desktop Shortcuts
[2013/10/10 08:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/07 05:47:20 | 000,000,000 | ---D | C] -- C:\38b4093c99fe1dc784
[2013/10/04 19:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\AVG2014
[2013/10/04 19:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2013/10/04 19:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Avg2014
[2013/10/04 11:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/10/04 08:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Start Menu\Programs\BitTornado
[2013/10/04 08:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\BitTornado
[2013/09/29 09:02:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign
[2013/09/29 08:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Mozart Vol 11 - String Quintets - CD 3
[2013/09/26 17:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Bus Info
[2013/09/25 18:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Pentangle- Sweet Child
[2013/09/20 22:35:21 | 000,000,000 | ---D | C] -- C:\4c32834a4e53676084677fd7a4
[2013/09/17 18:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\mezzparee2
[2011/08/20 20:31:12 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/10/17 12:10:00 | 000,000,818 | ---- | M] () -- C:\D\tasks\Adobe Flash Player Updater.job
[2013/10/17 12:07:00 | 000,000,410 | -H-- | M] () -- C:\D\tasks\User_Feed_Synchronization-{3045A957-8E98-4281-B3B7-EF916E6434ED}.job
[2013/10/17 10:51:00 | 000,000,264 | ---- | M] () -- C:\D\tasks\AutoKMS.job
[2013/10/16 10:30:44 | 000,000,430 | ---- | M] () -- C:\D\tasks\AVG_SYS_TASK.job
[2013/10/16 08:29:22 | 000,533,276 | ---- | M] () -- C:\D\System32\perfh009.dat
[2013/10/16 08:29:22 | 000,107,344 | ---- | M] () -- C:\D\System32\perfc009.dat
[2013/10/15 22:47:12 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\vso_ts_preview.xml
[2013/10/15 22:45:27 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\inst.exe
[2013/10/15 22:45:26 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.sys
[2013/10/15 22:45:26 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.cat
[2013/10/15 22:45:25 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.inf
[2013/10/15 19:25:16 | 000,000,282 | ---- | M] () -- C:\D\tasks\AppleSoftwareUpdate.job
[2013/10/15 13:30:29 | 000,076,800 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/13 10:43:19 | 000,000,462 | ---- | M] () -- C:\D\tasks\AVG_SYS_TASK_DELETE.job
[2013/10/13 10:43:17 | 000,000,388 | ---- | M] () -- C:\D\tasks\AVG PC Tuneup 2011 Integrator Start On Steve Logon.job
[2013/10/13 10:43:17 | 000,000,312 | ---- | M] () -- C:\D\tasks\GlaryInitialize.job
[2013/10/13 10:43:01 | 000,002,048 | --S- | M] () -- C:\D\bootstat.dat
[2013/10/13 05:24:33 | 000,012,598 | ---- | M] () -- C:\D\System32\wpa.dbl
[2013/10/11 13:49:22 | 000,269,392 | ---- | M] () -- C:\D\System32\FNTCACHE.DAT
[2013/09/29 08:50:30 | 000,005,690 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\My Favorite Theme.theme
[2013/09/26 19:09:50 | 004,781,493 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\01 walkin' blues.mp3
[2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\D\System32\drivers\avgdiskx.sys
[2013/09/25 20:51:03 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2013/09/29 09:04:04 | 000,000,430 | ---- | C] () -- C:\D\tasks\AVG_SYS_TASK.job
[2013/09/29 09:03:05 | 000,000,462 | ---- | C] () -- C:\D\tasks\AVG_SYS_TASK_DELETE.job
[2013/09/29 08:50:27 | 000,005,690 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\My Favorite Theme.theme
[2013/09/26 19:08:49 | 004,781,493 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\01 walkin' blues.mp3
[2012/12/29 15:31:18 | 000,057,424 | -H-- | C] () -- C:\D\System32\mlfcache.dat
[2012/10/02 03:20:14 | 000,054,016 | ---- | C] () -- C:\D\System32\drivers\uocldim.sys
[2012/09/23 22:21:17 | 000,172,456 | ---- | C] () -- C:\Program Files\14res.dll
[2012/08/14 11:03:31 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\g2mdlhlpx.exe
[2012/08/12 00:31:38 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\dt.dat
[2012/08/02 04:01:28 | 000,000,000 | ---- | C] () -- C:\D\System32\drivers\mbamswissarmy(2).sys
[2012/08/02 04:01:28 | 000,000,000 | ---- | C] () -- C:\D\System32\drivers\appliand(2).sys
[2012/08/01 04:00:07 | 000,000,000 | ---- | C] () -- C:\D\System32\drivers\appliand.sys
[2012/05/28 18:54:05 | 001,503,232 | ---- | C] () -- C:\D\System32\ptj.exe
[2012/05/28 18:54:05 | 001,103,360 | ---- | C] () -- C:\D\System32\cidfont.dll
[2012/05/28 18:54:03 | 004,369,408 | ---- | C] () -- C:\D\System32\pdftk.exe
[2012/05/28 18:54:03 | 000,235,008 | ---- | C] () -- C:\D\System32\office.exe
[2012/04/06 19:12:14 | 000,014,800 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\toolbars000.png
[2012/04/06 19:11:47 | 000,001,088 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\mixer000.png
[2012/04/06 19:10:50 | 000,001,238 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\tools000.png
[2012/04/06 19:10:20 | 000,001,921 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\device001.png
[2012/04/06 19:10:14 | 000,001,921 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\device000.png
[2012/02/15 22:40:43 | 000,003,072 | ---- | C] () -- C:\D\System32\iacenc.dll
[2012/01/19 19:21:20 | 000,180,624 | ---- | C] () -- C:\D\System32\Primomonnt.dll
[2011/11/28 14:49:33 | 000,018,073 | ---- | C] () -- C:\D\CSTBox.INI
[2011/11/22 00:42:49 | 000,000,138 | ---- | C] () -- C:\D\wininit.ini
[2011/11/21 12:49:45 | 000,000,444 | ---- | C] () -- C:\D\System32\d3d8caps.dat
[2011/11/19 16:59:56 | 000,000,000 | R--- | C] () -- C:\D\System32\drivers\DVEMODEM.DAT
[2011/11/19 16:59:21 | 000,004,272 | R--- | C] () -- C:\D\System32\drivers\bvrp_pci.sys
[2011/10/25 23:23:08 | 000,075,776 | ---- | C] () -- C:\D\System32\WS2Fix.exe
[2011/10/25 23:23:06 | 000,051,200 | ---- | C] () -- C:\D\System32\dumphive.exe
[2011/10/25 23:23:05 | 000,040,960 | ---- | C] () -- C:\D\System32\swsc.exe
[2011/08/20 20:31:12 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\inst.exe
[2011/08/20 20:31:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.cat
[2011/08/20 20:31:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.inf
[2011/08/19 20:25:33 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\vso_ts_preview.xml
[2011/08/14 22:01:33 | 000,076,800 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/26 17:04:06 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2011/09/03 09:49:27 | 000,000,227 | RHS- | M] () -- C:\D\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\D\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\D\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/22 14:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/01/17 20:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\9223B3E6-70DD-4e2f-965B-DD8E02D2E20B
[2012/07/17 13:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2013/09/29 09:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign
[2013/01/22 10:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/10/04 19:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2011/09/05 05:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2006/12/22 18:00:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/08/10 05:49:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/04 11:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/10/17 08:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/08/18 06:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2007/02/28 21:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2012/10/16 13:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2013/09/26 19:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2013/03/20 18:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VSO
[2011/08/21 11:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2011/10/26 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2011/11/03 18:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/02 06:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG10
[2011/08/02 09:16:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ
[2011/07/27 05:40:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/08/02 22:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ErrorEND
[2011/08/02 06:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
[2011/08/02 06:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2011/08/01 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2011/07/30 10:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\vsosdk
[2013/01/10 10:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2011/07/27 05:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.BitTornado
[2011/08/07 08:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\3v
[2011/07/27 05:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/07/28 13:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ESET
[2011/08/19 20:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso
[2006/06/09 16:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\.BitTornado
[2006/10/31 11:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Avant Browser
[2007/02/23 20:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Investintech
[2007/04/01 11:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\SolidDocuments
[2011/08/11 08:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\.BitTornado
[2012/07/12 18:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Apowersoft
[2011/08/29 07:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\atunes
[2013/08/30 09:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Audacity
[2011/11/01 09:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Auslogics
[2011/08/15 03:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\AVG
[2013/10/04 19:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\AVG2014
[2012/08/03 09:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\BabylonToolbar
[2011/09/05 05:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Broderbund
[2011/11/08 13:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Canneverbe Limited
[2013/09/17 18:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Canon
[2011/09/03 11:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\CD-LabelPrint
[2013/03/15 18:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\COWON
[2013/10/15 11:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Digiarty
[2012/12/08 13:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Downloaded Installations
[2013/03/22 10:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Dropbox
[2013/03/20 18:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\DVDVideoSoft
[2012/03/08 21:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\ElevatedDiagnostics
[2011/09/16 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\GlarySoft
[2011/08/11 20:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\ImgBurn
[2012/08/18 06:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\NCH Swift Sound
[2012/07/26 18:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Oracle
[2012/06/08 15:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\PrimoPDF
[2012/07/05 18:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\SMRecorder
[2012/11/13 17:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Sony
[2011/08/21 14:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Toolbar4
[2011/11/04 18:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Transcend Elite
[2012/12/13 00:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\TuneUp Software
[2013/10/15 02:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Unitech LLC
[2013/10/04 08:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\uTorrent
[2013/10/15 22:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Vso
[2012/12/29 22:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Windows Desktop Search
[2012/12/29 23:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Windows Search
[2012/08/18 12:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Xilisoft

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 10/17/2013 11:52:03 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 65.99 Mb Available Physical Memory | 12.94% Memory free
2.47 Gb Paging File | 1.47 Gb Available in Paging File | 59.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\D | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 37.14 Gb Free Space | 24.92% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 13.69 Gb Free Space | 4.59% Space Free | Partition Type: NTFS

Computer Name: MEZZBIZZONE | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\aTunes.exe" = C:\Program Files\Java\jre6\launch4j-tmp\aTunes.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"E:\Documents and Settings\Steve\Application Data\Dropbox\bin\Dropbox.exe" = E:\Documents and Settings\Steve\Application Data\Dropbox\bin\Dropbox.exe:*:Enabledropbox -- (Dropbox, Inc.)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\D\Microsoft.NET\Framework\v2.0.50727\vbc.exe" = C:\D\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler -- (Microsoft Corporation)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:TaskPanl
"C:\D\system32\dpvsetup.exe" = C:\D\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\D\system32\rundll32.exe" = C:\D\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\1ClickDownload\1ClickDownload.exe" = C:\Program Files\1ClickDownload\1ClickDownload.exe:*isabled:1ClickDownload
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\BitTornado\btdownloadgui.exe" = C:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\desktop\media\iTunes.exe" = C:\desktop\media\iTunes.exe:*:Enabled:iTunes
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CDF65F2-8509-4C4D-A1C3-F36F478F5BB4}" = AVG 2014
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{983CFCAC-5C96-4018-8BEC-D6581644C654}" = GEAR driver installer 4.020
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
"{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}" = Cheetah DVD Burner
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1000 Best Fonts" = 1000 Best Fonts
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.3
"AVG" = AVG 2014
"BitTornado" = BitTornado 0.3.17
"BNR2 0.14.7 Beta_is1" = Binary News Reaper 0.14.7 Beta
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"ConvertXtoDVD 4.1.19.365_is1" = ConvertXtoDVD 4.1.19.365
"Easy CD and DVD Cover Creator" = Easy CD and DVD Cover Creator 4.12
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"ExpressBurn" = Express Burn
"ExtractNow_is1" = ExtractNow
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"ividi" = Unitech LLC toolbar
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"office Convert Pdf to Jpg Jpeg Tiff Free_is1" = office Convert Pdf to Jpg Jpeg Tiff Free 6.5
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.94
"Soulseek2" = SoulSeek 157 NS 13e
"VLC media player" = VLC media player 2.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.9.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/15/2013 10:19:47 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 10:19:50 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 10:19:53 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 10:19:55 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 10:21:42 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller | ID = 10005
Description =

Error - 10/15/2013 10:28:52 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller | ID = 1023
Description =

Error - 10/15/2013 10:29:05 AM | Computer Name = MEZZBIZZONE | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2729449, P2 10.0.30319, P3 10.0.30319.296,
P4 1, P5 ndp40-kb2729449.msp, P6 install_i_silent_error, P7 1603, P8 0, P9 processassembly,
P10 NIL.

Error - 10/15/2013 11:18:09 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 11:18:10 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 11:18:10 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 11:18:11 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 11:18:11 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 11:18:41 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller
| ID = 10005

Description =
Error - 10/15/2013 11:28:46 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller
| ID = 1023

Description =
Error - 10/15/2013 11:29:11 AM | Computer Name = MEZZBIZZONE | Source = VSSetup
| ID = 5000

Description = EventType vssetup, P1 kb2835393, P2 10.0.30319, P3 10.0.30319.1008, P4 1, P5 ndp40-kb2835393.msp, P6 install_i_silent_error, P7 1603, P8 0, P9 processassembly, P10 NIL.
Error - 10/16/2013 1:45:39 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error - 10/16/2013 1:45:40 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error - 10/16/2013 1:46:01 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131075

Description = Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: This operation returned because the timeout period expired.

Error - 10/16/2013 1:46:04 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error - 10/16/2013 1:46:19 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.


Error encountered while reading event logs.

< End of report >
mezzerooni's Avatar
mezzerooni mezzerooni is offline
Member with 130 posts.
THREAD STARTER
 
Join Date: Sep 2003
17-Oct-2013, 03:49 PM #11
re-posting "extras" notepad document
hi, askey-
some minor side issues here, i thought you might be able to shed some light on them. first, am i right in understanding that i can only reply to your messages through TSG- and can't do so straight through gmail?
also: the notepad files both appeared in the taskbar, neither appeared on my desktop- no biggie, i'm sure- just looking for ways i might possibly be screwing up.
possible example- last night i ran the OTL as directed, and did not use any other programs, but by morning (appr. 6 hours later), there seemed not to be any results anywhere. later on, a couple of hours ago, i did some reading up on OTL, and the only difference between the instructions there and the ones you gave me was that this other site said to use the quick scan option, and not the full scan.
so i ran the quick scan, figuring i had little to lose, and after about 15 minutes the two notepad docs appeared in my taskbar. these are the two i am posting in this reply- don't believe i'll need a separate reply for each, but if i do i'm sure it'll be obvious.
if you still think i should run a full scan, please let me know, and i will be glad to do so, of course.
anyhow, here they are, and thanks again (sure are big suckers! i'd hate to see what a full scan would generate!) mezz

OTL logfile created on: 10/17/2013 11:52:02 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 65.99 Mb Available Physical Memory | 12.94% Memory free
2.47 Gb Paging File | 1.47 Gb Available in Paging File | 59.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\D | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 37.14 Gb Free Space | 24.92% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 13.69 Gb Free Space | 4.59% Space Free | Partition Type: NTFS

Computer Name: MEZZBIZZONE | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/16 22:29:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Downloads\OTL.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/09/10 19:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/09/03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/09/02 11:19:00 | 000,669,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013/08/20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013/04/22 10:05:32 | 000,720,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2012/10/08 13:52:14 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/05/04 23:12:20 | 009,725,216 | ---- | M] (VSO Software SARL) -- C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
PRC - [2008/07/11 17:51:32 | 000,423,200 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\D\explorer.exe
PRC - [2006/07/11 14:12:04 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/06/26 09:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2006/05/23 14:37:20 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/10 19:26:53 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/02/28 15:37:32 | 000,180,624 | ---- | M] () -- C:\D\system32\Primomonnt.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/07/19 19:19:18 | 000,153,600 | ---- | M] () -- C:\D\system32\AI_ContextMenu.dll
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\D\system32\msdmo.dll
MOD - [2006/07/21 01:50:00 | 000,466,944 | ---- | M] () -- C:\D\system32\nvshell.dll
MOD - [2006/05/23 14:37:20 | 000,876,544 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll
MOD - [2006/05/23 14:37:20 | 000,159,744 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll
MOD - [2006/05/23 14:37:20 | 000,024,691 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/10 19:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 08:10:55 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\D\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/08 13:52:14 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2006/07/11 14:12:04 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/07/11 14:11:48 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/06/26 10:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/05/23 14:37:20 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -- (ForcewareWebInterface)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AEAudio.sys -- (AEAudioService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a9vw320m)
DRV - [2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\D\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\D\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/09/02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\D\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/09/02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/09/02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\D\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/09/02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/08/20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\D\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/08/01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\D\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/02/19 16:59:43 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\D\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/06/25 10:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\D\system32\drivers\npf.sys -- (NPF)
DRV - [2008/04/13 11:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/11/30 23:18:42 | 000,651,712 | ---- | M] (VIA - IC Ensemble, Inc.) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\Envy24HF.sys -- (Envy24HFS)
DRV - [2007/02/15 15:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2006/07/10 23:04:42 | 000,013,184 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/07/10 23:04:40 | 000,035,072 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/06/26 10:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\D\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/06/26 10:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/06/26 10:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/06/22 15:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/06/22 15:29:28 | 000,720,176 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\LV302AV.SYS -- (PID_08A0)
DRV - [2006/06/22 15:29:27 | 000,012,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\D\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/10/27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/12 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/03/24 08:12:44 | 000,004,272 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2003/11/20 15:14:28 | 000,646,825 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2003/11/20 15:13:40 | 001,232,741 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2003/11/20 15:12:56 | 000,059,717 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2003/11/20 15:12:42 | 000,037,048 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/06/30 19:11:52 | 000,043,136 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\D\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\D\system32\drivers\omci.sys -- (OMCI)
DRV - [2001/08/17 13:11:30 | 000,096,640 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\D\system32\drivers\b57xp32.sys -- (b57w2k)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm071YYca&ptnrS=YKxdm071YYca&ptb=26FAFC46-B8BE-4005-99D7-9BCA979C5906&psa=&ind=2012082923&st=sb&n=77edf2eb&searchfor={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm071YYca&ptnrS=YKxdm071YYca&ptb=26FAFC46-B8BE-4005-99D7-9BCA979C5906&psa=&ind=2012082923&st=sb&n=77edf2eb&searchfor={searchTerms}
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\D\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\D\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\D\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@install daddy.com: C:\Program Files\fbphotozoom\fbphotozoom15.xpi [2012/04/01 12:15:06 | 000,102,423 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/10 05:45:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Mozilla\Extensions
[2013/10/02 10:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Mozilla\Firefox\Profiles\xvc8tip6.default-1380736292156\extensions
[2013/10/15 02:13:35 | 000,001,401 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Mozilla\Firefox\Profiles\xvc8tip6.default-1380736292156\searchplugins\ividi.xml
[2013/10/12 10:55:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/09/25 20:50:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/25 20:50:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kpdhgpkkloealnjnmepfhanpcleldbef\1.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/02/19 18:47:49 | 000,000,898 | ---- | M]) - C:\D\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ividi Helper Object) - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (Unitech LLC)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\D\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\D\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\D\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\D\System32\nwiz.exe ()
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKU\S-1-5-21-1993962763-57989841-725345543-1004..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..Trusted Domains: cnet.com ([download] http in Trusted sites)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1346194773765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.160.13 64.59.161.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61E11A1F-9C49-440E-8609-12DFBEBB69FA}: DhcpNameServer = 64.59.160.13 64.59.160.15 64.59.161.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF830778-C222-4EB8-A43B-8CCF4136018D}: DhcpNameServer = 64.59.160.13 64.59.161.68
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\D\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\D\system32\userinit.exe) - C:\D\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\D\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/07/25 22:24:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/05/13 14:29:57 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/15 22:46:20 | 000,000,000 | ---D | C] -- C:\D\LastGood
[2013/10/15 22:44:50 | 000,626,688 | ---- | C] (On2.com) -- C:\D\System32\vp7vfw.dll
[2013/10/15 13:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\dvdcss
[2013/10/15 11:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Digiarty
[2013/10/15 11:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Digiarty
[2013/10/15 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2013/10/15 02:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Breaking Bad Season 5 Part 2 S05 2013 WEB-DL 720p x264 AAC 5.1 NimitMak SilverRG
[2013/10/15 02:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\Unitech LLC
[2013/10/15 02:07:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Unitech LLC
[2013/10/15 01:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Breaking Bad Season 5 Episode 9 720p HDTV [GlowGaze.Com]
[2013/10/13 05:52:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Recent
[2013/10/13 05:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Unused Desktop Shortcuts
[2013/10/10 08:46:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/07 05:47:20 | 000,000,000 | ---D | C] -- C:\38b4093c99fe1dc784
[2013/10/04 19:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\AVG2014
[2013/10/04 19:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2013/10/04 19:12:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\Avg2014
[2013/10/04 11:47:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/10/04 08:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Start Menu\Programs\BitTornado
[2013/10/04 08:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\BitTornado
[2013/09/29 09:02:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign
[2013/09/29 08:26:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Mozart Vol 11 - String Quintets - CD 3
[2013/09/26 17:07:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Bus Info
[2013/09/25 18:48:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\Pentangle- Sweet Child
[2013/09/20 22:35:21 | 000,000,000 | ---D | C] -- C:\4c32834a4e53676084677fd7a4
[2013/09/17 18:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\mezzparee2
[2011/08/20 20:31:12 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/10/17 12:10:00 | 000,000,818 | ---- | M] () -- C:\D\tasks\Adobe Flash Player Updater.job
[2013/10/17 12:07:00 | 000,000,410 | -H-- | M] () -- C:\D\tasks\User_Feed_Synchronization-{3045A957-8E98-4281-B3B7-EF916E6434ED}.job
[2013/10/17 10:51:00 | 000,000,264 | ---- | M] () -- C:\D\tasks\AutoKMS.job
[2013/10/16 10:30:44 | 000,000,430 | ---- | M] () -- C:\D\tasks\AVG_SYS_TASK.job
[2013/10/16 08:29:22 | 000,533,276 | ---- | M] () -- C:\D\System32\perfh009.dat
[2013/10/16 08:29:22 | 000,107,344 | ---- | M] () -- C:\D\System32\perfc009.dat
[2013/10/15 22:47:12 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\vso_ts_preview.xml
[2013/10/15 22:45:27 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\inst.exe
[2013/10/15 22:45:26 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.sys
[2013/10/15 22:45:26 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.cat
[2013/10/15 22:45:25 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.inf
[2013/10/15 19:25:16 | 000,000,282 | ---- | M] () -- C:\D\tasks\AppleSoftwareUpdate.job
[2013/10/15 13:30:29 | 000,076,800 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/13 10:43:19 | 000,000,462 | ---- | M] () -- C:\D\tasks\AVG_SYS_TASK_DELETE.job
[2013/10/13 10:43:17 | 000,000,388 | ---- | M] () -- C:\D\tasks\AVG PC Tuneup 2011 Integrator Start On Steve Logon.job
[2013/10/13 10:43:17 | 000,000,312 | ---- | M] () -- C:\D\tasks\GlaryInitialize.job
[2013/10/13 10:43:01 | 000,002,048 | --S- | M] () -- C:\D\bootstat.dat
[2013/10/13 05:24:33 | 000,012,598 | ---- | M] () -- C:\D\System32\wpa.dbl
[2013/10/11 13:49:22 | 000,269,392 | ---- | M] () -- C:\D\System32\FNTCACHE.DAT
[2013/09/29 08:50:30 | 000,005,690 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\My Favorite Theme.theme
[2013/09/26 19:09:50 | 004,781,493 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\01 walkin' blues.mp3
[2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\D\System32\drivers\avgdiskx.sys
[2013/09/25 20:51:03 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

========== Files Created - No Company Name ==========

[2013/09/29 09:04:04 | 000,000,430 | ---- | C] () -- C:\D\tasks\AVG_SYS_TASK.job
[2013/09/29 09:03:05 | 000,000,462 | ---- | C] () -- C:\D\tasks\AVG_SYS_TASK_DELETE.job
[2013/09/29 08:50:27 | 000,005,690 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\My Favorite Theme.theme
[2013/09/26 19:08:49 | 004,781,493 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Desktop\01 walkin' blues.mp3
[2012/12/29 15:31:18 | 000,057,424 | -H-- | C] () -- C:\D\System32\mlfcache.dat
[2012/10/02 03:20:14 | 000,054,016 | ---- | C] () -- C:\D\System32\drivers\uocldim.sys
[2012/09/23 22:21:17 | 000,172,456 | ---- | C] () -- C:\Program Files\14res.dll
[2012/08/14 11:03:31 | 000,060,304 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\g2mdlhlpx.exe
[2012/08/12 00:31:38 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\dt.dat
[2012/08/02 04:01:28 | 000,000,000 | ---- | C] () -- C:\D\System32\drivers\mbamswissarmy(2).sys
[2012/08/02 04:01:28 | 000,000,000 | ---- | C] () -- C:\D\System32\drivers\appliand(2).sys
[2012/08/01 04:00:07 | 000,000,000 | ---- | C] () -- C:\D\System32\drivers\appliand.sys
[2012/05/28 18:54:05 | 001,503,232 | ---- | C] () -- C:\D\System32\ptj.exe
[2012/05/28 18:54:05 | 001,103,360 | ---- | C] () -- C:\D\System32\cidfont.dll
[2012/05/28 18:54:03 | 004,369,408 | ---- | C] () -- C:\D\System32\pdftk.exe
[2012/05/28 18:54:03 | 000,235,008 | ---- | C] () -- C:\D\System32\office.exe
[2012/04/06 19:12:14 | 000,014,800 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\toolbars000.png
[2012/04/06 19:11:47 | 000,001,088 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\mixer000.png
[2012/04/06 19:10:50 | 000,001,238 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\tools000.png
[2012/04/06 19:10:20 | 000,001,921 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\device001.png
[2012/04/06 19:10:14 | 000,001,921 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\device000.png
[2012/02/15 22:40:43 | 000,003,072 | ---- | C] () -- C:\D\System32\iacenc.dll
[2012/01/19 19:21:20 | 000,180,624 | ---- | C] () -- C:\D\System32\Primomonnt.dll
[2011/11/28 14:49:33 | 000,018,073 | ---- | C] () -- C:\D\CSTBox.INI
[2011/11/22 00:42:49 | 000,000,138 | ---- | C] () -- C:\D\wininit.ini
[2011/11/21 12:49:45 | 000,000,444 | ---- | C] () -- C:\D\System32\d3d8caps.dat
[2011/11/19 16:59:56 | 000,000,000 | R--- | C] () -- C:\D\System32\drivers\DVEMODEM.DAT
[2011/11/19 16:59:21 | 000,004,272 | R--- | C] () -- C:\D\System32\drivers\bvrp_pci.sys
[2011/10/25 23:23:08 | 000,075,776 | ---- | C] () -- C:\D\System32\WS2Fix.exe
[2011/10/25 23:23:06 | 000,051,200 | ---- | C] () -- C:\D\System32\dumphive.exe
[2011/10/25 23:23:05 | 000,040,960 | ---- | C] () -- C:\D\System32\swsc.exe
[2011/08/20 20:31:12 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\inst.exe
[2011/08/20 20:31:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.cat
[2011/08/20 20:31:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\pcouffin.inf
[2011/08/19 20:25:33 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\vso_ts_preview.xml
[2011/08/14 22:01:33 | 000,076,800 | ---- | C] () -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/26 17:04:06 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

========== ZeroAccess Check ==========

[2011/09/03 09:49:27 | 000,000,227 | RHS- | M] () -- C:\D\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\D\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\D\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/02/22 14:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/01/17 20:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\9223B3E6-70DD-4e2f-965B-DD8E02D2E20B
[2012/07/17 13:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2013/09/29 09:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG 0913b Campaign
[2013/01/22 10:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/10/04 19:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2011/09/05 05:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2006/12/22 18:00:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/08/10 05:49:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/04 11:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/10/17 08:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/08/18 06:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2007/02/28 21:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2012/10/16 13:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2013/09/26 19:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2013/03/20 18:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VSO
[2011/08/21 11:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2011/10/26 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2011/11/03 18:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/02 06:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG10
[2011/08/02 09:16:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ
[2011/07/27 05:40:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/08/02 22:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ErrorEND
[2011/08/02 06:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
[2011/08/02 06:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2011/08/01 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2011/07/30 10:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\vsosdk
[2013/01/10 10:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2011/07/27 05:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.BitTornado
[2011/08/07 08:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\3v
[2011/07/27 05:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/07/28 13:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ESET
[2011/08/19 20:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso
[2006/06/09 16:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\.BitTornado
[2006/10/31 11:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Avant Browser
[2007/02/23 20:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Investintech
[2007/04/01 11:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\SolidDocuments
[2011/08/11 08:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\.BitTornado
[2012/07/12 18:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Apowersoft
[2011/08/29 07:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\atunes
[2013/08/30 09:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Audacity
[2011/11/01 09:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Auslogics
[2011/08/15 03:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\AVG
[2013/10/04 19:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\AVG2014
[2012/08/03 09:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\BabylonToolbar
[2011/09/05 05:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Broderbund
[2011/11/08 13:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Canneverbe Limited
[2013/09/17 18:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Canon
[2011/09/03 11:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\CD-LabelPrint
[2013/03/15 18:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\COWON
[2013/10/15 11:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Digiarty
[2012/12/08 13:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Downloaded Installations
[2013/03/22 10:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Dropbox
[2013/03/20 18:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\DVDVideoSoft
[2012/03/08 21:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\ElevatedDiagnostics
[2011/09/16 15:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\GlarySoft
[2011/08/11 20:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\ImgBurn
[2012/08/18 06:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\NCH Swift Sound
[2012/07/26 18:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Oracle
[2012/06/08 15:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\PrimoPDF
[2012/07/05 18:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\SMRecorder
[2012/11/13 17:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Sony
[2011/08/21 14:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Toolbar4
[2011/11/04 18:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Transcend Elite
[2012/12/13 00:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\TuneUp Software
[2013/10/15 02:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Unitech LLC
[2013/10/04 08:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\uTorrent
[2013/10/15 22:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Vso
[2012/12/29 22:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Windows Desktop Search
[2012/12/29 23:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Windows Search
[2012/08/18 12:32:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\Xilisoft

========== Purity Check ==========



< End of report >
NOT SURE IF THIS IS NECESSARY OR REDUNDANT, BUT IN AN ATTEMPT TO ERR ON THE SAFE SIDE, HERE GOES ANYHOW:
OTL Extras logfile created on: 10/17/2013 11:52:03 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Steve.MEZZROW-DC9E79F\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 65.99 Mb Available Physical Memory | 12.94% Memory free
2.47 Gb Paging File | 1.47 Gb Available in Paging File | 59.76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\D | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 37.14 Gb Free Space | 24.92% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 13.69 Gb Free Space | 4.59% Space Free | Partition Type: NTFS

Computer Name: MEZZBIZZONE | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\aTunes.exe" = C:\Program Files\Java\jre6\launch4j-tmp\aTunes.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"E:\Documents and Settings\Steve\Application Data\Dropbox\bin\Dropbox.exe" = E:\Documents and Settings\Steve\Application Data\Dropbox\bin\Dropbox.exe:*:Enabledropbox -- (Dropbox, Inc.)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\D\Microsoft.NET\Framework\v2.0.50727\vbc.exe" = C:\D\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler -- (Microsoft Corporation)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:TaskPanl
"C:\D\system32\dpvsetup.exe" = C:\D\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\D\system32\rundll32.exe" = C:\D\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\1ClickDownload\1ClickDownload.exe" = C:\Program Files\1ClickDownload\1ClickDownload.exe:*isabled:1ClickDownload
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\BitTornado\btdownloadgui.exe" = C:\Program Files\BitTornado\btdownloadgui.exe:*:Enabled:btdownloadgui -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\desktop\media\iTunes.exe" = C:\desktop\media\iTunes.exe:*:Enabled:iTunes
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgemcx.exe" = C:\Program Files\AVG\AVG2014\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CDF65F2-8509-4C4D-A1C3-F36F478F5BB4}" = AVG 2014
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DA4FC0C-4FB3-45A2-8095-B2F7A9CF8135}" = AVG 2014
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{983CFCAC-5C96-4018-8BEC-D6581644C654}" = GEAR driver installer 4.020
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BCE46757-7674-4416-BEDB-68205A60409E}" = Canon CanoScan Toolbox 4.1
"{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}" = Cheetah DVD Burner
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1000 Best Fonts" = 1000 Best Fonts
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.3
"AVG" = AVG 2014
"BitTornado" = BitTornado 0.3.17
"BNR2 0.14.7 Beta_is1" = Binary News Reaper 0.14.7 Beta
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"ConvertXtoDVD 4.1.19.365_is1" = ConvertXtoDVD 4.1.19.365
"Easy CD and DVD Cover Creator" = Easy CD and DVD Cover Creator 4.12
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"ExpressBurn" = Express Burn
"ExtractNow_is1" = ExtractNow
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"Intel(R) 537EP V9x DF PCI Modem" = Intel(R) 537EP V9x DF PCI Modem
"ividi" = Unitech LLC toolbar
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"office Convert Pdf to Jpg Jpeg Tiff Free_is1" = office Convert Pdf to Jpg Jpeg Tiff Free 6.5
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.94
"Soulseek2" = SoulSeek 157 NS 13e
"VLC media player" = VLC media player 2.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.9.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1993962763-57989841-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/15/2013 10:19:47 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 10:19:50 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 10:19:53 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 10:19:55 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 10:21:42 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller | ID = 10005
Description =

Error - 10/15/2013 10:28:52 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller | ID = 1023
Description =

Error - 10/15/2013 10:29:05 AM | Computer Name = MEZZBIZZONE | Source = VSSetup | ID = 5000
Description = EventType vssetup, P1 kb2729449, P2 10.0.30319, P3 10.0.30319.296,
P4 1, P5 ndp40-kb2729449.msp, P6 install_i_silent_error, P7 1603, P8 0, P9 processassembly,
P10 NIL.

Error - 10/15/2013 11:18:09 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 11:18:10 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 11:18:10 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 11:18:11 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf
| ID = 3009

Error - 10/15/2013 11:18:11 AM | Computer Name = MEZZBIZZONE | Source = LoadPerf | ID = 3009
Error - 10/15/2013 11:18:41 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller
| ID = 10005

Description =
Error - 10/15/2013 11:28:46 AM | Computer Name = MEZZBIZZONE | Source = MsiInstaller
| ID = 1023

Description =
Error - 10/15/2013 11:29:11 AM | Computer Name = MEZZBIZZONE | Source = VSSetup
| ID = 5000

Description = EventType vssetup, P1 kb2835393, P2 10.0.30319, P3 10.0.30319.1008, P4 1, P5 ndp40-kb2835393.msp, P6 install_i_silent_error, P7 1603, P8 0, P9 processassembly, P10 NIL.
Error - 10/16/2013 1:45:39 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error - 10/16/2013 1:45:40 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error - 10/16/2013 1:46:01 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131075

Description = Failed auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: This operation returned because the timeout period expired.

Error - 10/16/2013 1:46:04 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131083

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error - 10/16/2013 1:46:19 AM | Computer Name = MEZZBIZZONE | Source = crypt32 |
ID = 131080

Description = Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.


Error encountered while reading event logs.

< End of report >
askey127's Avatar
askey127 askey127 is offline askey127 is authorized to help remove malware.
Malware Removal Specialist with 965 posts.
 
Join Date: Dec 2006
Location: New Hampshire USA
Experience: Teacher at MRU
17-Oct-2013, 06:18 PM #12
mezzerooni,
Individuals are not allowed to have a license for Microsoft Office Professional Plus, only businesses.
Please tell me about your use of the software.
The versions of Java runtime and Adobe Reader are out of date, and are security issues.
We will download replacements shortly.
-----------------------------------------------
It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like µTorrent, Bittorrent, BitTornado, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
Criminals have "planted" thousands upon thousands of infections in the "free" shared torrent files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Java 7 Update 7
Adobe Reader X (10.1.8)
BitTornado 0.3.17

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Run CKScanner
Download CKScanner from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a couple minutes or less, when some text appears in the box, click Save List To File.
A message box will verify the file saved. It is important that you run the program just once.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL
  • In the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box (Do not include the word "Code"):
    Code:
    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    IE - HKLM\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm071YYca&ptnrS=YKxdm071YYca&ptb=26FAFC46-B8BE-4005-99D7-9BCA979C5906&psa=&ind=2012082923&st=sb&n=77edf2eb&searchfor={searchTerms}
    IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
    IE - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YKxdm071YYca&ptnrS=YKxdm071YYca&ptb=26FAFC46-B8BE-4005-99D7-9BCA979C5906&psa=&ind=2012082923&st=sb&n=77edf2eb&searchfor={searchTerms}
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (ividi Helper Object) - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll (Unitech LLC)
    O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
    O3 - HKU\S-1-5-21-1993962763-57989841-725345543-1004\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
    O4 - HKLM..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
    O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_07)
    [2013/10/04 08:40:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Start Menu\Programs\BitTornado
    [2013/10/04 08:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\BitTornado
    [2011/07/27 05:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\.BitTornado
    [2006/06/09 16:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\.BitTornado
    [2011/08/11 08:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\.BitTornado
    
    :Files
    C:\Documents and Settings\Steve.MEZZROW-DC9E79F\Application Data\BabylonToolbar
    ipconfig /flushdns /c
    
    :Commands
    [emptyjava]
    [emptyflash] 
    [EMPTYTEMP]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, and click to allow the Reboot when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply.
    That is the FIX log file. It will also be available and named by timestamp here: C:\_OTL\Moved Files\mmddyyyy_hhmmss.log
---------------------------------------------------
So, In Your Reply, we will be looking for the following :
The contents of:
  • CKFiles.txt
  • The FIX log from OTL
  • Info about MS Office Professional Plus
Please feel free to use separate replies.

askey127
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑