Sponsored By

SCOTTY JOHNSON

Members
  • Content Count

    12
  • Joined

  • Last visited

About SCOTTY JOHNSON

  • Rank
    Member
  1. OTL logfile created on: 11/26/2013 11:53:20 AM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\ Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 447.48 Mb Total Physical Memory | 68.59 Mb Available Physical Memory | 15.33% Memory free 673.76 Mb Paging File | 64.76 Mb Available in Paging File | 9.61% Paging File free Paging file location(s): C:\pagefile.sys 288 576 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.03 Gb Total Space | 12.52 Gb Free Space | 39.09% Space Free | Partition Type: NTFS Drive H: | 5.26 Gb Total Space | 0.91 Gb Free Space | 17.25% Space Free | Partition Type: FAT32 Drive I: | 603.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 33.01 Gb Total Space | 19.06 Gb Free Space | 57.73% Space Free | Partition Type: NTFS Drive K: | 4.24 Gb Total Space | 0.69 Gb Free Space | 16.39% Space Free | Partition Type: FAT32 Drive M: | 3.72 Gb Total Space | 1.61 Gb Free Space | 43.16% Space Free | Partition Type: FAT32 Computer Name: OWNER-9F8387D1C | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days ========== Processes (SafeList) ========== PRC - [2013/11/26 11:52:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.com PRC - [2013/09/23 00:17:34 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe PRC - [2013/09/23 00:17:30 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe PRC - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe PRC - [2013/07/10 00:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe PRC - [2013/07/04 14:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe PRC - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/03/18 01:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe PRC - [2011/05/09 10:22:58 | 000,582,976 | ---- | M] (D-Link Corp.) -- C:\Program Files\D-Link\DWA-131\wirelesscm.exe PRC - [2009/08/06 11:19:17 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe PRC - [2008/09/18 19:11:19 | 001,529,856 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\ATT-SST\McciTrayApp.exe PRC - [2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/05/03 15:12:14 | 002,061,816 | ---- | M] (AT&T) -- C:\Program Files\AT&T\Internet Security Wizard\ISW.exe PRC - [2007/03/19 06:59:51 | 000,676,784 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctfax.exe PRC - [2007/03/19 06:59:49 | 000,304,048 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\fm3032.exe PRC - [2007/03/19 06:58:47 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxctcoms.exe PRC - [2007/03/19 06:58:20 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 5400 Series\ezprint.exe PRC - [2007/03/19 06:58:17 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe PRC - [2004/10/22 12:53:06 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe PRC - [1998/12/09 07:21:00 | 000,742,912 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\HPLRA.EXE ========== Modules (No Company Name) ========== MOD - [2011/01/07 13:27:26 | 000,262,144 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanDll.dll MOD - [2009/06/23 09:34:54 | 000,253,952 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanSup.dll MOD - [2009/01/23 10:54:34 | 000,212,992 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanCtl.dll MOD - [2008/06/27 09:10:30 | 000,118,784 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanWps.dll MOD - [2007/12/15 00:30:54 | 001,167,360 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\acAuth.dll MOD - [2007/03/19 06:59:51 | 000,676,784 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctfax.exe MOD - [2007/03/19 06:59:49 | 000,304,048 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\fm3032.exe MOD - [2007/03/19 06:58:17 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe MOD - [2007/02/15 08:51:51 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\iptk.dll MOD - [2007/01/17 19:25:06 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxctdrpp.dll MOD - [2007/01/10 08:41:58 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\lxctdrs.dll MOD - [2007/01/10 08:38:54 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctscw.dll MOD - [2006/10/18 00:41:28 | 000,978,944 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\faxctr.dll MOD - [2006/10/18 00:36:02 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\lxctpmon.dll MOD - [2006/10/17 23:34:12 | 000,024,576 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lexdlgs.dll MOD - [2006/10/17 23:30:50 | 000,053,248 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lexctrls.dll MOD - [2006/10/17 23:30:10 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ipcmt.dll MOD - [2006/08/14 11:17:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\lxctcaps.dll MOD - [2006/08/09 08:38:02 | 000,151,552 | R--- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll MOD - [2006/08/09 08:37:24 | 000,184,320 | R--- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll MOD - [2006/06/08 20:39:54 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctdrec.dll MOD - [2006/05/15 04:15:46 | 002,560,000 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ut.dll MOD - [2006/05/03 08:31:03 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\lxctcnv4.dll MOD - [2006/04/24 10:00:48 | 000,269,312 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\dtidb.dll MOD - [1998/12/09 07:21:00 | 000,192,000 | ---- | M] () -- C:\WINDOWS\system32\HPLREUSE.DLL ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3) SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe -- (SafePCRepair_89Service) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013/10/08 14:43:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2009/02/11 18:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-131\WLSVC.exe -- (WLSVC) SRV - [2007/03/19 06:58:47 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxctcoms.exe -- (lxct_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013/11/20 10:19:37 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx) DRV - [2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86) DRV - [2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2013/03/21 02:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX) DRV - [2012/02/10 15:36:44 | 001,173,992 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu) DRV - [2008/07/28 16:26:30 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2008/07/28 16:26:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2008/02/27 09:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WLNdis50.sys -- (WLNdis50) DRV - [2004/10/01 11:24:00 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2004/08/04 04:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2004/06/29 11:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [1998/12/09 07:21:00 | 000,034,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HplParNt.sys -- (HplParNt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKCU\..\URLSearchHook: {be823b8c-a7ec-4078-a321-0f8046cbb48a} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{4020153B-19DD-446F-A2F7-D99094AE3B4D}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@SafePCRepair_89.com/Plugin: C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]_89.com: C:\Program Files\SafePCRepair_89\bar\1.bin O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (Toolbar BHO) - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll File not found O2 - BHO: (Search Assistant BHO) - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found. O3 - HKLM\..\Toolbar: (SafePCRepair) - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKCU\..\Toolbar\WebBrowser: (SafePCRepair) - {A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not found O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Motive Communications, Inc.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [iSW.exe] C:\Program Files\AT&T\Internet Security Wizard\ISW.exe (AT&T) O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe () O4 - HKLM..\Run: [LXCTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.) O4 - HKLM..\Run: [lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe () O4 - HKLM..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF File not found O4 - HKLM..\Run: [RegAgent] C:\WINDOWS\HPLRA.EXE (Hewlett-Packard Co.) O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.) O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O15 - HKCU\..Trusted Domains: 0.0.0.0 ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/IWONBarInitialSetup1.0.1.1.cab (Reg Error: Key error.) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEF7C182-661E-4B75-AEAF-82C8F9C007D0}: DhcpNameServer = 10.0.0.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/08/25 12:01:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - H:\Autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2003/04/10 03:49:37 | 000,000,000 | ---- | M] () - J:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - K:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2002/09/11 04:02:32 | 000,000,045 | -HS- | M] () - K:\Autorun.inf -- [ FAT32 ] O33 - MountPoints2\{0dad5c12-fe0d-11e2-a220-0011d827593a}\Shell\AutoRun\command - "" = M:\setupSNK.exe O33 - MountPoints2\{af380e38-fbb5-11e2-a21e-0011d827593a}\Shell\AutoRun\command - "" = M:\SecureII\Windows\SecureII.exe O33 - MountPoints2\{b869c700-e08f-11e0-a0d1-0011d827593a}\Shell\AutoRun\command - "" = M:\RunClubSanDisk.exe O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell - "" = AutoRun O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a O33 - MountPoints2\{ff8f0458-d456-11e2-a202-0011d827593a}\Shell\AutoRun\command - "" = M:\setupSNK.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 180 Days ========== [2013/11/26 10:49:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.com [2013/11/22 11:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes [2013/11/22 11:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/11/22 11:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2013/11/22 11:10:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013/11/22 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/11/22 10:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013/11/22 10:25:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013/11/19 09:31:16 | 000,000,000 | ---D | C] -- C:\13-139 JAB.msj [2013/10/28 10:35:54 | 000,000,000 | ---D | C] -- C:\13-139 PARISH.msj [2013/10/23 07:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG [2013/10/11 15:10:29 | 000,000,000 | ---D | C] -- C:\13-137.msj [2013/07/30 12:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Nico Mak Computing [2013/07/30 07:44:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache [2013/07/16 16:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AVG [2013/07/16 16:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG [2013/07/16 15:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG [2013/07/16 15:57:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013/07/16 15:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013 [2013/07/16 15:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software [2013/07/16 15:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar [2013/07/16 15:09:45 | 000,000,000 | -H-D | C] -- C:\$AVG [2013/07/16 15:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013 [2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData [2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData [2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013 [2013/07/16 15:05:03 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/07/16 15:05:03 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/07/16 08:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG8UPG [2013/07/15 15:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar [2013/07/15 15:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar [2013/07/15 15:20:49 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013/07/15 15:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar [2013/07/15 15:14:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files [2013/07/15 15:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix [2013/07/15 15:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SmartPCFix [2013/07/15 15:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFix [2013/07/15 15:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads [2013/07/15 14:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\D-Link [2013/07/15 14:06:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pcidevice [2013/07/15 14:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\D-Link [2013/07/15 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\D-Link [2013/07/15 14:06:07 | 001,173,992 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\rtwlanu.sys [2013/07/01 11:38:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools [2013/06/25 14:22:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2013/06/24 15:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller [2013/06/13 12:35:04 | 000,000,000 | ---D | C] -- C:\13-101 [2013/06/13 12:22:24 | 000,000,000 | ---D | C] -- C:\13101.msj [2013/06/01 09:44:13 | 000,000,000 | ---D | C] -- C:\120502.msj [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] ========== Files - Modified Within 180 Days ========== [2013/11/26 11:52:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.com [2013/11/26 11:42:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/11/26 11:32:14 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics [2013/11/26 11:28:29 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2013/11/26 11:27:46 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\SmartPCFix Task.job [2013/11/26 11:27:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/11/26 08:24:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/11/25 15:01:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job [2013/11/22 13:02:16 | 000,006,285 | ---- | M] () -- C:\WINDOWS\mscad2004.ini [2013/11/22 13:02:09 | 000,111,958 | ---- | M] () -- C:\13-144 DEEDPLOT.msd [2013/11/22 13:02:09 | 000,029,867 | ---- | M] () -- C:\13-144 DEEDPLOT.flx [2013/11/22 11:11:08 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013/11/22 10:05:09 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\http--www.hoyt.com-assets-downloads-wallpaper-HoytI1280x800.jpg.url [2013/11/22 09:53:21 | 000,894,062 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BestTechie Forums.mht [2013/11/22 09:16:03 | 000,000,339 | ---- | M] () -- C:\WINDOWS\Map98.INI [2013/11/21 15:11:10 | 000,000,041 | ---- | M] () -- C:\WINDOWS\loc2.INI [2013/11/21 15:11:04 | 000,000,041 | ---- | M] () -- C:\WINDOWS\dmcPrefX.INI [2013/11/21 15:07:16 | 000,111,958 | ---- | M] () -- C:\13-144 DEEDPLOT.mbk [2013/11/21 15:07:16 | 000,029,870 | ---- | M] () -- C:\13-144 DEEDPLOT.BAK [2013/11/21 13:28:06 | 000,218,988 | ---- | M] () -- C:\13-139.flx [2013/11/21 13:28:06 | 000,069,917 | ---- | M] () -- C:\13-139.msd [2013/11/21 13:25:27 | 000,218,988 | ---- | M] () -- C:\13-139.BAK [2013/11/21 13:25:22 | 000,069,917 | ---- | M] () -- C:\13-139.mbk [2013/11/20 13:42:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job [2013/11/20 10:19:37 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2013/11/19 11:14:22 | 000,000,083 | ---- | M] () -- C:\WINDOWS\grideditor.INI [2013/11/19 10:14:52 | 000,056,271 | ---- | M] () -- C:\13-139 JAB.msd [2013/11/19 10:14:52 | 000,000,000 | ---- | M] () -- C:\13-139 JAB.flx [2013/11/19 10:14:39 | 000,217,152 | ---- | M] () -- C:\13-139 JAB.BAK [2013/11/19 10:14:39 | 000,056,271 | ---- | M] () -- C:\13-139 JAB.mbk [2013/11/19 08:56:01 | 000,146,965 | ---- | M] () -- C:\13-139 JAB.dwg [2013/11/18 13:02:52 | 000,081,240 | ---- | M] () -- C:\13-131.flx [2013/11/18 13:02:51 | 000,224,134 | ---- | M] () -- C:\13-131.msd [2013/11/15 07:39:24 | 000,081,240 | ---- | M] () -- C:\13-131.BAK [2013/11/15 07:39:23 | 000,224,134 | ---- | M] () -- C:\13-131.mbk [2013/11/12 12:34:36 | 000,064,223 | ---- | M] () -- C:\13-131.dwg [2013/11/07 11:19:11 | 000,380,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/11/07 11:19:11 | 000,052,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013/11/06 10:22:48 | 000,232,951 | ---- | M] () -- C:\13-123.msd [2013/11/06 10:22:48 | 000,070,226 | ---- | M] () -- C:\13-123.flx [2013/11/04 15:05:39 | 000,232,951 | ---- | M] () -- C:\13-123.mbk [2013/11/04 15:03:33 | 000,070,231 | ---- | M] () -- C:\13-123.BAK [2013/10/28 10:36:08 | 000,148,085 | ---- | M] () -- C:\13-139 PARISH.msd [2013/10/28 10:36:08 | 000,038,109 | ---- | M] () -- C:\13-139 PARISH.flx [2013/10/28 10:35:57 | 000,038,113 | ---- | M] () -- C:\13-139 PARISH.BAK [2013/10/23 14:25:03 | 000,148,085 | ---- | M] () -- C:\13-139 PARISH.mbk [2013/10/23 13:56:38 | 000,195,362 | ---- | M] () -- C:\13-138.msd [2013/10/23 13:56:38 | 000,034,689 | ---- | M] () -- C:\13-138.flx [2013/10/23 07:52:51 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk [2013/10/22 06:49:36 | 000,189,794 | ---- | M] () -- C:\13-138.mbk [2013/10/22 06:49:36 | 000,033,879 | ---- | M] () -- C:\13-138.BAK [2013/10/14 06:41:25 | 000,353,980 | ---- | M] () -- C:\13-137.msd [2013/10/14 06:41:25 | 000,090,343 | ---- | M] () -- C:\13-137.flx [2013/10/14 06:41:11 | 000,353,980 | ---- | M] () -- C:\13-137.mbk [2013/10/14 06:41:11 | 000,090,343 | ---- | M] () -- C:\13-137.BAK [2013/10/08 14:43:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013/10/08 14:43:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013/10/03 10:45:42 | 000,142,585 | ---- | M] () -- C:\13-130.msd [2013/10/03 10:45:42 | 000,027,368 | ---- | M] () -- C:\13-130.flx [2013/09/30 09:08:19 | 000,026,721 | ---- | M] () -- C:\13-130.BAK [2013/09/30 08:59:04 | 000,142,585 | ---- | M] () -- C:\13-130.mbk [2013/09/26 14:40:26 | 000,191,583 | ---- | M] () -- C:\RUSTIN.msd [2013/09/26 14:40:26 | 000,048,221 | ---- | M] () -- C:\RUSTIN.flx [2013/09/26 14:32:13 | 000,191,583 | ---- | M] () -- C:\RUSTIN.mbk [2013/09/26 14:32:13 | 000,048,221 | ---- | M] () -- C:\RUSTIN.BAK [2013/09/25 10:14:27 | 000,184,774 | ---- | M] () -- C:\120705.msd [2013/09/25 10:13:15 | 000,108,839 | ---- | M] () -- C:\GILKEY.msd [2013/09/25 10:13:15 | 000,044,132 | ---- | M] () -- C:\GILKEY.flx [2013/09/25 10:04:42 | 000,108,839 | ---- | M] () -- C:\GILKEY.mbk [2013/09/25 10:04:42 | 000,044,131 | ---- | M] () -- C:\GILKEY.BAK [2013/09/25 06:59:57 | 000,042,656 | ---- | M] () -- C:\13-126.flx [2013/09/25 06:59:53 | 000,263,499 | ---- | M] () -- C:\13-126.msd [2013/09/24 09:49:53 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Office Word 2003.lnk [2013/09/23 12:33:51 | 000,041,774 | ---- | M] () -- C:\13-126.BAK [2013/09/23 12:33:22 | 000,120,164 | ---- | M] () -- C:\13-119FARM.flx [2013/09/23 12:33:17 | 000,473,633 | ---- | M] () -- C:\13-119FARM.msd [2013/09/20 08:12:54 | 000,473,633 | ---- | M] () -- C:\13-119FARM.mbk [2013/09/20 08:12:54 | 000,120,168 | ---- | M] () -- C:\13-119FARM.BAK [2013/09/20 08:00:26 | 000,898,367 | ---- | M] () -- C:\13-119LOT.flx [2013/09/20 08:00:26 | 000,056,261 | ---- | M] () -- C:\13-119LOT.msd [2013/09/20 07:54:29 | 000,256,267 | ---- | M] () -- C:\13-126.mbk [2013/09/18 14:15:37 | 000,496,384 | ---- | M] () -- C:\120405.msd [2013/09/18 14:10:48 | 000,898,367 | ---- | M] () -- C:\13-119LOT.BAK [2013/09/18 14:10:48 | 000,056,261 | ---- | M] () -- C:\13-119LOT.mbk [2013/09/18 06:07:24 | 000,096,143 | ---- | M] () -- C:\13-119.flx [2013/09/18 06:07:23 | 000,404,215 | ---- | M] () -- C:\13-119.msd [2013/09/16 09:52:51 | 000,056,281 | ---- | M] () -- C:\13-119 FARM.msd [2013/09/16 09:52:51 | 000,013,872 | ---- | M] () -- C:\13-119 FARM.flx [2013/09/16 08:37:11 | 000,404,215 | ---- | M] () -- C:\13-119.mbk [2013/09/16 08:37:11 | 000,096,139 | ---- | M] () -- C:\13-119.BAK [2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys [2013/08/27 15:46:19 | 000,139,233 | ---- | M] () -- C:\KITCHENS.msd [2013/08/27 15:46:19 | 000,067,562 | ---- | M] () -- C:\KITCHENS.flx [2013/08/21 11:55:03 | 000,139,233 | ---- | M] () -- C:\KITCHENS.mbk [2013/08/21 11:53:55 | 000,067,566 | ---- | M] () -- C:\KITCHENS.BAK [2013/08/05 15:06:32 | 000,939,603 | ---- | M] () -- C:\BASIN.msd [2013/08/02 15:07:54 | 000,306,085 | ---- | M] () -- C:\BASIN.flx [2013/08/02 15:07:50 | 000,162,458 | ---- | M] () -- C:\BASIN.dwg [2013/08/02 15:07:49 | 000,939,603 | ---- | M] () -- C:\BASIN.mbk [2013/08/02 14:57:13 | 000,306,442 | ---- | M] () -- C:\BASIN.BAK [2013/07/30 09:12:32 | 000,288,930 | ---- | M] () -- C:\eaglecreek.msd [2013/07/30 09:12:16 | 000,113,480 | ---- | M] () -- C:\eaglecreek.flx [2013/07/30 09:09:34 | 000,288,930 | ---- | M] () -- C:\eaglecreek.mbk [2013/07/30 09:09:34 | 000,113,111 | ---- | M] () -- C:\eaglecreek.BAK [2013/07/30 07:57:55 | 000,063,198 | ---- | M] () -- C:\eaglecreek.dwg [2013/07/30 07:57:53 | 000,056,281 | ---- | M] () -- C:\13-103 JOSH.msd [2013/07/22 16:56:55 | 000,135,324 | ---- | M] () -- C:\13-103 JOSH.flx [2013/07/22 16:18:58 | 000,135,324 | ---- | M] () -- C:\13-103 JOSH.BAK [2013/07/22 16:18:58 | 000,056,281 | ---- | M] () -- C:\13-103 JOSH.mbk [2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys [2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys [2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys [2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2013/07/16 08:56:05 | 073,944,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2013/07/15 15:35:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/07/15 15:12:32 | 001,160,856 | ---- | M] () -- C:\google_earth_setup.exe [2013/07/15 14:13:04 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet.lnk [2013/07/15 14:06:38 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2013/07/15 14:06:38 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Wireless Connection Manager.lnk [2013/07/14 13:11:11 | 000,354,715 | ---- | M] () -- C:\13-103.msd [2013/07/09 14:05:59 | 000,871,025 | ---- | M] () -- C:\110101.msd [2013/07/09 14:05:59 | 000,121,210 | ---- | M] () -- C:\110101.flx [2013/07/09 13:57:27 | 000,871,025 | ---- | M] () -- C:\110101.mbk [2013/07/09 13:57:27 | 000,121,210 | ---- | M] () -- C:\110101.BAK [2013/07/09 13:26:42 | 000,178,691 | ---- | M] () -- C:\120405.flx [2013/07/09 13:21:20 | 000,496,384 | ---- | M] () -- C:\120405.mbk [2013/07/09 13:21:20 | 000,178,691 | ---- | M] () -- C:\120405.BAK [2013/07/09 10:59:59 | 000,121,426 | ---- | M] () -- C:\13-103.flx [2013/07/09 10:51:58 | 000,354,715 | ---- | M] () -- C:\13-103.mbk [2013/07/09 10:51:58 | 000,121,426 | ---- | M] () -- C:\13-103.BAK [2013/07/03 11:55:21 | 000,351,307 | ---- | M] () -- C:\13-106.msd [2013/07/01 14:42:19 | 000,008,227 | ---- | M] () -- C:\120405.CR5 [2013/07/01 14:38:16 | 000,138,027 | ---- | M] () -- C:\prow composite.msd [2013/07/01 14:38:16 | 000,035,561 | ---- | M] () -- C:\prow composite.flx [2013/07/01 14:28:56 | 000,138,027 | ---- | M] () -- C:\prow composite.mbk [2013/07/01 14:28:56 | 000,035,561 | ---- | M] () -- C:\prow composite.BAK [2013/07/01 10:58:13 | 000,117,763 | ---- | M] () -- C:\13-106.flx [2013/07/01 10:58:10 | 000,351,307 | ---- | M] () -- C:\13-106.mbk [2013/07/01 10:58:10 | 000,117,763 | ---- | M] () -- C:\13-106.BAK [2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2013/06/27 15:10:48 | 000,659,614 | ---- | M] () -- C:\jent sub.flx [2013/06/27 15:10:48 | 000,489,562 | ---- | M] () -- C:\jent sub.msd [2013/06/27 14:53:46 | 000,659,614 | ---- | M] () -- C:\jent sub.BAK [2013/06/27 14:53:46 | 000,489,562 | ---- | M] () -- C:\jent sub.mbk [2013/06/27 08:34:06 | 000,472,573 | ---- | M] () -- C:\13-101 Boundary2.msd [2013/06/27 08:34:06 | 000,185,603 | ---- | M] () -- C:\13-101 Boundary2.flx [2013/06/27 08:12:41 | 000,472,573 | ---- | M] () -- C:\13-101 Boundary2.mbk [2013/06/27 08:12:41 | 000,185,597 | ---- | M] () -- C:\13-101 Boundary2.BAK [2013/06/26 08:18:24 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg [2013/06/26 08:18:24 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg [2013/06/26 08:18:17 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2013/06/26 08:02:20 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/06/25 11:44:38 | 000,233,337 | ---- | M] () -- C:\13-105.msd [2013/06/25 11:44:13 | 000,047,626 | ---- | M] () -- C:\13-105.flx [2013/06/25 11:44:07 | 000,233,337 | ---- | M] () -- C:\13-105.mbk [2013/06/25 11:44:07 | 000,047,626 | ---- | M] () -- C:\13-105.BAK [2013/06/24 15:47:37 | 000,161,907 | ---- | M] () -- C:\13-102.flx [2013/06/24 15:47:37 | 000,056,231 | ---- | M] () -- C:\13-102.msd [2013/06/24 15:32:23 | 000,161,912 | ---- | M] () -- C:\13-102.BAK [2013/06/24 15:32:23 | 000,056,231 | ---- | M] () -- C:\13-102.mbk [2013/06/21 14:41:57 | 000,455,279 | ---- | M] () -- C:\120801.msd [2013/06/21 14:39:13 | 000,311,058 | ---- | M] () -- C:\120801.flx [2013/06/20 14:49:04 | 000,004,363 | ---- | M] () -- C:\Drawing_0.flx [2013/06/20 06:07:33 | 000,147,303 | ---- | M] () -- C:\QUALITY BORDER.flx [2013/06/20 06:07:32 | 000,467,461 | ---- | M] () -- C:\QUALITY BORDER.msd [2013/06/20 06:07:23 | 000,467,461 | ---- | M] () -- C:\QUALITY BORDER.mbk [2013/06/20 06:07:23 | 000,147,302 | ---- | M] () -- C:\QUALITY BORDER.BAK [2013/06/17 12:27:14 | 000,424,541 | ---- | M] () -- C:\13-101 Boundary.msd [2013/06/17 12:25:24 | 000,140,836 | ---- | M] () -- C:\13-101 Boundary.flx [2013/06/17 11:41:18 | 000,424,541 | ---- | M] () -- C:\13-101 Boundary.mbk [2013/06/17 11:36:12 | 000,140,798 | ---- | M] () -- C:\13-101 Boundary.BAK [2013/06/17 06:57:35 | 000,055,821 | ---- | M] () -- C:\TITLE BLOCK.flx [2013/06/17 06:57:34 | 000,270,646 | ---- | M] () -- C:\TITLE BLOCK.msd [2013/06/17 06:48:39 | 000,088,511 | ---- | M] () -- C:\13-101.flx [2013/06/17 06:48:38 | 000,341,552 | ---- | M] () -- C:\13-101.msd [2013/06/17 06:34:36 | 000,341,552 | ---- | M] () -- C:\13-101.mbk [2013/06/17 06:34:36 | 000,088,515 | ---- | M] () -- C:\13-101.BAK [2013/06/13 12:41:42 | 000,008,654 | ---- | M] () -- C:\13-101.dwg [2013/06/13 12:26:17 | 000,216,479 | ---- | M] () -- C:\13101.msd [2013/06/13 12:26:17 | 000,035,534 | ---- | M] () -- C:\13101.flx [2013/06/13 12:24:53 | 000,216,479 | ---- | M] () -- C:\13101.mbk [2013/06/13 12:24:53 | 000,035,391 | ---- | M] () -- C:\13101.BAK [2013/06/10 12:16:32 | 000,807,924 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PICT0046.JPG [2013/06/10 09:57:00 | 000,215,074 | ---- | M] () -- C:\101202.msd [2013/06/10 09:57:00 | 000,063,638 | ---- | M] () -- C:\101202.flx [2013/06/10 08:23:28 | 000,063,555 | ---- | M] () -- C:\121002.flx [2013/06/10 06:20:40 | 000,213,472 | ---- | M] () -- C:\121002.msd [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/11/22 11:11:08 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2013/11/22 10:05:08 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\http--www.hoyt.com-assets-downloads-wallpaper-HoytI1280x800.jpg.url [2013/11/22 09:53:10 | 000,894,062 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BestTechie Forums.mht [2013/11/21 13:32:01 | 000,111,958 | ---- | C] () -- C:\13-144 DEEDPLOT.msd [2013/11/21 13:32:01 | 000,111,958 | ---- | C] () -- C:\13-144 DEEDPLOT.mbk [2013/11/21 13:29:34 | 000,029,870 | ---- | C] () -- C:\13-144 DEEDPLOT.BAK [2013/11/21 13:29:34 | 000,029,867 | ---- | C] () -- C:\13-144 DEEDPLOT.flx [2013/11/19 10:24:37 | 000,069,917 | ---- | C] () -- C:\13-139.msd [2013/11/19 10:24:37 | 000,069,917 | ---- | C] () -- C:\13-139.mbk [2013/11/19 10:24:31 | 000,218,988 | ---- | C] () -- C:\13-139.flx [2013/11/19 10:24:31 | 000,218,988 | ---- | C] () -- C:\13-139.BAK [2013/11/19 08:56:00 | 000,146,965 | ---- | C] () -- C:\13-139 JAB.dwg [2013/11/18 14:35:01 | 000,217,152 | ---- | C] () -- C:\13-139 JAB.BAK [2013/11/18 14:35:01 | 000,056,271 | ---- | C] () -- C:\13-139 JAB.msd [2013/11/18 14:35:01 | 000,056,271 | ---- | C] () -- C:\13-139 JAB.mbk [2013/11/18 14:35:01 | 000,000,000 | ---- | C] () -- C:\13-139 JAB.flx [2013/11/12 12:34:33 | 000,064,223 | ---- | C] () -- C:\13-131.dwg [2013/11/06 10:56:25 | 000,224,134 | ---- | C] () -- C:\13-131.msd [2013/11/06 10:56:25 | 000,224,134 | ---- | C] () -- C:\13-131.mbk [2013/11/06 10:56:25 | 000,081,240 | ---- | C] () -- C:\13-131.flx [2013/11/04 14:21:43 | 000,232,951 | ---- | C] () -- C:\13-123.msd [2013/11/04 14:21:43 | 000,232,951 | ---- | C] () -- C:\13-123.mbk [2013/11/04 14:21:43 | 000,070,231 | ---- | C] () -- C:\13-123.BAK [2013/11/04 14:21:43 | 000,070,226 | ---- | C] () -- C:\13-123.flx [2013/10/25 13:27:49 | 000,081,240 | ---- | C] () -- C:\13-131.BAK [2013/10/23 14:05:40 | 000,148,085 | ---- | C] () -- C:\13-139 PARISH.msd [2013/10/23 14:05:40 | 000,148,085 | ---- | C] () -- C:\13-139 PARISH.mbk [2013/10/23 13:59:24 | 000,038,113 | ---- | C] () -- C:\13-139 PARISH.BAK [2013/10/23 13:59:24 | 000,038,109 | ---- | C] () -- C:\13-139 PARISH.flx [2013/10/21 14:33:08 | 000,034,689 | ---- | C] () -- C:\13-138.flx [2013/10/21 14:33:08 | 000,033,879 | ---- | C] () -- C:\13-138.BAK [2013/10/21 14:33:07 | 000,195,362 | ---- | C] () -- C:\13-138.msd [2013/10/21 14:33:07 | 000,189,794 | ---- | C] () -- C:\13-138.mbk [2013/10/11 11:29:18 | 000,353,980 | ---- | C] () -- C:\13-137.msd [2013/10/11 11:29:18 | 000,353,980 | ---- | C] () -- C:\13-137.mbk [2013/10/11 11:29:18 | 000,090,343 | ---- | C] () -- C:\13-137.flx [2013/10/11 11:29:18 | 000,090,343 | ---- | C] () -- C:\13-137.BAK [2013/09/30 08:18:20 | 000,142,585 | ---- | C] () -- C:\13-130.msd [2013/09/30 08:18:20 | 000,142,585 | ---- | C] () -- C:\13-130.mbk [2013/09/30 08:18:20 | 000,027,368 | ---- | C] () -- C:\13-130.flx [2013/09/30 08:18:20 | 000,026,721 | ---- | C] () -- C:\13-130.BAK [2013/09/26 12:12:02 | 000,191,583 | ---- | C] () -- C:\RUSTIN.msd [2013/09/26 12:12:02 | 000,191,583 | ---- | C] () -- C:\RUSTIN.mbk [2013/09/26 12:12:02 | 000,048,221 | ---- | C] () -- C:\RUSTIN.flx [2013/09/26 12:12:02 | 000,048,221 | ---- | C] () -- C:\RUSTIN.BAK [2013/09/25 08:13:24 | 000,108,839 | ---- | C] () -- C:\GILKEY.msd [2013/09/25 08:13:24 | 000,108,839 | ---- | C] () -- C:\GILKEY.mbk [2013/09/25 08:02:11 | 000,044,132 | ---- | C] () -- C:\GILKEY.flx [2013/09/25 08:02:11 | 000,044,131 | ---- | C] () -- C:\GILKEY.BAK [2013/09/20 06:10:49 | 000,263,499 | ---- | C] () -- C:\13-126.msd [2013/09/20 06:10:49 | 000,256,267 | ---- | C] () -- C:\13-126.mbk [2013/09/20 06:10:49 | 000,042,656 | ---- | C] () -- C:\13-126.flx [2013/09/20 06:10:49 | 000,041,774 | ---- | C] () -- C:\13-126.BAK [2013/09/18 13:40:18 | 000,056,261 | ---- | C] () -- C:\13-119LOT.msd [2013/09/18 13:40:18 | 000,056,261 | ---- | C] () -- C:\13-119LOT.mbk [2013/09/18 13:40:17 | 000,898,367 | ---- | C] () -- C:\13-119LOT.flx [2013/09/18 13:40:17 | 000,898,367 | ---- | C] () -- C:\13-119LOT.BAK [2013/09/16 09:52:51 | 000,056,281 | ---- | C] () -- C:\13-119 FARM.msd [2013/09/16 09:52:51 | 000,013,872 | ---- | C] () -- C:\13-119 FARM.flx [2013/09/16 08:46:48 | 000,473,633 | ---- | C] () -- C:\13-119FARM.msd [2013/09/16 08:46:48 | 000,473,633 | ---- | C] () -- C:\13-119FARM.mbk [2013/09/16 08:42:55 | 000,120,168 | ---- | C] () -- C:\13-119FARM.BAK [2013/09/16 08:42:55 | 000,120,164 | ---- | C] () -- C:\13-119FARM.flx [2013/08/27 16:04:47 | 000,404,215 | ---- | C] () -- C:\13-119.msd [2013/08/27 16:04:47 | 000,404,215 | ---- | C] () -- C:\13-119.mbk [2013/08/27 15:48:36 | 000,096,143 | ---- | C] () -- C:\13-119.flx [2013/08/27 15:48:36 | 000,096,139 | ---- | C] () -- C:\13-119.BAK [2013/08/02 15:07:49 | 000,162,458 | ---- | C] () -- C:\BASIN.dwg [2013/08/02 14:57:13 | 000,939,603 | ---- | C] () -- C:\BASIN.msd [2013/08/02 14:57:13 | 000,939,603 | ---- | C] () -- C:\BASIN.mbk [2013/08/02 14:57:13 | 000,306,442 | ---- | C] () -- C:\BASIN.BAK [2013/08/02 14:57:13 | 000,306,085 | ---- | C] () -- C:\BASIN.flx [2013/07/31 13:24:21 | 000,067,566 | ---- | C] () -- C:\KITCHENS.BAK [2013/07/31 13:24:21 | 000,067,562 | ---- | C] () -- C:\KITCHENS.flx [2013/07/31 13:24:20 | 000,139,233 | ---- | C] () -- C:\KITCHENS.msd [2013/07/31 13:24:20 | 000,139,233 | ---- | C] () -- C:\KITCHENS.mbk [2013/07/30 12:42:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job [2013/07/30 12:42:49 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job [2013/07/30 08:01:12 | 000,113,480 | ---- | C] () -- C:\eaglecreek.flx [2013/07/30 08:01:12 | 000,113,111 | ---- | C] () -- C:\eaglecreek.BAK [2013/07/30 07:57:53 | 000,288,930 | ---- | C] () -- C:\eaglecreek.msd [2013/07/30 07:57:53 | 000,288,930 | ---- | C] () -- C:\eaglecreek.mbk [2013/07/30 07:57:53 | 000,063,198 | ---- | C] () -- C:\eaglecreek.dwg [2013/07/16 15:12:43 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk [2013/07/16 15:05:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/07/15 15:14:16 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\SmartPCFix Task.job [2013/07/15 15:12:08 | 001,160,856 | ---- | C] () -- C:\google_earth_setup.exe [2013/07/15 14:13:04 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet.lnk [2013/07/15 14:06:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2013/07/15 14:06:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Wireless Connection Manager.lnk [2013/07/15 14:06:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys [2013/07/15 14:06:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys [2013/07/15 14:06:35 | 000,010,667 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.cat [2013/07/15 14:06:35 | 000,001,593 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.inf [2013/07/15 11:53:12 | 000,056,281 | ---- | C] () -- C:\13-103 JOSH.msd [2013/07/15 11:53:12 | 000,056,281 | ---- | C] () -- C:\13-103 JOSH.mbk [2013/07/15 11:52:59 | 000,135,324 | ---- | C] () -- C:\13-103 JOSH.flx [2013/07/15 11:52:59 | 000,135,324 | ---- | C] () -- C:\13-103 JOSH.BAK [2013/07/03 11:55:21 | 000,354,715 | ---- | C] () -- C:\13-103.msd [2013/07/03 11:55:21 | 000,354,715 | ---- | C] () -- C:\13-103.mbk [2013/07/03 11:55:21 | 000,121,426 | ---- | C] () -- C:\13-103.flx [2013/07/03 11:55:21 | 000,121,426 | ---- | C] () -- C:\13-103.BAK [2013/07/01 14:41:15 | 000,008,227 | ---- | C] () -- C:\120405.CR5 [2013/07/01 11:53:37 | 000,138,027 | ---- | C] () -- C:\prow composite.msd [2013/07/01 11:53:37 | 000,138,027 | ---- | C] () -- C:\prow composite.mbk [2013/07/01 11:53:37 | 000,035,561 | ---- | C] () -- C:\prow composite.flx [2013/07/01 11:53:37 | 000,035,561 | ---- | C] () -- C:\prow composite.BAK [2013/06/25 11:44:38 | 000,351,307 | ---- | C] () -- C:\13-106.msd [2013/06/25 11:44:38 | 000,351,307 | ---- | C] () -- C:\13-106.mbk [2013/06/25 11:44:38 | 000,117,763 | ---- | C] () -- C:\13-106.flx [2013/06/25 11:44:38 | 000,117,763 | ---- | C] () -- C:\13-106.BAK [2013/06/25 10:25:50 | 000,233,337 | ---- | C] () -- C:\13-105.msd [2013/06/25 10:25:50 | 000,233,337 | ---- | C] () -- C:\13-105.mbk [2013/06/25 10:25:50 | 000,047,626 | ---- | C] () -- C:\13-105.flx [2013/06/25 10:25:50 | 000,047,626 | ---- | C] () -- C:\13-105.BAK [2013/06/21 14:41:57 | 000,659,614 | ---- | C] () -- C:\jent sub.flx [2013/06/21 14:41:57 | 000,659,614 | ---- | C] () -- C:\jent sub.BAK [2013/06/21 14:41:57 | 000,489,562 | ---- | C] () -- C:\jent sub.msd [2013/06/21 14:41:57 | 000,489,562 | ---- | C] () -- C:\jent sub.mbk [2013/06/20 06:29:50 | 000,056,231 | ---- | C] () -- C:\13-102.msd [2013/06/20 06:29:50 | 000,056,231 | ---- | C] () -- C:\13-102.mbk [2013/06/20 06:29:49 | 000,161,912 | ---- | C] () -- C:\13-102.BAK [2013/06/20 06:29:49 | 000,161,907 | ---- | C] () -- C:\13-102.flx [2013/06/20 06:06:51 | 000,467,461 | ---- | C] () -- C:\QUALITY BORDER.msd [2013/06/20 06:06:51 | 000,467,461 | ---- | C] () -- C:\QUALITY BORDER.mbk [2013/06/20 06:06:51 | 000,147,303 | ---- | C] () -- C:\QUALITY BORDER.flx [2013/06/20 06:06:51 | 000,147,302 | ---- | C] () -- C:\QUALITY BORDER.BAK [2013/06/17 11:41:18 | 000,472,573 | ---- | C] () -- C:\13-101 Boundary2.msd [2013/06/17 11:41:18 | 000,472,573 | ---- | C] () -- C:\13-101 Boundary2.mbk [2013/06/17 11:41:18 | 000,185,603 | ---- | C] () -- C:\13-101 Boundary2.flx [2013/06/17 11:41:18 | 000,185,597 | ---- | C] () -- C:\13-101 Boundary2.BAK [2013/06/17 06:36:02 | 000,424,541 | ---- | C] () -- C:\13-101 Boundary.msd [2013/06/17 06:36:02 | 000,424,541 | ---- | C] () -- C:\13-101 Boundary.mbk [2013/06/17 06:36:01 | 000,140,836 | ---- | C] () -- C:\13-101 Boundary.flx [2013/06/17 06:36:01 | 000,140,798 | ---- | C] () -- C:\13-101 Boundary.BAK [2013/06/13 12:42:58 | 000,341,552 | ---- | C] () -- C:\13-101.msd [2013/06/13 12:42:58 | 000,341,552 | ---- | C] () -- C:\13-101.mbk [2013/06/13 12:42:58 | 000,088,515 | ---- | C] () -- C:\13-101.BAK [2013/06/13 12:42:58 | 000,088,511 | ---- | C] () -- C:\13-101.flx [2013/06/13 12:41:40 | 000,008,654 | ---- | C] () -- C:\13-101.dwg [2013/06/10 06:20:40 | 000,216,479 | ---- | C] () -- C:\13101.msd [2013/06/10 06:20:40 | 000,216,479 | ---- | C] () -- C:\13101.mbk [2013/06/10 06:20:40 | 000,035,534 | ---- | C] () -- C:\13101.flx [2013/06/10 06:20:40 | 000,035,391 | ---- | C] () -- C:\13101.BAK [2009/12/01 15:51:19 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/09/29 15:32:07 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat ========== ZeroAccess Check ========== [2008/08/29 13:47:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2006/09/23 13:12:50 | 001,497,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:01:53 | 000,473,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 04:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2008/08/29 12:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5400 Series [2009/03/09 15:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T [2009/07/20 12:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar [2013/07/16 16:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG [2013/10/22 06:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar [2013/07/16 15:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013 [2013/07/15 15:14:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2013/07/15 14:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\D-Link [2013/11/26 08:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2009/02/10 15:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetZero [2013/07/16 15:57:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2009/02/13 12:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\5400 Series [2009/03/09 15:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AT&T [2009/04/06 10:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ATTToolbar [2013/07/16 16:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG [2013/07/15 15:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar [2013/07/16 15:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013 [2013/06/24 15:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller [2013/10/07 07:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nico Mak Computing [2013/07/15 15:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix [2013/07/16 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software ========== Purity Check ========== < End of report >
  2. OTL Extras logfile created on: 11/26/2013 10:51:34 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\ Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 447.48 Mb Total Physical Memory | 77.66 Mb Available Physical Memory | 17.36% Memory free 858.76 Mb Paging File | 265.33 Mb Available in Paging File | 30.90% Paging File free Paging file location(s): C:\pagefile.sys 288 576 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 32.03 Gb Total Space | 12.36 Gb Free Space | 38.58% Space Free | Partition Type: NTFS Drive H: | 5.26 Gb Total Space | 0.91 Gb Free Space | 17.25% Space Free | Partition Type: FAT32 Drive I: | 603.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive J: | 33.01 Gb Total Space | 19.06 Gb Free Space | 57.73% Space Free | Partition Type: NTFS Drive K: | 4.24 Gb Total Space | 0.69 Gb Free Space | 16.39% Space Free | Partition Type: FAT32 Drive M: | 3.72 Gb Total Space | 1.61 Gb Free Space | 43.16% Space Free | Partition Type: FAT32 Computer Name: OWNER-9F8387D1C | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.) "C:\Program Files\ATT-HSI\McciBrowser.exe" = C:\Program Files\ATT-HSI\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\WINDOWS\system32\lxctcoms.exe" = C:\WINDOWS\system32\lxctcoms.exe:*:Enabled:Lexmark Communications System -- ( ) "C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar "{21999F55-6F63-4FAB-9172-423355DC656D}" = HP Designjet 500-800 series FUU "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 15 "{2B43252C-A1E3-4C47-927C-9F2C276D3515}" = S3GSetup "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{6280C3D1-00A3-4E79-BDF6-98332A29B706}" = AVG 2013 "{69B02159-7622-4DBB-B9EE-F933039830AD}" = QuickBooks Pro 2006 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{729ACA18-2122-4DDF-834C-25BBBBD3526E}" = AVG 2013 "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{98B82958-1DCA-4504-BE88-C91F1C7A7225}" = D-Link DWA-131 Wireless N Nano USB Adapter "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{DDCFFF84-3DC3-472C-9308-37C5E9D11310}" = MicroSurvey CAD2004 SP6 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{FB03A941-815E-42F2-B604-FCE5636DB90B}" = AVG PC TuneUp Language Pack (en-US) "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio "3-D TopoQuads" = 3-D TopoQuads "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Agere Systems Soft Modem" = Agere Systems PCI Soft Modem "ATT-SST" = AT&T Self Support Tool "ATTToolbar" = AT&T Toolbar "AVG" = AVG 2013 "AVG SafeGuard toolbar" = AVG SafeGuard toolbar "Google Updater" = Google Updater "HP DesignJet ToolBox" = HP DesignJet ToolBox "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "Lexmark 5400 Series" = Lexmark 5400 Series "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "MSNINST" = MSN "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "RadialpointClientGateway_is1" = AT&T Internet Security Wizard 1.5.11 "S3" = VIA/S3G Display Driver "SafePCRepair_89bar Uninstall Firefox" = SafePCRepair Firefox Toolbar "SafePCRepair_89bar Uninstall Internet Explorer" = SafePCRepair Internet Explorer Toolbar "SmartPCFix_is1" = SmartPCFix 3.09 "VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter "VTDisplay" = S3 S3Display "VTGamma2" = S3 S3Gamma2 "VTInfo2" = S3 S3Info2 "VTOverlay" = S3 S3Overlay "Yahoo! Mail" = AT&T Yahoo! Internet Mail "YInstHelper" = Yahoo! Install Manager ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 10/11/2013 3:07:26 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application wmplayer.exe, version 9.0.0.3250, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 10/22/2013 9:10:47 AM | Computer Name = OWNER-9F8387D1C | Source = Application Error | ID = 1000 Description = Faulting application googleearth.exe, version 7.1.1.1888, faulting module kernel32.dll, version 5.1.2600.3541, fault address 0x00012a6b. Error - 10/28/2013 12:59:51 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 10/28/2013 12:59:55 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 10/28/2013 12:59:55 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 10/28/2013 12:59:55 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 11/18/2013 4:27:29 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 11/19/2013 10:47:40 AM | Computer Name = OWNER-9F8387D1C | Source = Application Error | ID = 1000 Description = Faulting application mscad2004.exe, version 2004.0.0.1, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x00011dc5. Error - 11/19/2013 12:15:30 PM | Computer Name = OWNER-9F8387D1C | Source = Application Error | ID = 1000 Description = Faulting application mscad2004.exe, version 2004.0.0.1, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x00010c90. Error - 11/26/2013 11:51:05 AM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002 Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. [ System Events ] Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:07 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:07 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 Error - 11/26/2013 12:32:07 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023 Description = The Application Management service terminated with the following error: %%126 [ TuneUp Events ] Error - 9/30/2013 8:52:55 AM | Computer Name = OWNER-9F8387D1C | Source = TuneUp.UtilitiesSvc | ID = 300 Description = < End of report >
  3. Results of screen317's Security Check version 0.99.77 Windows XP Service Pack 2 x86 Out of date service pack!! Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! AVG 2013 AVG SafeGuard toolbar AVG 2013 AVG PC TuneUp Language Pack (en-US) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 AVG PC TuneUp Language Pack (en-US) Java 6 Update 15 Java version out of Date! Mozilla Firefox (Toolbar.) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 6% ````````````````````End of Log``````````````````````
  4. Results of screen317's Security Check version 0.99.77 Windows XP Service Pack 2 x86 Out of date service pack!! Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! AVG 2013 AVG SafeGuard toolbar AVG 2013 AVG PC TuneUp Language Pack (en-US) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 AVG PC TuneUp Language Pack (en-US) Java 6 Update 15 Java version out of Date! Mozilla Firefox (Toolbar.) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 6% ````````````````````End of Log``````````````````````
  5. google earth removed. thanks flashh4.
  6. Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.22.09 Windows XP Service Pack 2 x86 NTFS Internet Explorer 7.0.5730.13 Owner :: OWNER-9F8387D1C [administrator] Protection: Enabled 11/22/2013 12:02:08 PM mbam-log-2013-11-22 (12-02-08).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 200519 Time elapsed: 23 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 15 HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.Optional.FunWebProducts.A) -> No action taken. HKCR\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKCR\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\TypeLib\{014C4232-6904-47B9-9144-7E0FB7277444} (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\Interface\{0AB02D6C-F605-425F-B7CB-B9E96C9FAF1E} (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\GamevanceText.Linker.1 (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\GamevanceText.Linker (Adware.GameVance) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully. HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully. HKCU\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully. Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Gamevance (Adware.Gamevance) -> Data: C:\Program Files\Gamevance\gamevance32.exe a -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully. Files Detected: 4 C:\google_earth_setup.exe (PUP.Optional.Soft32.A) -> No action taken. C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully. C:\Program Files\Gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully. C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully. (end)
  7. yes still need help. virtual memory low aswell.
  8. lost malware during reboot. we can try again monday. thanks seems to be better.
  9. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Microsoft Windows XP x86 Ran by Owner on Fri 11/22/2013 at 10:49:00.43 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE2A} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE2B} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8684a7c7-3ade-4208-ad43-ad57a1af352c} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8684a7c7-3ade-4208-ad43-ad57a1af352c} ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 11/22/2013 at 10:58:03.29 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. # AdwCleaner v3.012 - Report created 22/11/2013 at 10:27:49 # Updated 11/11/2013 by Xplode # Operating System : Microsoft Windows XP Service Pack 2 (32 bits) # Username : Owner - OWNER-9F8387D1C # Running from : C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\RPN0GUXN\adwcleaner[1].exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : MyWebSearchService ***** [ Files / Folders ] ***** Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia Folder Deleted : C:\Program Files\FunWebProducts Folder Deleted : C:\Program Files\MyWebSearch Folder Deleted : C:\Program Files\SafePCRepair [!] Folder Deleted : C:\Program Files\SafePCRepair_89 Folder Deleted : C:\Program Files\WebCake Folder Deleted : C:\Program Files\Common Files\AVG Secure Search Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\iac Folder Deleted : C:\Documents and Settings\Owner\Application Data\SafePCRepair_89 File Deleted : C:\WINDOWS\system32\f3PSSavr.scr File Deleted : C:\WINDOWS\system32\roboot.exe File Deleted : C:\Program Files\Mozilla Firefox\Components\AskSearch.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1 Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1 Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1 Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1 Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1 Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [safePCRepair Search Scope Monitor] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [safePCRepair_89 Browser Plugin Loader] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07B18EA9-A523-4961-B6BB-170DE4475CCA}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}] Key Deleted : HKCU\Software\FunWebProducts Key Deleted : HKCU\Software\MyWebSearch Key Deleted : HKCU\Software\WEDLMNGR Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKLM\Software\AskBarDis Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\FocusInteractive Key Deleted : HKLM\Software\Fun Web Products Key Deleted : HKLM\Software\FunWebProducts Key Deleted : HKLM\Software\MyWebSearch Key Deleted : HKLM\Software\Tarma Installer Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall ***** [ Browsers ] ***** -\\ Internet Explorer v7.0.6000.17055 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] ************************* AdwCleaner[R0].txt - [21904 octets] - [22/11/2013 10:25:48] AdwCleaner[s0].txt - [22255 octets] - [22/11/2013 10:27:49] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22316 octets] ##########
  11. SLOW COMPUTER, RUNNING CADD PROGRAMS COMPUTER CRASHES OR LOCKS UP WITH DAILY USE. INTERNET AND GOOGLE EARTH DO THE SAME. THESE R THE MAIN PROGRAMS I USE AND CONSTANTLY HAVE PROBLEMS. THANKS FOR ANY HELP!!