Sponsored By

Sign in to follow this  
SCOTTY JOHNSON

SLOW COMPUTER

Recommended Posts

SLOW COMPUTER, RUNNING CADD PROGRAMS COMPUTER CRASHES OR LOCKS UP WITH DAILY USE.  INTERNET AND GOOGLE EARTH DO THE SAME.  THESE R THE MAIN PROGRAMS I USE AND CONSTANTLY HAVE PROBLEMS.  THANKS FOR ANY HELP!!

Share this post


Link to post
Share on other sites

Howdy and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.


    * Double-click  mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to  Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware, then click  Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select  Perform quick scan, then click Scan.

mbam-1.jpg


When the scan is complete, click  OK, then  Show Results to view the results.

scan-finished.jpg

    *  Then click  Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Or via the Logs tab when the application is started.



Please don't attach the scans / logs, use "copy/paste".


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log

 

Thanks
Chuck

Share this post


Link to post
Share on other sites

# AdwCleaner v3.012 - Report created 22/11/2013 at 10:27:49
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Owner - OWNER-9F8387D1C
# Running from : C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\RPN0GUXN\adwcleaner[1].exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : MyWebSearchService

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Program Files\FunWebProducts
Folder Deleted : C:\Program Files\MyWebSearch
Folder Deleted : C:\Program Files\SafePCRepair
[!] Folder Deleted : C:\Program Files\SafePCRepair_89
Folder Deleted : C:\Program Files\WebCake
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\iac
Folder Deleted : C:\Documents and Settings\Owner\Application Data\SafePCRepair_89
File Deleted : C:\WINDOWS\system32\f3PSSavr.scr
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Program Files\Mozilla Firefox\Components\AskSearch.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [safePCRepair Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [safePCRepair_89 Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Key Deleted : HKCU\Software\FunWebProducts
Key Deleted : HKCU\Software\MyWebSearch
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AskBarDis
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\FocusInteractive
Key Deleted : HKLM\Software\Fun Web Products
Key Deleted : HKLM\Software\FunWebProducts
Key Deleted : HKLM\Software\MyWebSearch
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.17055

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

*************************

AdwCleaner[R0].txt - [21904 octets] - [22/11/2013 10:25:48]
AdwCleaner[s0].txt - [22255 octets] - [22/11/2013 10:27:49]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [22316 octets] ##########

Share this post


Link to post
Share on other sites

Scotty, that cleaned a bunch of junk & one bad program that we will remove & all traces of it a little later with a different tool/program !!

 

Your doing good, it gets easier as you familiarize yourself with the instructions !

 

Chuck

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Owner on Fri 11/22/2013 at 10:49:00.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE2A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE2B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8684a7c7-3ade-4208-ad43-ad57a1af352c}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8684a7c7-3ade-4208-ad43-ad57a1af352c}

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 11/22/2013 at 10:58:03.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Good, it will get faster as we go ! Do not remove these tools/programs untill i give you the ok later. This is incase we need to rerun them !

Share this post


Link to post
Share on other sites

Scotty,if it ran the scan the log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Open Malwarebytes which i had you install & click LOGS there should be a copy there if it ran, open it & copy/paste !!

    

Thanks

Chuck

 

If it's not there run another scan !

 

 

.............................................

 

Uninstall via Add/Remove Programs

    Please go to Start > Control Panel > Add Remove Programs.
    Locate the following programs: (if present)
SafePCRepair Internet Explorer Toolbar <<< anything related to SafePCRepair
 

Share this post


Link to post
Share on other sites

Scotty are you still in need of assistance ? I must lock this in 24 hrs if no response !!

 

Please respond !

Chuck

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.22.09

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 7.0.5730.13
Owner :: OWNER-9F8387D1C [administrator]

Protection: Enabled

11/22/2013 12:02:08 PM
mbam-log-2013-11-22 (12-02-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 200519
Time elapsed: 23 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 15
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.Optional.FunWebProducts.A) -> No action taken.
HKCR\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) -> Quarantined and deleted successfully.
HKCR\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\TypeLib\{014C4232-6904-47B9-9144-7E0FB7277444} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\Interface\{0AB02D6C-F605-425F-B7CB-B9E96C9FAF1E} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\GamevanceText.Linker.1 (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\GamevanceText.Linker (Adware.GameVance) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) -> Quarantined and deleted successfully.
HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Gamevance (Adware.Gamevance) -> Data: C:\Program Files\Gamevance\gamevance32.exe a -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files\Gamevance (Adware.Gamevance) -> Quarantined and deleted successfully.

Files Detected: 4
C:\google_earth_setup.exe (PUP.Optional.Soft32.A) -> No action taken.
C:\Program Files\Gamevance\ars.cfg (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\gvun.exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Program Files\Gamevance\icon.ico (Adware.Gamevance) -> Quarantined and deleted successfully.

(end)

Share this post


Link to post
Share on other sites

Scotty this >> shows you forgot to check one >>> C:\google_earth_setup.exe (PUP.Optional.Soft32.A) -> No action taken.

Go back & put a check next to it & select remove !! Will be brb with more of the fix while you do this !!

Share this post


Link to post
Share on other sites

Scotty, lets continue !

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

 

 

 

=========================

 

 

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   



Post Next:

1. Security log

2. Otl Logs (2) If given

 

Thanks

Chuck

 

The OTL log will take about half hour for me to go threw it & write you a fix to remove what i find !

Share this post


Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.77 
 Windows XP Service Pack 2 x86  
 Out of date service pack!!
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
 AVG 2013    
 AVG SafeGuard toolbar   
 AVG 2013    
 AVG PC TuneUp Language Pack (en-US)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 AVG PC TuneUp Language Pack (en-US)
 Java 6 Update 15 
 Java version out of Date!
 Mozilla Firefox (Toolbar.)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````
 

Share this post


Link to post
Share on other sites

Thanks Scotty, now finish with the Security check & OTL !!!!

 

Chuck

I will be gone for an hour then will be back !!

Share this post


Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.77 
 Windows XP Service Pack 2 x86  
 Out of date service pack!!
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled! 
 AVG 2013    
 AVG SafeGuard toolbar   
 AVG 2013    
 AVG PC TuneUp Language Pack (en-US)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 AVG PC TuneUp Language Pack (en-US)
 Java 6 Update 15 
 Java version out of Date!
 Mozilla Firefox (Toolbar.)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````

 

Share this post


Link to post
Share on other sites

OTL Extras logfile created on: 11/26/2013 10:51:34 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.48 Mb Total Physical Memory | 77.66 Mb Available Physical Memory | 17.36% Memory free
858.76 Mb Paging File | 265.33 Mb Available in Paging File | 30.90% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.03 Gb Total Space | 12.36 Gb Free Space | 38.58% Space Free | Partition Type: NTFS
Drive H: | 5.26 Gb Total Space | 0.91 Gb Free Space | 17.25% Space Free | Partition Type: FAT32
Drive I: | 603.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 33.01 Gb Total Space | 19.06 Gb Free Space | 57.73% Space Free | Partition Type: NTFS
Drive K: | 4.24 Gb Total Space | 0.69 Gb Free Space | 16.39% Space Free | Partition Type: FAT32
Drive M: | 3.72 Gb Total Space | 1.61 Gb Free Space | 43.16% Space Free | Partition Type: FAT32
 
Computer Name: OWNER-9F8387D1C | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Program Files\ATT-HSI\McciBrowser.exe" = C:\Program Files\ATT-HSI\McciBrowser.exe:*:Enabled:motivebrowser.exe -- (Motive Communications, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\lxctcoms.exe" = C:\WINDOWS\system32\lxctcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{21999F55-6F63-4FAB-9172-423355DC656D}" = HP Designjet 500-800 series FUU
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 15
"{2B43252C-A1E3-4C47-927C-9F2C276D3515}" = S3GSetup
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{6280C3D1-00A3-4E79-BDF6-98332A29B706}" = AVG 2013
"{69B02159-7622-4DBB-B9EE-F933039830AD}" = QuickBooks Pro 2006
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729ACA18-2122-4DDF-834C-25BBBBD3526E}" = AVG 2013
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{98B82958-1DCA-4504-BE88-C91F1C7A7225}" = D-Link DWA-131 Wireless N Nano USB Adapter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DDCFFF84-3DC3-472C-9308-37C5E9D11310}" = MicroSurvey CAD2004 SP6
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FB03A941-815E-42F2-B604-FCE5636DB90B}" = AVG PC TuneUp Language Pack (en-US)
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"3-D TopoQuads" = 3-D TopoQuads
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"ATT-SST" = AT&T Self Support Tool
"ATTToolbar" = AT&T Toolbar
"AVG" = AVG 2013
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Google Updater" = Google Updater
"HP DesignJet ToolBox" = HP DesignJet ToolBox
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Lexmark 5400 Series" = Lexmark 5400 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RadialpointClientGateway_is1" = AT&T Internet Security Wizard 1.5.11
"S3" = VIA/S3G Display Driver
"SafePCRepair_89bar Uninstall Firefox" = SafePCRepair Firefox Toolbar
"SafePCRepair_89bar Uninstall Internet Explorer" = SafePCRepair Internet Explorer Toolbar
"SmartPCFix_is1" = SmartPCFix 3.09
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
"YInstHelper" = Yahoo! Install Manager
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/11/2013 3:07:26 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 9.0.0.3250, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 10/22/2013 9:10:47 AM | Computer Name = OWNER-9F8387D1C | Source = Application Error | ID = 1000
Description = Faulting application googleearth.exe, version 7.1.1.1888, faulting
 module kernel32.dll, version 5.1.2600.3541, fault address 0x00012a6b.
 
Error - 10/28/2013 12:59:51 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 10/28/2013 12:59:55 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 10/28/2013 12:59:55 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 10/28/2013 12:59:55 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/18/2013 4:27:29 PM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application MSCAD2004.exe, version 2004.0.0.1, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/19/2013 10:47:40 AM | Computer Name = OWNER-9F8387D1C | Source = Application Error | ID = 1000
Description = Faulting application mscad2004.exe, version 2004.0.0.1, faulting module
 ntdll.dll, version 5.1.2600.3520, fault address 0x00011dc5.
 
Error - 11/19/2013 12:15:30 PM | Computer Name = OWNER-9F8387D1C | Source = Application Error | ID = 1000
Description = Faulting application mscad2004.exe, version 2004.0.0.1, faulting module
 ntdll.dll, version 5.1.2600.3520, fault address 0x00010c90.
 
Error - 11/26/2013 11:51:05 AM | Computer Name = OWNER-9F8387D1C | Source = Application Hang | ID = 1002
Description = Hanging application mbam.exe, version 1.75.0.1, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
[ System Events ]
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:06 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:07 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:07 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
Error - 11/26/2013 12:32:07 PM | Computer Name = OWNER-9F8387D1C | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
   %%126
 
[ TuneUp Events ]
Error - 9/30/2013 8:52:55 AM | Computer Name = OWNER-9F8387D1C | Source = TuneUp.UtilitiesSvc | ID = 300
Description =
 
 
< End of report >

 

Share this post


Link to post
Share on other sites

OTL logfile created on: 11/26/2013 11:53:20 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.48 Mb Total Physical Memory | 68.59 Mb Available Physical Memory | 15.33% Memory free
673.76 Mb Paging File | 64.76 Mb Available in Paging File | 9.61% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.03 Gb Total Space | 12.52 Gb Free Space | 39.09% Space Free | Partition Type: NTFS
Drive H: | 5.26 Gb Total Space | 0.91 Gb Free Space | 17.25% Space Free | Partition Type: FAT32
Drive I: | 603.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 33.01 Gb Total Space | 19.06 Gb Free Space | 57.73% Space Free | Partition Type: NTFS
Drive K: | 4.24 Gb Total Space | 0.69 Gb Free Space | 16.39% Space Free | Partition Type: FAT32
Drive M: | 3.72 Gb Total Space | 1.61 Gb Free Space | 43.16% Space Free | Partition Type: FAT32
 
Computer Name: OWNER-9F8387D1C | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/26 11:52:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.com
PRC - [2013/09/23 00:17:34 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/09/23 00:17:30 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/10 00:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 14:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/18 01:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2011/05/09 10:22:58 | 000,582,976 | ---- | M] (D-Link Corp.) -- C:\Program Files\D-Link\DWA-131\wirelesscm.exe
PRC - [2009/08/06 11:19:17 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2008/09/18 19:11:19 | 001,529,856 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\ATT-SST\McciTrayApp.exe
PRC - [2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/03 15:12:14 | 002,061,816 | ---- | M] (AT&T) -- C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
PRC - [2007/03/19 06:59:51 | 000,676,784 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctfax.exe
PRC - [2007/03/19 06:59:49 | 000,304,048 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\fm3032.exe
PRC - [2007/03/19 06:58:47 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxctcoms.exe
PRC - [2007/03/19 06:58:20 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 5400 Series\ezprint.exe
PRC - [2007/03/19 06:58:17 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe
PRC - [2004/10/22 12:53:06 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [1998/12/09 07:21:00 | 000,742,912 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\HPLRA.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/01/07 13:27:26 | 000,262,144 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanDll.dll
MOD - [2009/06/23 09:34:54 | 000,253,952 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanSup.dll
MOD - [2009/01/23 10:54:34 | 000,212,992 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanCtl.dll
MOD - [2008/06/27 09:10:30 | 000,118,784 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanWps.dll
MOD - [2007/12/15 00:30:54 | 001,167,360 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\acAuth.dll
MOD - [2007/03/19 06:59:51 | 000,676,784 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctfax.exe
MOD - [2007/03/19 06:59:49 | 000,304,048 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\fm3032.exe
MOD - [2007/03/19 06:58:17 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe
MOD - [2007/02/15 08:51:51 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\iptk.dll
MOD - [2007/01/17 19:25:06 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxctdrpp.dll
MOD - [2007/01/10 08:41:58 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\lxctdrs.dll
MOD - [2007/01/10 08:38:54 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctscw.dll
MOD - [2006/10/18 00:41:28 | 000,978,944 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\faxctr.dll
MOD - [2006/10/18 00:36:02 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\lxctpmon.dll
MOD - [2006/10/17 23:34:12 | 000,024,576 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lexdlgs.dll
MOD - [2006/10/17 23:30:50 | 000,053,248 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lexctrls.dll
MOD - [2006/10/17 23:30:10 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ipcmt.dll
MOD - [2006/08/14 11:17:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\lxctcaps.dll
MOD - [2006/08/09 08:38:02 | 000,151,552 | R--- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll
MOD - [2006/08/09 08:37:24 | 000,184,320 | R--- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll
MOD - [2006/06/08 20:39:54 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctdrec.dll
MOD - [2006/05/15 04:15:46 | 002,560,000 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ut.dll
MOD - [2006/05/03 08:31:03 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\lxctcnv4.dll
MOD - [2006/04/24 10:00:48 | 000,269,312 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\dtidb.dll
MOD - [1998/12/09 07:21:00 | 000,192,000 | ---- | M] () -- C:\WINDOWS\system32\HPLREUSE.DLL
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe -- (SafePCRepair_89Service)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 14:43:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2009/02/11 18:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-131\WLSVC.exe -- (WLSVC)
SRV - [2007/03/19 06:58:47 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxctcoms.exe -- (lxct_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2013/11/20 10:19:37 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/21 02:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012/02/10 15:36:44 | 001,173,992 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2008/07/28 16:26:30 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/07/28 16:26:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/02/27 09:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WLNdis50.sys -- (WLNdis50)
DRV - [2004/10/01 11:24:00 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004/08/04 04:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/29 11:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [1998/12/09 07:21:00 | 000,034,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HplParNt.sys -- (HplParNt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {be823b8c-a7ec-4078-a321-0f8046cbb48a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{4020153B-19DD-446F-A2F7-D99094AE3B4D}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@SafePCRepair_89.com/Plugin: C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]_89.com: C:\Program Files\SafePCRepair_89\bar\1.bin
 
 
O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Toolbar BHO) - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll File not found
O2 - BHO: (Search Assistant BHO) - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SafePCRepair) - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SafePCRepair) - {A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not found
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [iSW.exe] C:\Program Files\AT&T\Internet Security Wizard\ISW.exe (AT&T)
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
O4 - HKLM..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF File not found
O4 - HKLM..\Run: [RegAgent] C:\WINDOWS\HPLRA.EXE (Hewlett-Packard Co.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: 0.0.0.0 ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/IWONBarInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEF7C182-661E-4B75-AEAF-82C8F9C007D0}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/25 12:01:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - H:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2003/04/10 03:49:37 | 000,000,000 | ---- | M] () - J:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - K:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 04:02:32 | 000,000,045 | -HS- | M] () - K:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0dad5c12-fe0d-11e2-a220-0011d827593a}\Shell\AutoRun\command - "" = M:\setupSNK.exe
O33 - MountPoints2\{af380e38-fbb5-11e2-a21e-0011d827593a}\Shell\AutoRun\command - "" = M:\SecureII\Windows\SecureII.exe
O33 - MountPoints2\{b869c700-e08f-11e0-a0d1-0011d827593a}\Shell\AutoRun\command - "" = M:\RunClubSanDisk.exe
O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell - "" = AutoRun
O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\{ff8f0458-d456-11e2-a202-0011d827593a}\Shell\AutoRun\command - "" = M:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 180 Days ==========
 
[2013/11/26 10:49:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2013/11/22 11:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/11/22 11:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/22 11:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/11/22 11:10:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/11/22 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/11/22 10:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/22 10:25:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/19 09:31:16 | 000,000,000 | ---D | C] -- C:\13-139 JAB.msj
[2013/10/28 10:35:54 | 000,000,000 | ---D | C] -- C:\13-139 PARISH.msj
[2013/10/23 07:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/11 15:10:29 | 000,000,000 | ---D | C] -- C:\13-137.msj
[2013/07/30 12:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Nico Mak Computing
[2013/07/30 07:44:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/07/16 16:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AVG
[2013/07/16 16:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG
[2013/07/16 15:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/07/16 15:57:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/07/16 15:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/07/16 15:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/07/16 15:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2013/07/16 15:09:45 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/07/16 15:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/07/16 15:05:03 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/16 15:05:03 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/07/16 08:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG8UPG
[2013/07/15 15:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
[2013/07/15 15:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
[2013/07/15 15:20:49 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/07/15 15:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/07/15 15:14:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/15 15:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix
[2013/07/15 15:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SmartPCFix
[2013/07/15 15:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFix
[2013/07/15 15:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/07/15 14:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\D-Link
[2013/07/15 14:06:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pcidevice
[2013/07/15 14:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\D-Link
[2013/07/15 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\D-Link
[2013/07/15 14:06:07 | 001,173,992 | ---- | C] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\System32\drivers\rtwlanu.sys
[2013/07/01 11:38:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/06/25 14:22:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/06/24 15:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2013/06/13 12:35:04 | 000,000,000 | ---D | C] -- C:\13-101
[2013/06/13 12:22:24 | 000,000,000 | ---D | C] -- C:\13101.msj
[2013/06/01 09:44:13 | 000,000,000 | ---D | C] -- C:\120502.msj
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
========== Files - Modified Within 180 Days ==========
 
[2013/11/26 11:52:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2013/11/26 11:42:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/26 11:32:14 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/11/26 11:28:29 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/11/26 11:27:46 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\SmartPCFix Task.job
[2013/11/26 11:27:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/26 08:24:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/25 15:01:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
[2013/11/22 13:02:16 | 000,006,285 | ---- | M] () -- C:\WINDOWS\mscad2004.ini
[2013/11/22 13:02:09 | 000,111,958 | ---- | M] () -- C:\13-144 DEEDPLOT.msd
[2013/11/22 13:02:09 | 000,029,867 | ---- | M] () -- C:\13-144 DEEDPLOT.flx
[2013/11/22 11:11:08 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/22 10:05:09 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\http--www.hoyt.com-assets-downloads-wallpaper-HoytI1280x800.jpg.url
[2013/11/22 09:53:21 | 000,894,062 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BestTechie Forums.mht
[2013/11/22 09:16:03 | 000,000,339 | ---- | M] () -- C:\WINDOWS\Map98.INI
[2013/11/21 15:11:10 | 000,000,041 | ---- | M] () -- C:\WINDOWS\loc2.INI
[2013/11/21 15:11:04 | 000,000,041 | ---- | M] () -- C:\WINDOWS\dmcPrefX.INI
[2013/11/21 15:07:16 | 000,111,958 | ---- | M] () -- C:\13-144 DEEDPLOT.mbk
[2013/11/21 15:07:16 | 000,029,870 | ---- | M] () -- C:\13-144 DEEDPLOT.BAK
[2013/11/21 13:28:06 | 000,218,988 | ---- | M] () -- C:\13-139.flx
[2013/11/21 13:28:06 | 000,069,917 | ---- | M] () -- C:\13-139.msd
[2013/11/21 13:25:27 | 000,218,988 | ---- | M] () -- C:\13-139.BAK
[2013/11/21 13:25:22 | 000,069,917 | ---- | M] () -- C:\13-139.mbk
[2013/11/20 13:42:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
[2013/11/20 10:19:37 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/11/19 11:14:22 | 000,000,083 | ---- | M] () -- C:\WINDOWS\grideditor.INI
[2013/11/19 10:14:52 | 000,056,271 | ---- | M] () -- C:\13-139 JAB.msd
[2013/11/19 10:14:52 | 000,000,000 | ---- | M] () -- C:\13-139 JAB.flx
[2013/11/19 10:14:39 | 000,217,152 | ---- | M] () -- C:\13-139 JAB.BAK
[2013/11/19 10:14:39 | 000,056,271 | ---- | M] () -- C:\13-139 JAB.mbk
[2013/11/19 08:56:01 | 000,146,965 | ---- | M] () -- C:\13-139 JAB.dwg
[2013/11/18 13:02:52 | 000,081,240 | ---- | M] () -- C:\13-131.flx
[2013/11/18 13:02:51 | 000,224,134 | ---- | M] () -- C:\13-131.msd
[2013/11/15 07:39:24 | 000,081,240 | ---- | M] () -- C:\13-131.BAK
[2013/11/15 07:39:23 | 000,224,134 | ---- | M] () -- C:\13-131.mbk
[2013/11/12 12:34:36 | 000,064,223 | ---- | M] () -- C:\13-131.dwg
[2013/11/07 11:19:11 | 000,380,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/07 11:19:11 | 000,052,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/06 10:22:48 | 000,232,951 | ---- | M] () -- C:\13-123.msd
[2013/11/06 10:22:48 | 000,070,226 | ---- | M] () -- C:\13-123.flx
[2013/11/04 15:05:39 | 000,232,951 | ---- | M] () -- C:\13-123.mbk
[2013/11/04 15:03:33 | 000,070,231 | ---- | M] () -- C:\13-123.BAK
[2013/10/28 10:36:08 | 000,148,085 | ---- | M] () -- C:\13-139 PARISH.msd
[2013/10/28 10:36:08 | 000,038,109 | ---- | M] () -- C:\13-139 PARISH.flx
[2013/10/28 10:35:57 | 000,038,113 | ---- | M] () -- C:\13-139 PARISH.BAK
[2013/10/23 14:25:03 | 000,148,085 | ---- | M] () -- C:\13-139 PARISH.mbk
[2013/10/23 13:56:38 | 000,195,362 | ---- | M] () -- C:\13-138.msd
[2013/10/23 13:56:38 | 000,034,689 | ---- | M] () -- C:\13-138.flx
[2013/10/23 07:52:51 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/10/22 06:49:36 | 000,189,794 | ---- | M] () -- C:\13-138.mbk
[2013/10/22 06:49:36 | 000,033,879 | ---- | M] () -- C:\13-138.BAK
[2013/10/14 06:41:25 | 000,353,980 | ---- | M] () -- C:\13-137.msd
[2013/10/14 06:41:25 | 000,090,343 | ---- | M] () -- C:\13-137.flx
[2013/10/14 06:41:11 | 000,353,980 | ---- | M] () -- C:\13-137.mbk
[2013/10/14 06:41:11 | 000,090,343 | ---- | M] () -- C:\13-137.BAK
[2013/10/08 14:43:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/10/08 14:43:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/10/03 10:45:42 | 000,142,585 | ---- | M] () -- C:\13-130.msd
[2013/10/03 10:45:42 | 000,027,368 | ---- | M] () -- C:\13-130.flx
[2013/09/30 09:08:19 | 000,026,721 | ---- | M] () -- C:\13-130.BAK
[2013/09/30 08:59:04 | 000,142,585 | ---- | M] () -- C:\13-130.mbk
[2013/09/26 14:40:26 | 000,191,583 | ---- | M] () -- C:\RUSTIN.msd
[2013/09/26 14:40:26 | 000,048,221 | ---- | M] () -- C:\RUSTIN.flx
[2013/09/26 14:32:13 | 000,191,583 | ---- | M] () -- C:\RUSTIN.mbk
[2013/09/26 14:32:13 | 000,048,221 | ---- | M] () -- C:\RUSTIN.BAK
[2013/09/25 10:14:27 | 000,184,774 | ---- | M] () -- C:\120705.msd
[2013/09/25 10:13:15 | 000,108,839 | ---- | M] () -- C:\GILKEY.msd
[2013/09/25 10:13:15 | 000,044,132 | ---- | M] () -- C:\GILKEY.flx
[2013/09/25 10:04:42 | 000,108,839 | ---- | M] () -- C:\GILKEY.mbk
[2013/09/25 10:04:42 | 000,044,131 | ---- | M] () -- C:\GILKEY.BAK
[2013/09/25 06:59:57 | 000,042,656 | ---- | M] () -- C:\13-126.flx
[2013/09/25 06:59:53 | 000,263,499 | ---- | M] () -- C:\13-126.msd
[2013/09/24 09:49:53 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Office Word 2003.lnk
[2013/09/23 12:33:51 | 000,041,774 | ---- | M] () -- C:\13-126.BAK
[2013/09/23 12:33:22 | 000,120,164 | ---- | M] () -- C:\13-119FARM.flx
[2013/09/23 12:33:17 | 000,473,633 | ---- | M] () -- C:\13-119FARM.msd
[2013/09/20 08:12:54 | 000,473,633 | ---- | M] () -- C:\13-119FARM.mbk
[2013/09/20 08:12:54 | 000,120,168 | ---- | M] () -- C:\13-119FARM.BAK
[2013/09/20 08:00:26 | 000,898,367 | ---- | M] () -- C:\13-119LOT.flx
[2013/09/20 08:00:26 | 000,056,261 | ---- | M] () -- C:\13-119LOT.msd
[2013/09/20 07:54:29 | 000,256,267 | ---- | M] () -- C:\13-126.mbk
[2013/09/18 14:15:37 | 000,496,384 | ---- | M] () -- C:\120405.msd
[2013/09/18 14:10:48 | 000,898,367 | ---- | M] () -- C:\13-119LOT.BAK
[2013/09/18 14:10:48 | 000,056,261 | ---- | M] () -- C:\13-119LOT.mbk
[2013/09/18 06:07:24 | 000,096,143 | ---- | M] () -- C:\13-119.flx
[2013/09/18 06:07:23 | 000,404,215 | ---- | M] () -- C:\13-119.msd
[2013/09/16 09:52:51 | 000,056,281 | ---- | M] () -- C:\13-119 FARM.msd
[2013/09/16 09:52:51 | 000,013,872 | ---- | M] () -- C:\13-119 FARM.flx
[2013/09/16 08:37:11 | 000,404,215 | ---- | M] () -- C:\13-119.mbk
[2013/09/16 08:37:11 | 000,096,139 | ---- | M] () -- C:\13-119.BAK
[2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[2013/08/27 15:46:19 | 000,139,233 | ---- | M] () -- C:\KITCHENS.msd
[2013/08/27 15:46:19 | 000,067,562 | ---- | M] () -- C:\KITCHENS.flx
[2013/08/21 11:55:03 | 000,139,233 | ---- | M] () -- C:\KITCHENS.mbk
[2013/08/21 11:53:55 | 000,067,566 | ---- | M] () -- C:\KITCHENS.BAK
[2013/08/05 15:06:32 | 000,939,603 | ---- | M] () -- C:\BASIN.msd
[2013/08/02 15:07:54 | 000,306,085 | ---- | M] () -- C:\BASIN.flx
[2013/08/02 15:07:50 | 000,162,458 | ---- | M] () -- C:\BASIN.dwg
[2013/08/02 15:07:49 | 000,939,603 | ---- | M] () -- C:\BASIN.mbk
[2013/08/02 14:57:13 | 000,306,442 | ---- | M] () -- C:\BASIN.BAK
[2013/07/30 09:12:32 | 000,288,930 | ---- | M] () -- C:\eaglecreek.msd
[2013/07/30 09:12:16 | 000,113,480 | ---- | M] () -- C:\eaglecreek.flx
[2013/07/30 09:09:34 | 000,288,930 | ---- | M] () -- C:\eaglecreek.mbk
[2013/07/30 09:09:34 | 000,113,111 | ---- | M] () -- C:\eaglecreek.BAK
[2013/07/30 07:57:55 | 000,063,198 | ---- | M] () -- C:\eaglecreek.dwg
[2013/07/30 07:57:53 | 000,056,281 | ---- | M] () -- C:\13-103 JOSH.msd
[2013/07/22 16:56:55 | 000,135,324 | ---- | M] () -- C:\13-103 JOSH.flx
[2013/07/22 16:18:58 | 000,135,324 | ---- | M] () -- C:\13-103 JOSH.BAK
[2013/07/22 16:18:58 | 000,056,281 | ---- | M] () -- C:\13-103 JOSH.mbk
[2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys
[2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2013/07/16 08:56:05 | 073,944,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2013/07/15 15:35:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/07/15 15:12:32 | 001,160,856 | ---- | M] () -- C:\google_earth_setup.exe
[2013/07/15 14:13:04 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Wireless Connection Manager.lnk
[2013/07/14 13:11:11 | 000,354,715 | ---- | M] () -- C:\13-103.msd
[2013/07/09 14:05:59 | 000,871,025 | ---- | M] () -- C:\110101.msd
[2013/07/09 14:05:59 | 000,121,210 | ---- | M] () -- C:\110101.flx
[2013/07/09 13:57:27 | 000,871,025 | ---- | M] () -- C:\110101.mbk
[2013/07/09 13:57:27 | 000,121,210 | ---- | M] () -- C:\110101.BAK
[2013/07/09 13:26:42 | 000,178,691 | ---- | M] () -- C:\120405.flx
[2013/07/09 13:21:20 | 000,496,384 | ---- | M] () -- C:\120405.mbk
[2013/07/09 13:21:20 | 000,178,691 | ---- | M] () -- C:\120405.BAK
[2013/07/09 10:59:59 | 000,121,426 | ---- | M] () -- C:\13-103.flx
[2013/07/09 10:51:58 | 000,354,715 | ---- | M] () -- C:\13-103.mbk
[2013/07/09 10:51:58 | 000,121,426 | ---- | M] () -- C:\13-103.BAK
[2013/07/03 11:55:21 | 000,351,307 | ---- | M] () -- C:\13-106.msd
[2013/07/01 14:42:19 | 000,008,227 | ---- | M] () -- C:\120405.CR5
[2013/07/01 14:38:16 | 000,138,027 | ---- | M] () -- C:\prow composite.msd
[2013/07/01 14:38:16 | 000,035,561 | ---- | M] () -- C:\prow composite.flx
[2013/07/01 14:28:56 | 000,138,027 | ---- | M] () -- C:\prow composite.mbk
[2013/07/01 14:28:56 | 000,035,561 | ---- | M] () -- C:\prow composite.BAK
[2013/07/01 10:58:13 | 000,117,763 | ---- | M] () -- C:\13-106.flx
[2013/07/01 10:58:10 | 000,351,307 | ---- | M] () -- C:\13-106.mbk
[2013/07/01 10:58:10 | 000,117,763 | ---- | M] () -- C:\13-106.BAK
[2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2013/06/27 15:10:48 | 000,659,614 | ---- | M] () -- C:\jent sub.flx
[2013/06/27 15:10:48 | 000,489,562 | ---- | M] () -- C:\jent sub.msd
[2013/06/27 14:53:46 | 000,659,614 | ---- | M] () -- C:\jent sub.BAK
[2013/06/27 14:53:46 | 000,489,562 | ---- | M] () -- C:\jent sub.mbk
[2013/06/27 08:34:06 | 000,472,573 | ---- | M] () -- C:\13-101 Boundary2.msd
[2013/06/27 08:34:06 | 000,185,603 | ---- | M] () -- C:\13-101 Boundary2.flx
[2013/06/27 08:12:41 | 000,472,573 | ---- | M] () -- C:\13-101 Boundary2.mbk
[2013/06/27 08:12:41 | 000,185,597 | ---- | M] () -- C:\13-101 Boundary2.BAK
[2013/06/26 08:18:24 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2013/06/26 08:18:24 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2013/06/26 08:18:17 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2013/06/26 08:02:20 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/25 11:44:38 | 000,233,337 | ---- | M] () -- C:\13-105.msd
[2013/06/25 11:44:13 | 000,047,626 | ---- | M] () -- C:\13-105.flx
[2013/06/25 11:44:07 | 000,233,337 | ---- | M] () -- C:\13-105.mbk
[2013/06/25 11:44:07 | 000,047,626 | ---- | M] () -- C:\13-105.BAK
[2013/06/24 15:47:37 | 000,161,907 | ---- | M] () -- C:\13-102.flx
[2013/06/24 15:47:37 | 000,056,231 | ---- | M] () -- C:\13-102.msd
[2013/06/24 15:32:23 | 000,161,912 | ---- | M] () -- C:\13-102.BAK
[2013/06/24 15:32:23 | 000,056,231 | ---- | M] () -- C:\13-102.mbk
[2013/06/21 14:41:57 | 000,455,279 | ---- | M] () -- C:\120801.msd
[2013/06/21 14:39:13 | 000,311,058 | ---- | M] () -- C:\120801.flx
[2013/06/20 14:49:04 | 000,004,363 | ---- | M] () -- C:\Drawing_0.flx
[2013/06/20 06:07:33 | 000,147,303 | ---- | M] () -- C:\QUALITY BORDER.flx
[2013/06/20 06:07:32 | 000,467,461 | ---- | M] () -- C:\QUALITY BORDER.msd
[2013/06/20 06:07:23 | 000,467,461 | ---- | M] () -- C:\QUALITY BORDER.mbk
[2013/06/20 06:07:23 | 000,147,302 | ---- | M] () -- C:\QUALITY BORDER.BAK
[2013/06/17 12:27:14 | 000,424,541 | ---- | M] () -- C:\13-101 Boundary.msd
[2013/06/17 12:25:24 | 000,140,836 | ---- | M] () -- C:\13-101 Boundary.flx
[2013/06/17 11:41:18 | 000,424,541 | ---- | M] () -- C:\13-101 Boundary.mbk
[2013/06/17 11:36:12 | 000,140,798 | ---- | M] () -- C:\13-101 Boundary.BAK
[2013/06/17 06:57:35 | 000,055,821 | ---- | M] () -- C:\TITLE BLOCK.flx
[2013/06/17 06:57:34 | 000,270,646 | ---- | M] () -- C:\TITLE BLOCK.msd
[2013/06/17 06:48:39 | 000,088,511 | ---- | M] () -- C:\13-101.flx
[2013/06/17 06:48:38 | 000,341,552 | ---- | M] () -- C:\13-101.msd
[2013/06/17 06:34:36 | 000,341,552 | ---- | M] () -- C:\13-101.mbk
[2013/06/17 06:34:36 | 000,088,515 | ---- | M] () -- C:\13-101.BAK
[2013/06/13 12:41:42 | 000,008,654 | ---- | M] () -- C:\13-101.dwg
[2013/06/13 12:26:17 | 000,216,479 | ---- | M] () -- C:\13101.msd
[2013/06/13 12:26:17 | 000,035,534 | ---- | M] () -- C:\13101.flx
[2013/06/13 12:24:53 | 000,216,479 | ---- | M] () -- C:\13101.mbk
[2013/06/13 12:24:53 | 000,035,391 | ---- | M] () -- C:\13101.BAK
[2013/06/10 12:16:32 | 000,807,924 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PICT0046.JPG
[2013/06/10 09:57:00 | 000,215,074 | ---- | M] () -- C:\101202.msd
[2013/06/10 09:57:00 | 000,063,638 | ---- | M] () -- C:\101202.flx
[2013/06/10 08:23:28 | 000,063,555 | ---- | M] () -- C:\121002.flx
[2013/06/10 06:20:40 | 000,213,472 | ---- | M] () -- C:\121002.msd
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/11/22 11:11:08 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/22 10:05:08 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\http--www.hoyt.com-assets-downloads-wallpaper-HoytI1280x800.jpg.url
[2013/11/22 09:53:10 | 000,894,062 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BestTechie Forums.mht
[2013/11/21 13:32:01 | 000,111,958 | ---- | C] () -- C:\13-144 DEEDPLOT.msd
[2013/11/21 13:32:01 | 000,111,958 | ---- | C] () -- C:\13-144 DEEDPLOT.mbk
[2013/11/21 13:29:34 | 000,029,870 | ---- | C] () -- C:\13-144 DEEDPLOT.BAK
[2013/11/21 13:29:34 | 000,029,867 | ---- | C] () -- C:\13-144 DEEDPLOT.flx
[2013/11/19 10:24:37 | 000,069,917 | ---- | C] () -- C:\13-139.msd
[2013/11/19 10:24:37 | 000,069,917 | ---- | C] () -- C:\13-139.mbk
[2013/11/19 10:24:31 | 000,218,988 | ---- | C] () -- C:\13-139.flx
[2013/11/19 10:24:31 | 000,218,988 | ---- | C] () -- C:\13-139.BAK
[2013/11/19 08:56:00 | 000,146,965 | ---- | C] () -- C:\13-139 JAB.dwg
[2013/11/18 14:35:01 | 000,217,152 | ---- | C] () -- C:\13-139 JAB.BAK
[2013/11/18 14:35:01 | 000,056,271 | ---- | C] () -- C:\13-139 JAB.msd
[2013/11/18 14:35:01 | 000,056,271 | ---- | C] () -- C:\13-139 JAB.mbk
[2013/11/18 14:35:01 | 000,000,000 | ---- | C] () -- C:\13-139 JAB.flx
[2013/11/12 12:34:33 | 000,064,223 | ---- | C] () -- C:\13-131.dwg
[2013/11/06 10:56:25 | 000,224,134 | ---- | C] () -- C:\13-131.msd
[2013/11/06 10:56:25 | 000,224,134 | ---- | C] () -- C:\13-131.mbk
[2013/11/06 10:56:25 | 000,081,240 | ---- | C] () -- C:\13-131.flx
[2013/11/04 14:21:43 | 000,232,951 | ---- | C] () -- C:\13-123.msd
[2013/11/04 14:21:43 | 000,232,951 | ---- | C] () -- C:\13-123.mbk
[2013/11/04 14:21:43 | 000,070,231 | ---- | C] () -- C:\13-123.BAK
[2013/11/04 14:21:43 | 000,070,226 | ---- | C] () -- C:\13-123.flx
[2013/10/25 13:27:49 | 000,081,240 | ---- | C] () -- C:\13-131.BAK
[2013/10/23 14:05:40 | 000,148,085 | ---- | C] () -- C:\13-139 PARISH.msd
[2013/10/23 14:05:40 | 000,148,085 | ---- | C] () -- C:\13-139 PARISH.mbk
[2013/10/23 13:59:24 | 000,038,113 | ---- | C] () -- C:\13-139 PARISH.BAK
[2013/10/23 13:59:24 | 000,038,109 | ---- | C] () -- C:\13-139 PARISH.flx
[2013/10/21 14:33:08 | 000,034,689 | ---- | C] () -- C:\13-138.flx
[2013/10/21 14:33:08 | 000,033,879 | ---- | C] () -- C:\13-138.BAK
[2013/10/21 14:33:07 | 000,195,362 | ---- | C] () -- C:\13-138.msd
[2013/10/21 14:33:07 | 000,189,794 | ---- | C] () -- C:\13-138.mbk
[2013/10/11 11:29:18 | 000,353,980 | ---- | C] () -- C:\13-137.msd
[2013/10/11 11:29:18 | 000,353,980 | ---- | C] () -- C:\13-137.mbk
[2013/10/11 11:29:18 | 000,090,343 | ---- | C] () -- C:\13-137.flx
[2013/10/11 11:29:18 | 000,090,343 | ---- | C] () -- C:\13-137.BAK
[2013/09/30 08:18:20 | 000,142,585 | ---- | C] () -- C:\13-130.msd
[2013/09/30 08:18:20 | 000,142,585 | ---- | C] () -- C:\13-130.mbk
[2013/09/30 08:18:20 | 000,027,368 | ---- | C] () -- C:\13-130.flx
[2013/09/30 08:18:20 | 000,026,721 | ---- | C] () -- C:\13-130.BAK
[2013/09/26 12:12:02 | 000,191,583 | ---- | C] () -- C:\RUSTIN.msd
[2013/09/26 12:12:02 | 000,191,583 | ---- | C] () -- C:\RUSTIN.mbk
[2013/09/26 12:12:02 | 000,048,221 | ---- | C] () -- C:\RUSTIN.flx
[2013/09/26 12:12:02 | 000,048,221 | ---- | C] () -- C:\RUSTIN.BAK
[2013/09/25 08:13:24 | 000,108,839 | ---- | C] () -- C:\GILKEY.msd
[2013/09/25 08:13:24 | 000,108,839 | ---- | C] () -- C:\GILKEY.mbk
[2013/09/25 08:02:11 | 000,044,132 | ---- | C] () -- C:\GILKEY.flx
[2013/09/25 08:02:11 | 000,044,131 | ---- | C] () -- C:\GILKEY.BAK
[2013/09/20 06:10:49 | 000,263,499 | ---- | C] () -- C:\13-126.msd
[2013/09/20 06:10:49 | 000,256,267 | ---- | C] () -- C:\13-126.mbk
[2013/09/20 06:10:49 | 000,042,656 | ---- | C] () -- C:\13-126.flx
[2013/09/20 06:10:49 | 000,041,774 | ---- | C] () -- C:\13-126.BAK
[2013/09/18 13:40:18 | 000,056,261 | ---- | C] () -- C:\13-119LOT.msd
[2013/09/18 13:40:18 | 000,056,261 | ---- | C] () -- C:\13-119LOT.mbk
[2013/09/18 13:40:17 | 000,898,367 | ---- | C] () -- C:\13-119LOT.flx
[2013/09/18 13:40:17 | 000,898,367 | ---- | C] () -- C:\13-119LOT.BAK
[2013/09/16 09:52:51 | 000,056,281 | ---- | C] () -- C:\13-119 FARM.msd
[2013/09/16 09:52:51 | 000,013,872 | ---- | C] () -- C:\13-119 FARM.flx
[2013/09/16 08:46:48 | 000,473,633 | ---- | C] () -- C:\13-119FARM.msd
[2013/09/16 08:46:48 | 000,473,633 | ---- | C] () -- C:\13-119FARM.mbk
[2013/09/16 08:42:55 | 000,120,168 | ---- | C] () -- C:\13-119FARM.BAK
[2013/09/16 08:42:55 | 000,120,164 | ---- | C] () -- C:\13-119FARM.flx
[2013/08/27 16:04:47 | 000,404,215 | ---- | C] () -- C:\13-119.msd
[2013/08/27 16:04:47 | 000,404,215 | ---- | C] () -- C:\13-119.mbk
[2013/08/27 15:48:36 | 000,096,143 | ---- | C] () -- C:\13-119.flx
[2013/08/27 15:48:36 | 000,096,139 | ---- | C] () -- C:\13-119.BAK
[2013/08/02 15:07:49 | 000,162,458 | ---- | C] () -- C:\BASIN.dwg
[2013/08/02 14:57:13 | 000,939,603 | ---- | C] () -- C:\BASIN.msd
[2013/08/02 14:57:13 | 000,939,603 | ---- | C] () -- C:\BASIN.mbk
[2013/08/02 14:57:13 | 000,306,442 | ---- | C] () -- C:\BASIN.BAK
[2013/08/02 14:57:13 | 000,306,085 | ---- | C] () -- C:\BASIN.flx
[2013/07/31 13:24:21 | 000,067,566 | ---- | C] () -- C:\KITCHENS.BAK
[2013/07/31 13:24:21 | 000,067,562 | ---- | C] () -- C:\KITCHENS.flx
[2013/07/31 13:24:20 | 000,139,233 | ---- | C] () -- C:\KITCHENS.msd
[2013/07/31 13:24:20 | 000,139,233 | ---- | C] () -- C:\KITCHENS.mbk
[2013/07/30 12:42:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
[2013/07/30 12:42:49 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
[2013/07/30 08:01:12 | 000,113,480 | ---- | C] () -- C:\eaglecreek.flx
[2013/07/30 08:01:12 | 000,113,111 | ---- | C] () -- C:\eaglecreek.BAK
[2013/07/30 07:57:53 | 000,288,930 | ---- | C] () -- C:\eaglecreek.msd
[2013/07/30 07:57:53 | 000,288,930 | ---- | C] () -- C:\eaglecreek.mbk
[2013/07/30 07:57:53 | 000,063,198 | ---- | C] () -- C:\eaglecreek.dwg
[2013/07/16 15:12:43 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/07/16 15:05:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/15 15:14:16 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\SmartPCFix Task.job
[2013/07/15 15:12:08 | 001,160,856 | ---- | C] () -- C:\google_earth_setup.exe
[2013/07/15 14:13:04 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Wireless Connection Manager.lnk
[2013/07/15 14:06:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys
[2013/07/15 14:06:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2013/07/15 14:06:35 | 000,010,667 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.cat
[2013/07/15 14:06:35 | 000,001,593 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.inf
[2013/07/15 11:53:12 | 000,056,281 | ---- | C] () -- C:\13-103 JOSH.msd
[2013/07/15 11:53:12 | 000,056,281 | ---- | C] () -- C:\13-103 JOSH.mbk
[2013/07/15 11:52:59 | 000,135,324 | ---- | C] () -- C:\13-103 JOSH.flx
[2013/07/15 11:52:59 | 000,135,324 | ---- | C] () -- C:\13-103 JOSH.BAK
[2013/07/03 11:55:21 | 000,354,715 | ---- | C] () -- C:\13-103.msd
[2013/07/03 11:55:21 | 000,354,715 | ---- | C] () -- C:\13-103.mbk
[2013/07/03 11:55:21 | 000,121,426 | ---- | C] () -- C:\13-103.flx
[2013/07/03 11:55:21 | 000,121,426 | ---- | C] () -- C:\13-103.BAK
[2013/07/01 14:41:15 | 000,008,227 | ---- | C] () -- C:\120405.CR5
[2013/07/01 11:53:37 | 000,138,027 | ---- | C] () -- C:\prow composite.msd
[2013/07/01 11:53:37 | 000,138,027 | ---- | C] () -- C:\prow composite.mbk
[2013/07/01 11:53:37 | 000,035,561 | ---- | C] () -- C:\prow composite.flx
[2013/07/01 11:53:37 | 000,035,561 | ---- | C] () -- C:\prow composite.BAK
[2013/06/25 11:44:38 | 000,351,307 | ---- | C] () -- C:\13-106.msd
[2013/06/25 11:44:38 | 000,351,307 | ---- | C] () -- C:\13-106.mbk
[2013/06/25 11:44:38 | 000,117,763 | ---- | C] () -- C:\13-106.flx
[2013/06/25 11:44:38 | 000,117,763 | ---- | C] () -- C:\13-106.BAK
[2013/06/25 10:25:50 | 000,233,337 | ---- | C] () -- C:\13-105.msd
[2013/06/25 10:25:50 | 000,233,337 | ---- | C] () -- C:\13-105.mbk
[2013/06/25 10:25:50 | 000,047,626 | ---- | C] () -- C:\13-105.flx
[2013/06/25 10:25:50 | 000,047,626 | ---- | C] () -- C:\13-105.BAK
[2013/06/21 14:41:57 | 000,659,614 | ---- | C] () -- C:\jent sub.flx
[2013/06/21 14:41:57 | 000,659,614 | ---- | C] () -- C:\jent sub.BAK
[2013/06/21 14:41:57 | 000,489,562 | ---- | C] () -- C:\jent sub.msd
[2013/06/21 14:41:57 | 000,489,562 | ---- | C] () -- C:\jent sub.mbk
[2013/06/20 06:29:50 | 000,056,231 | ---- | C] () -- C:\13-102.msd
[2013/06/20 06:29:50 | 000,056,231 | ---- | C] () -- C:\13-102.mbk
[2013/06/20 06:29:49 | 000,161,912 | ---- | C] () -- C:\13-102.BAK
[2013/06/20 06:29:49 | 000,161,907 | ---- | C] () -- C:\13-102.flx
[2013/06/20 06:06:51 | 000,467,461 | ---- | C] () -- C:\QUALITY BORDER.msd
[2013/06/20 06:06:51 | 000,467,461 | ---- | C] () -- C:\QUALITY BORDER.mbk
[2013/06/20 06:06:51 | 000,147,303 | ---- | C] () -- C:\QUALITY BORDER.flx
[2013/06/20 06:06:51 | 000,147,302 | ---- | C] () -- C:\QUALITY BORDER.BAK
[2013/06/17 11:41:18 | 000,472,573 | ---- | C] () -- C:\13-101 Boundary2.msd
[2013/06/17 11:41:18 | 000,472,573 | ---- | C] () -- C:\13-101 Boundary2.mbk
[2013/06/17 11:41:18 | 000,185,603 | ---- | C] () -- C:\13-101 Boundary2.flx
[2013/06/17 11:41:18 | 000,185,597 | ---- | C] () -- C:\13-101 Boundary2.BAK
[2013/06/17 06:36:02 | 000,424,541 | ---- | C] () -- C:\13-101 Boundary.msd
[2013/06/17 06:36:02 | 000,424,541 | ---- | C] () -- C:\13-101 Boundary.mbk
[2013/06/17 06:36:01 | 000,140,836 | ---- | C] () -- C:\13-101 Boundary.flx
[2013/06/17 06:36:01 | 000,140,798 | ---- | C] () -- C:\13-101 Boundary.BAK
[2013/06/13 12:42:58 | 000,341,552 | ---- | C] () -- C:\13-101.msd
[2013/06/13 12:42:58 | 000,341,552 | ---- | C] () -- C:\13-101.mbk
[2013/06/13 12:42:58 | 000,088,515 | ---- | C] () -- C:\13-101.BAK
[2013/06/13 12:42:58 | 000,088,511 | ---- | C] () -- C:\13-101.flx
[2013/06/13 12:41:40 | 000,008,654 | ---- | C] () -- C:\13-101.dwg
[2013/06/10 06:20:40 | 000,216,479 | ---- | C] () -- C:\13101.msd
[2013/06/10 06:20:40 | 000,216,479 | ---- | C] () -- C:\13101.mbk
[2013/06/10 06:20:40 | 000,035,534 | ---- | C] () -- C:\13101.flx
[2013/06/10 06:20:40 | 000,035,391 | ---- | C] () -- C:\13101.BAK
[2009/12/01 15:51:19 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/29 15:32:07 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2008/08/29 13:47:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006/09/23 13:12:50 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:01:53 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 04:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2008/08/29 12:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5400 Series
[2009/03/09 15:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2009/07/20 12:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar
[2013/07/16 16:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/10/22 06:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/07/16 15:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/07/15 15:14:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/15 14:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\D-Link
[2013/11/26 08:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/02/10 15:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetZero
[2013/07/16 15:57:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2009/02/13 12:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\5400 Series
[2009/03/09 15:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AT&T
[2009/04/06 10:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ATTToolbar
[2013/07/16 16:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG
[2013/07/15 15:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
[2013/07/16 15:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/06/24 15:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2013/10/07 07:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nico Mak Computing
[2013/07/15 15:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix
[2013/07/16 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >

Share this post


Link to post
Share on other sites

Scotty, i was seeing lines threw your OTL log so i fixed them & reposted so i could read it better !!

 

OTL logfile created on: 11/26/2013 11:53:20 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.48 Mb Total Physical Memory | 68.59 Mb Available Physical Memory | 15.33% Memory free
673.76 Mb Paging File | 64.76 Mb Available in Paging File | 9.61% Paging File free
Paging file location(s): C:\pagefile.sys 288 576 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32.03 Gb Total Space | 12.52 Gb Free Space | 39.09% Space Free | Partition Type: NTFS
Drive H: | 5.26 Gb Total Space | 0.91 Gb Free Space | 17.25% Space Free | Partition Type: FAT32
Drive I: | 603.09 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 33.01 Gb Total Space | 19.06 Gb Free Space | 57.73% Space Free | Partition Type: NTFS
Drive K: | 4.24 Gb Total Space | 0.69 Gb Free Space | 16.39% Space Free | Partition Type: FAT32
Drive M: | 3.72 Gb Total Space | 1.61 Gb Free Space | 43.16% Space Free | Partition Type: FAT32
 
Computer Name: OWNER-9F8387D1C | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/26 11:52:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.com
PRC - [2013/09/23 00:17:34 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/09/23 00:17:30 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/10 00:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 14:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/18 01:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2011/05/09 10:22:58 | 000,582,976 | ---- | M] (D-Link Corp.) -- C:\Program Files\D-Link\DWA-131\wirelesscm.exe
PRC - [2009/08/06 11:19:17 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2008/09/18 19:11:19 | 001,529,856 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\ATT-SST\McciTrayApp.exe
PRC - [2007/06/13 04:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/03 15:12:14 | 002,061,816 | ---- | M] (AT&T) -- C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
PRC - [2007/03/19 06:59:51 | 000,676,784 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctfax.exe
PRC - [2007/03/19 06:59:49 | 000,304,048 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\fm3032.exe
PRC - [2007/03/19 06:58:47 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxctcoms.exe
PRC - [2007/03/19 06:58:20 | 000,082,864 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 5400 Series\ezprint.exe
PRC - [2007/03/19 06:58:17 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe
PRC - [2004/10/22 12:53:06 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [1998/12/09 07:21:00 | 000,742,912 | ---- | M] (Hewlett-Packard Co.) -- C:\WINDOWS\HPLRA.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/01/07 13:27:26 | 000,262,144 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanDll.dll
MOD - [2009/06/23 09:34:54 | 000,253,952 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanSup.dll
MOD - [2009/01/23 10:54:34 | 000,212,992 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanCtl.dll
MOD - [2008/06/27 09:10:30 | 000,118,784 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\WlanWps.dll
MOD - [2007/12/15 00:30:54 | 001,167,360 | ---- | M] () -- C:\Program Files\D-Link\DWA-131\acAuth.dll
MOD - [2007/03/19 06:59:51 | 000,676,784 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctfax.exe
MOD - [2007/03/19 06:59:49 | 000,304,048 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\fm3032.exe
MOD - [2007/03/19 06:58:17 | 000,291,760 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctmon.exe
MOD - [2007/02/15 08:51:51 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\iptk.dll
MOD - [2007/01/17 19:25:06 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxctdrpp.dll
MOD - [2007/01/10 08:41:58 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\lxctdrs.dll
MOD - [2007/01/10 08:38:54 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctscw.dll
MOD - [2006/10/18 00:41:28 | 000,978,944 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\faxctr.dll
MOD - [2006/10/18 00:36:02 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\lxctpmon.dll
MOD - [2006/10/17 23:34:12 | 000,024,576 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lexdlgs.dll
MOD - [2006/10/17 23:30:50 | 000,053,248 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lexctrls.dll
MOD - [2006/10/17 23:30:10 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ipcmt.dll
MOD - [2006/08/14 11:17:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\lxctcaps.dll
MOD - [2006/08/09 08:38:02 | 000,151,552 | R--- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll
MOD - [2006/08/09 08:37:24 | 000,184,320 | R--- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll
MOD - [2006/06/08 20:39:54 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\lxctdrec.dll
MOD - [2006/05/15 04:15:46 | 002,560,000 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\ut.dll
MOD - [2006/05/03 08:31:03 | 000,061,440 | ---- | M] () -- C:\WINDOWS\system32\lxctcnv4.dll
MOD - [2006/04/24 10:00:48 | 000,269,312 | ---- | M] () -- C:\Program Files\Lexmark 5400 Series\dtidb.dll
MOD - [1998/12/09 07:21:00 | 000,192,000 | ---- | M] () -- C:\WINDOWS\system32\HPLREUSE.DLL
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)
SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe -- (SafePCRepair_89Service)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 14:43:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/23 18:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/04 14:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2009/02/11 18:12:38 | 000,167,936 | ---- | M] () [Auto | Stopped] -- C:\Program Files\D-Link\DWA-131\WLSVC.exe -- (WLSVC)
SRV - [2007/03/19 06:58:47 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxctcoms.exe -- (lxct_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2013/11/20 10:19:37 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/21 02:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012/02/10 15:36:44 | 001,173,992 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtwlanu.sys -- (RTL8192cu)
DRV - [2008/07/28 16:26:30 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/07/28 16:26:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/02/27 09:54:00 | 000,020,480 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WLNdis50.sys -- (WLNdis50)
DRV - [2004/10/01 11:24:00 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004/08/04 04:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/06/29 11:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [1998/12/09 07:21:00 | 000,034,784 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HplParNt.sys -- (HplParNt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {be823b8c-a7ec-4078-a321-0f8046cbb48a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{4020153B-19DD-446F-A2F7-D99094AE3B4D}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@SafePCRepair_89.com/Plugin: C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]_89.com: C:\Program Files\SafePCRepair_89\bar\1.bin
 
 
O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Toolbar BHO) - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll File not found
O2 - BHO: (Search Assistant BHO) - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SafePCRepair) - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SafePCRepair) - {A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not found
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [iSW.exe] C:\Program Files\AT&T\Internet Security Wizard\ISW.exe (AT&T)
O4 - HKLM..\Run: [Lexmark 5400 Series Fax Server] C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LXCTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
O4 - HKLM..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF File not found
O4 - HKLM..\Run: [RegAgent] C:\WINDOWS\HPLRA.EXE (Hewlett-Packard Co.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk = C:\Program Files\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: 0.0.0.0 ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEF7C182-661E-4B75-AEAF-82C8F9C007D0}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/25 12:01:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - H:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - H:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2003/04/10 03:49:37 | 000,000,000 | ---- | M] () - J:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 000,000,000 | -HS- | M] () - K:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 04:02:32 | 000,000,045 | -HS- | M] () - K:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0dad5c12-fe0d-11e2-a220-0011d827593a}\Shell\AutoRun\command - "" = M:\setupSNK.exe
O33 - MountPoints2\{af380e38-fbb5-11e2-a21e-0011d827593a}\Shell\AutoRun\command - "" = M:\SecureII\Windows\SecureII.exe
O33 - MountPoints2\{b869c700-e08f-11e0-a0d1-0011d827593a}\Shell\AutoRun\command - "" = M:\RunClubSanDisk.exe
O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell - "" = AutoRun
O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f91ebc86-1518-11df-9f85-0011d827593a}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\{ff8f0458-d456-11e2-a202-0011d827593a}\Shell\AutoRun\command - "" = M:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 180 Days ==========
 
[2013/11/26 10:49:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2013/11/22 11:11:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/11/22 11:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/22 11:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/11/22 11:10:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/11/22 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/11/22 10:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/22 10:25:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/19 09:31:16 | 000,000,000 | ---D | C] -- C:\13-139 JAB.msj
[2013/10/28 10:35:54 | 000,000,000 | ---D | C] -- C:\13-139 PARISH.msj
[2013/10/23 07:52:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/11 15:10:29 | 000,000,000 | ---D | C] -- C:\13-137.msj
[2013/07/30 12:42:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Nico Mak Computing
[2013/07/30 07:44:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/07/16 16:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AVG
[2013/07/16 16:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG
[2013/07/16 15:58:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/07/16 15:57:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/07/16 15:15:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/07/16 15:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/07/16 15:11:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2013/07/16 15:09:45 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/07/16 15:09:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/07/16 15:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/07/16 15:05:03 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/16 15:05:03 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/07/16 08:59:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG8UPG
[2013/07/15 15:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AVG SafeGuard toolbar
[2013/07/15 15:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
[2013/07/15 15:20:49 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/07/15 15:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/07/15 15:14:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/15 15:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix
[2013/07/15 15:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SmartPCFix
[2013/07/15 15:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFix
[2013/07/15 15:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/07/15 14:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\D-Link
[2013/07/15 14:06:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\pcidevice
[2013/07/15 14:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\D-Link
[2013/07/15 14:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\D-Link
[2013/07/15 14:06:07 | 001,173,992 | ---- | C] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\System32\drivers\rtwlanu.sys
[2013/07/01 11:38:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/06/25 14:22:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/06/24 15:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2013/06/13 12:35:04 | 000,000,000 | ---D | C] -- C:\13-101
[2013/06/13 12:22:24 | 000,000,000 | ---D | C] -- C:\13101.msj
[2013/06/01 09:44:13 | 000,000,000 | ---D | C] -- C:\120502.msj
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
========== Files - Modified Within 180 Days ==========
 
[2013/11/26 11:52:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2013/11/26 11:42:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/26 11:32:14 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/11/26 11:28:29 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013/11/26 11:27:46 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\SmartPCFix Task.job
[2013/11/26 11:27:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/26 08:24:13 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/25 15:01:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
[2013/11/22 13:02:16 | 000,006,285 | ---- | M] () -- C:\WINDOWS\mscad2004.ini
[2013/11/22 13:02:09 | 000,111,958 | ---- | M] () -- C:\13-144 DEEDPLOT.msd
[2013/11/22 13:02:09 | 000,029,867 | ---- | M] () -- C:\13-144 DEEDPLOT.flx
[2013/11/22 11:11:08 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/22 10:05:09 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\http--www.hoyt.com-assets-downloads-wallpaper-HoytI1280x800.jpg.url
[2013/11/22 09:53:21 | 000,894,062 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\BestTechie Forums.mht
[2013/11/22 09:16:03 | 000,000,339 | ---- | M] () -- C:\WINDOWS\Map98.INI
[2013/11/21 15:11:10 | 000,000,041 | ---- | M] () -- C:\WINDOWS\loc2.INI
[2013/11/21 15:11:04 | 000,000,041 | ---- | M] () -- C:\WINDOWS\dmcPrefX.INI
[2013/11/21 15:07:16 | 000,111,958 | ---- | M] () -- C:\13-144 DEEDPLOT.mbk
[2013/11/21 15:07:16 | 000,029,870 | ---- | M] () -- C:\13-144 DEEDPLOT.BAK
[2013/11/21 13:28:06 | 000,218,988 | ---- | M] () -- C:\13-139.flx
[2013/11/21 13:28:06 | 000,069,917 | ---- | M] () -- C:\13-139.msd
[2013/11/21 13:25:27 | 000,218,988 | ---- | M] () -- C:\13-139.BAK
[2013/11/21 13:25:22 | 000,069,917 | ---- | M] () -- C:\13-139.mbk
[2013/11/20 13:42:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
[2013/11/20 10:19:37 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/11/19 11:14:22 | 000,000,083 | ---- | M] () -- C:\WINDOWS\grideditor.INI
[2013/11/19 10:14:52 | 000,056,271 | ---- | M] () -- C:\13-139 JAB.msd
[2013/11/19 10:14:52 | 000,000,000 | ---- | M] () -- C:\13-139 JAB.flx
[2013/11/19 10:14:39 | 000,217,152 | ---- | M] () -- C:\13-139 JAB.BAK
[2013/11/19 10:14:39 | 000,056,271 | ---- | M] () -- C:\13-139 JAB.mbk
[2013/11/19 08:56:01 | 000,146,965 | ---- | M] () -- C:\13-139 JAB.dwg
[2013/11/18 13:02:52 | 000,081,240 | ---- | M] () -- C:\13-131.flx
[2013/11/18 13:02:51 | 000,224,134 | ---- | M] () -- C:\13-131.msd
[2013/11/15 07:39:24 | 000,081,240 | ---- | M] () -- C:\13-131.BAK
[2013/11/15 07:39:23 | 000,224,134 | ---- | M] () -- C:\13-131.mbk
[2013/11/12 12:34:36 | 000,064,223 | ---- | M] () -- C:\13-131.dwg
[2013/11/07 11:19:11 | 000,380,350 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/07 11:19:11 | 000,052,764 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/06 10:22:48 | 000,232,951 | ---- | M] () -- C:\13-123.msd
[2013/11/06 10:22:48 | 000,070,226 | ---- | M] () -- C:\13-123.flx
[2013/11/04 15:05:39 | 000,232,951 | ---- | M] () -- C:\13-123.mbk
[2013/11/04 15:03:33 | 000,070,231 | ---- | M] () -- C:\13-123.BAK
[2013/10/28 10:36:08 | 000,148,085 | ---- | M] () -- C:\13-139 PARISH.msd
[2013/10/28 10:36:08 | 000,038,109 | ---- | M] () -- C:\13-139 PARISH.flx
[2013/10/28 10:35:57 | 000,038,113 | ---- | M] () -- C:\13-139 PARISH.BAK
[2013/10/23 14:25:03 | 000,148,085 | ---- | M] () -- C:\13-139 PARISH.mbk
[2013/10/23 13:56:38 | 000,195,362 | ---- | M] () -- C:\13-138.msd
[2013/10/23 13:56:38 | 000,034,689 | ---- | M] () -- C:\13-138.flx
[2013/10/23 07:52:51 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/10/22 06:49:36 | 000,189,794 | ---- | M] () -- C:\13-138.mbk
[2013/10/22 06:49:36 | 000,033,879 | ---- | M] () -- C:\13-138.BAK
[2013/10/14 06:41:25 | 000,353,980 | ---- | M] () -- C:\13-137.msd
[2013/10/14 06:41:25 | 000,090,343 | ---- | M] () -- C:\13-137.flx
[2013/10/14 06:41:11 | 000,353,980 | ---- | M] () -- C:\13-137.mbk
[2013/10/14 06:41:11 | 000,090,343 | ---- | M] () -- C:\13-137.BAK
[2013/10/08 14:43:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/10/08 14:43:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/10/03 10:45:42 | 000,142,585 | ---- | M] () -- C:\13-130.msd
[2013/10/03 10:45:42 | 000,027,368 | ---- | M] () -- C:\13-130.flx
[2013/09/30 09:08:19 | 000,026,721 | ---- | M] () -- C:\13-130.BAK
[2013/09/30 08:59:04 | 000,142,585 | ---- | M] () -- C:\13-130.mbk
[2013/09/26 14:40:26 | 000,191,583 | ---- | M] () -- C:\RUSTIN.msd
[2013/09/26 14:40:26 | 000,048,221 | ---- | M] () -- C:\RUSTIN.flx
[2013/09/26 14:32:13 | 000,191,583 | ---- | M] () -- C:\RUSTIN.mbk
[2013/09/26 14:32:13 | 000,048,221 | ---- | M] () -- C:\RUSTIN.BAK
[2013/09/25 10:14:27 | 000,184,774 | ---- | M] () -- C:\120705.msd
[2013/09/25 10:13:15 | 000,108,839 | ---- | M] () -- C:\GILKEY.msd
[2013/09/25 10:13:15 | 000,044,132 | ---- | M] () -- C:\GILKEY.flx
[2013/09/25 10:04:42 | 000,108,839 | ---- | M] () -- C:\GILKEY.mbk
[2013/09/25 10:04:42 | 000,044,131 | ---- | M] () -- C:\GILKEY.BAK
[2013/09/25 06:59:57 | 000,042,656 | ---- | M] () -- C:\13-126.flx
[2013/09/25 06:59:53 | 000,263,499 | ---- | M] () -- C:\13-126.msd
[2013/09/24 09:49:53 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Microsoft Office Word 2003.lnk
[2013/09/23 12:33:51 | 000,041,774 | ---- | M] () -- C:\13-126.BAK
[2013/09/23 12:33:22 | 000,120,164 | ---- | M] () -- C:\13-119FARM.flx
[2013/09/23 12:33:17 | 000,473,633 | ---- | M] () -- C:\13-119FARM.msd
[2013/09/20 08:12:54 | 000,473,633 | ---- | M] () -- C:\13-119FARM.mbk
[2013/09/20 08:12:54 | 000,120,168 | ---- | M] () -- C:\13-119FARM.BAK
[2013/09/20 08:00:26 | 000,898,367 | ---- | M] () -- C:\13-119LOT.flx
[2013/09/20 08:00:26 | 000,056,261 | ---- | M] () -- C:\13-119LOT.msd
[2013/09/20 07:54:29 | 000,256,267 | ---- | M] () -- C:\13-126.mbk
[2013/09/18 14:15:37 | 000,496,384 | ---- | M] () -- C:\120405.msd
[2013/09/18 14:10:48 | 000,898,367 | ---- | M] () -- C:\13-119LOT.BAK
[2013/09/18 14:10:48 | 000,056,261 | ---- | M] () -- C:\13-119LOT.mbk
[2013/09/18 06:07:24 | 000,096,143 | ---- | M] () -- C:\13-119.flx
[2013/09/18 06:07:23 | 000,404,215 | ---- | M] () -- C:\13-119.msd
[2013/09/16 09:52:51 | 000,056,281 | ---- | M] () -- C:\13-119 FARM.msd
[2013/09/16 09:52:51 | 000,013,872 | ---- | M] () -- C:\13-119 FARM.flx
[2013/09/16 08:37:11 | 000,404,215 | ---- | M] () -- C:\13-119.mbk
[2013/09/16 08:37:11 | 000,096,139 | ---- | M] () -- C:\13-119.BAK
[2013/09/10 00:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsshimx.sys
[2013/08/27 15:46:19 | 000,139,233 | ---- | M] () -- C:\KITCHENS.msd
[2013/08/27 15:46:19 | 000,067,562 | ---- | M] () -- C:\KITCHENS.flx
[2013/08/21 11:55:03 | 000,139,233 | ---- | M] () -- C:\KITCHENS.mbk
[2013/08/21 11:53:55 | 000,067,566 | ---- | M] () -- C:\KITCHENS.BAK
[2013/08/05 15:06:32 | 000,939,603 | ---- | M] () -- C:\BASIN.msd
[2013/08/02 15:07:54 | 000,306,085 | ---- | M] () -- C:\BASIN.flx
[2013/08/02 15:07:50 | 000,162,458 | ---- | M] () -- C:\BASIN.dwg
[2013/08/02 15:07:49 | 000,939,603 | ---- | M] () -- C:\BASIN.mbk
[2013/08/02 14:57:13 | 000,306,442 | ---- | M] () -- C:\BASIN.BAK
[2013/07/30 09:12:32 | 000,288,930 | ---- | M] () -- C:\eaglecreek.msd
[2013/07/30 09:12:16 | 000,113,480 | ---- | M] () -- C:\eaglecreek.flx
[2013/07/30 09:09:34 | 000,288,930 | ---- | M] () -- C:\eaglecreek.mbk
[2013/07/30 09:09:34 | 000,113,111 | ---- | M] () -- C:\eaglecreek.BAK
[2013/07/30 07:57:55 | 000,063,198 | ---- | M] () -- C:\eaglecreek.dwg
[2013/07/30 07:57:53 | 000,056,281 | ---- | M] () -- C:\13-103 JOSH.msd
[2013/07/22 16:56:55 | 000,135,324 | ---- | M] () -- C:\13-103 JOSH.flx
[2013/07/22 16:18:58 | 000,135,324 | ---- | M] () -- C:\13-103 JOSH.BAK
[2013/07/22 16:18:58 | 000,056,281 | ---- | M] () -- C:\13-103 JOSH.mbk
[2013/07/20 00:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2013/07/20 00:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys
[2013/07/20 00:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2013/07/20 00:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2013/07/16 08:56:05 | 073,944,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2013/07/15 15:35:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/07/15 15:12:32 | 001,160,856 | ---- | M] () -- C:\google_earth_setup.exe
[2013/07/15 14:13:04 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Internet.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Wireless Connection Manager.lnk
[2013/07/14 13:11:11 | 000,354,715 | ---- | M] () -- C:\13-103.msd
[2013/07/09 14:05:59 | 000,871,025 | ---- | M] () -- C:\110101.msd
[2013/07/09 14:05:59 | 000,121,210 | ---- | M] () -- C:\110101.flx
[2013/07/09 13:57:27 | 000,871,025 | ---- | M] () -- C:\110101.mbk
[2013/07/09 13:57:27 | 000,121,210 | ---- | M] () -- C:\110101.BAK
[2013/07/09 13:26:42 | 000,178,691 | ---- | M] () -- C:\120405.flx
[2013/07/09 13:21:20 | 000,496,384 | ---- | M] () -- C:\120405.mbk
[2013/07/09 13:21:20 | 000,178,691 | ---- | M] () -- C:\120405.BAK
[2013/07/09 10:59:59 | 000,121,426 | ---- | M] () -- C:\13-103.flx
[2013/07/09 10:51:58 | 000,354,715 | ---- | M] () -- C:\13-103.mbk
[2013/07/09 10:51:58 | 000,121,426 | ---- | M] () -- C:\13-103.BAK
[2013/07/03 11:55:21 | 000,351,307 | ---- | M] () -- C:\13-106.msd
[2013/07/01 14:42:19 | 000,008,227 | ---- | M] () -- C:\120405.CR5
[2013/07/01 14:38:16 | 000,138,027 | ---- | M] () -- C:\prow composite.msd
[2013/07/01 14:38:16 | 000,035,561 | ---- | M] () -- C:\prow composite.flx
[2013/07/01 14:28:56 | 000,138,027 | ---- | M] () -- C:\prow composite.mbk
[2013/07/01 14:28:56 | 000,035,561 | ---- | M] () -- C:\prow composite.BAK
[2013/07/01 10:58:13 | 000,117,763 | ---- | M] () -- C:\13-106.flx
[2013/07/01 10:58:10 | 000,351,307 | ---- | M] () -- C:\13-106.mbk
[2013/07/01 10:58:10 | 000,117,763 | ---- | M] () -- C:\13-106.BAK
[2013/07/01 00:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2013/06/27 15:10:48 | 000,659,614 | ---- | M] () -- C:\jent sub.flx
[2013/06/27 15:10:48 | 000,489,562 | ---- | M] () -- C:\jent sub.msd
[2013/06/27 14:53:46 | 000,659,614 | ---- | M] () -- C:\jent sub.BAK
[2013/06/27 14:53:46 | 000,489,562 | ---- | M] () -- C:\jent sub.mbk
[2013/06/27 08:34:06 | 000,472,573 | ---- | M] () -- C:\13-101 Boundary2.msd
[2013/06/27 08:34:06 | 000,185,603 | ---- | M] () -- C:\13-101 Boundary2.flx
[2013/06/27 08:12:41 | 000,472,573 | ---- | M] () -- C:\13-101 Boundary2.mbk
[2013/06/27 08:12:41 | 000,185,597 | ---- | M] () -- C:\13-101 Boundary2.BAK
[2013/06/26 08:18:24 | 000,492,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\miniavi.avg
[2013/06/26 08:18:24 | 000,142,495 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2013/06/26 08:18:17 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2013/06/26 08:02:20 | 000,202,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/25 11:44:38 | 000,233,337 | ---- | M] () -- C:\13-105.msd
[2013/06/25 11:44:13 | 000,047,626 | ---- | M] () -- C:\13-105.flx
[2013/06/25 11:44:07 | 000,233,337 | ---- | M] () -- C:\13-105.mbk
[2013/06/25 11:44:07 | 000,047,626 | ---- | M] () -- C:\13-105.BAK
[2013/06/24 15:47:37 | 000,161,907 | ---- | M] () -- C:\13-102.flx
[2013/06/24 15:47:37 | 000,056,231 | ---- | M] () -- C:\13-102.msd
[2013/06/24 15:32:23 | 000,161,912 | ---- | M] () -- C:\13-102.BAK
[2013/06/24 15:32:23 | 000,056,231 | ---- | M] () -- C:\13-102.mbk
[2013/06/21 14:41:57 | 000,455,279 | ---- | M] () -- C:\120801.msd
[2013/06/21 14:39:13 | 000,311,058 | ---- | M] () -- C:\120801.flx
[2013/06/20 14:49:04 | 000,004,363 | ---- | M] () -- C:\Drawing_0.flx
[2013/06/20 06:07:33 | 000,147,303 | ---- | M] () -- C:\QUALITY BORDER.flx
[2013/06/20 06:07:32 | 000,467,461 | ---- | M] () -- C:\QUALITY BORDER.msd
[2013/06/20 06:07:23 | 000,467,461 | ---- | M] () -- C:\QUALITY BORDER.mbk
[2013/06/20 06:07:23 | 000,147,302 | ---- | M] () -- C:\QUALITY BORDER.BAK
[2013/06/17 12:27:14 | 000,424,541 | ---- | M] () -- C:\13-101 Boundary.msd
[2013/06/17 12:25:24 | 000,140,836 | ---- | M] () -- C:\13-101 Boundary.flx
[2013/06/17 11:41:18 | 000,424,541 | ---- | M] () -- C:\13-101 Boundary.mbk
[2013/06/17 11:36:12 | 000,140,798 | ---- | M] () -- C:\13-101 Boundary.BAK
[2013/06/17 06:57:35 | 000,055,821 | ---- | M] () -- C:\TITLE BLOCK.flx
[2013/06/17 06:57:34 | 000,270,646 | ---- | M] () -- C:\TITLE BLOCK.msd
[2013/06/17 06:48:39 | 000,088,511 | ---- | M] () -- C:\13-101.flx
[2013/06/17 06:48:38 | 000,341,552 | ---- | M] () -- C:\13-101.msd
[2013/06/17 06:34:36 | 000,341,552 | ---- | M] () -- C:\13-101.mbk
[2013/06/17 06:34:36 | 000,088,515 | ---- | M] () -- C:\13-101.BAK
[2013/06/13 12:41:42 | 000,008,654 | ---- | M] () -- C:\13-101.dwg
[2013/06/13 12:26:17 | 000,216,479 | ---- | M] () -- C:\13101.msd
[2013/06/13 12:26:17 | 000,035,534 | ---- | M] () -- C:\13101.flx
[2013/06/13 12:24:53 | 000,216,479 | ---- | M] () -- C:\13101.mbk
[2013/06/13 12:24:53 | 000,035,391 | ---- | M] () -- C:\13101.BAK
[2013/06/10 12:16:32 | 000,807,924 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\PICT0046.JPG
[2013/06/10 09:57:00 | 000,215,074 | ---- | M] () -- C:\101202.msd
[2013/06/10 09:57:00 | 000,063,638 | ---- | M] () -- C:\101202.flx
[2013/06/10 08:23:28 | 000,063,555 | ---- | M] () -- C:\121002.flx
[2013/06/10 06:20:40 | 000,213,472 | ---- | M] () -- C:\121002.msd
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/11/22 11:11:08 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/22 10:05:08 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\http--www.hoyt.com-assets-downloads-wallpaper-HoytI1280x800.jpg.url
[2013/11/22 09:53:10 | 000,894,062 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\BestTechie Forums.mht
[2013/11/21 13:32:01 | 000,111,958 | ---- | C] () -- C:\13-144 DEEDPLOT.msd
[2013/11/21 13:32:01 | 000,111,958 | ---- | C] () -- C:\13-144 DEEDPLOT.mbk
[2013/11/21 13:29:34 | 000,029,870 | ---- | C] () -- C:\13-144 DEEDPLOT.BAK
[2013/11/21 13:29:34 | 000,029,867 | ---- | C] () -- C:\13-144 DEEDPLOT.flx
[2013/11/19 10:24:37 | 000,069,917 | ---- | C] () -- C:\13-139.msd
[2013/11/19 10:24:37 | 000,069,917 | ---- | C] () -- C:\13-139.mbk
[2013/11/19 10:24:31 | 000,218,988 | ---- | C] () -- C:\13-139.flx
[2013/11/19 10:24:31 | 000,218,988 | ---- | C] () -- C:\13-139.BAK
[2013/11/19 08:56:00 | 000,146,965 | ---- | C] () -- C:\13-139 JAB.dwg
[2013/11/18 14:35:01 | 000,217,152 | ---- | C] () -- C:\13-139 JAB.BAK
[2013/11/18 14:35:01 | 000,056,271 | ---- | C] () -- C:\13-139 JAB.msd
[2013/11/18 14:35:01 | 000,056,271 | ---- | C] () -- C:\13-139 JAB.mbk
[2013/11/18 14:35:01 | 000,000,000 | ---- | C] () -- C:\13-139 JAB.flx
[2013/11/12 12:34:33 | 000,064,223 | ---- | C] () -- C:\13-131.dwg
[2013/11/06 10:56:25 | 000,224,134 | ---- | C] () -- C:\13-131.msd
[2013/11/06 10:56:25 | 000,224,134 | ---- | C] () -- C:\13-131.mbk
[2013/11/06 10:56:25 | 000,081,240 | ---- | C] () -- C:\13-131.flx
[2013/11/04 14:21:43 | 000,232,951 | ---- | C] () -- C:\13-123.msd
[2013/11/04 14:21:43 | 000,232,951 | ---- | C] () -- C:\13-123.mbk
[2013/11/04 14:21:43 | 000,070,231 | ---- | C] () -- C:\13-123.BAK
[2013/11/04 14:21:43 | 000,070,226 | ---- | C] () -- C:\13-123.flx
[2013/10/25 13:27:49 | 000,081,240 | ---- | C] () -- C:\13-131.BAK
[2013/10/23 14:05:40 | 000,148,085 | ---- | C] () -- C:\13-139 PARISH.msd
[2013/10/23 14:05:40 | 000,148,085 | ---- | C] () -- C:\13-139 PARISH.mbk
[2013/10/23 13:59:24 | 000,038,113 | ---- | C] () -- C:\13-139 PARISH.BAK
[2013/10/23 13:59:24 | 000,038,109 | ---- | C] () -- C:\13-139 PARISH.flx
[2013/10/21 14:33:08 | 000,034,689 | ---- | C] () -- C:\13-138.flx
[2013/10/21 14:33:08 | 000,033,879 | ---- | C] () -- C:\13-138.BAK
[2013/10/21 14:33:07 | 000,195,362 | ---- | C] () -- C:\13-138.msd
[2013/10/21 14:33:07 | 000,189,794 | ---- | C] () -- C:\13-138.mbk
[2013/10/11 11:29:18 | 000,353,980 | ---- | C] () -- C:\13-137.msd
[2013/10/11 11:29:18 | 000,353,980 | ---- | C] () -- C:\13-137.mbk
[2013/10/11 11:29:18 | 000,090,343 | ---- | C] () -- C:\13-137.flx
[2013/10/11 11:29:18 | 000,090,343 | ---- | C] () -- C:\13-137.BAK
[2013/09/30 08:18:20 | 000,142,585 | ---- | C] () -- C:\13-130.msd
[2013/09/30 08:18:20 | 000,142,585 | ---- | C] () -- C:\13-130.mbk
[2013/09/30 08:18:20 | 000,027,368 | ---- | C] () -- C:\13-130.flx
[2013/09/30 08:18:20 | 000,026,721 | ---- | C] () -- C:\13-130.BAK
[2013/09/26 12:12:02 | 000,191,583 | ---- | C] () -- C:\RUSTIN.msd
[2013/09/26 12:12:02 | 000,191,583 | ---- | C] () -- C:\RUSTIN.mbk
[2013/09/26 12:12:02 | 000,048,221 | ---- | C] () -- C:\RUSTIN.flx
[2013/09/26 12:12:02 | 000,048,221 | ---- | C] () -- C:\RUSTIN.BAK
[2013/09/25 08:13:24 | 000,108,839 | ---- | C] () -- C:\GILKEY.msd
[2013/09/25 08:13:24 | 000,108,839 | ---- | C] () -- C:\GILKEY.mbk
[2013/09/25 08:02:11 | 000,044,132 | ---- | C] () -- C:\GILKEY.flx
[2013/09/25 08:02:11 | 000,044,131 | ---- | C] () -- C:\GILKEY.BAK
[2013/09/20 06:10:49 | 000,263,499 | ---- | C] () -- C:\13-126.msd
[2013/09/20 06:10:49 | 000,256,267 | ---- | C] () -- C:\13-126.mbk
[2013/09/20 06:10:49 | 000,042,656 | ---- | C] () -- C:\13-126.flx
[2013/09/20 06:10:49 | 000,041,774 | ---- | C] () -- C:\13-126.BAK
[2013/09/18 13:40:18 | 000,056,261 | ---- | C] () -- C:\13-119LOT.msd
[2013/09/18 13:40:18 | 000,056,261 | ---- | C] () -- C:\13-119LOT.mbk
[2013/09/18 13:40:17 | 000,898,367 | ---- | C] () -- C:\13-119LOT.flx
[2013/09/18 13:40:17 | 000,898,367 | ---- | C] () -- C:\13-119LOT.BAK
[2013/09/16 09:52:51 | 000,056,281 | ---- | C] () -- C:\13-119 FARM.msd
[2013/09/16 09:52:51 | 000,013,872 | ---- | C] () -- C:\13-119 FARM.flx
[2013/09/16 08:46:48 | 000,473,633 | ---- | C] () -- C:\13-119FARM.msd
[2013/09/16 08:46:48 | 000,473,633 | ---- | C] () -- C:\13-119FARM.mbk
[2013/09/16 08:42:55 | 000,120,168 | ---- | C] () -- C:\13-119FARM.BAK
[2013/09/16 08:42:55 | 000,120,164 | ---- | C] () -- C:\13-119FARM.flx
[2013/08/27 16:04:47 | 000,404,215 | ---- | C] () -- C:\13-119.msd
[2013/08/27 16:04:47 | 000,404,215 | ---- | C] () -- C:\13-119.mbk
[2013/08/27 15:48:36 | 000,096,143 | ---- | C] () -- C:\13-119.flx
[2013/08/27 15:48:36 | 000,096,139 | ---- | C] () -- C:\13-119.BAK
[2013/08/02 15:07:49 | 000,162,458 | ---- | C] () -- C:\BASIN.dwg
[2013/08/02 14:57:13 | 000,939,603 | ---- | C] () -- C:\BASIN.msd
[2013/08/02 14:57:13 | 000,939,603 | ---- | C] () -- C:\BASIN.mbk
[2013/08/02 14:57:13 | 000,306,442 | ---- | C] () -- C:\BASIN.BAK
[2013/08/02 14:57:13 | 000,306,085 | ---- | C] () -- C:\BASIN.flx
[2013/07/31 13:24:21 | 000,067,566 | ---- | C] () -- C:\KITCHENS.BAK
[2013/07/31 13:24:21 | 000,067,562 | ---- | C] () -- C:\KITCHENS.flx
[2013/07/31 13:24:20 | 000,139,233 | ---- | C] () -- C:\KITCHENS.msd
[2013/07/31 13:24:20 | 000,139,233 | ---- | C] () -- C:\KITCHENS.mbk
[2013/07/30 12:42:50 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job
[2013/07/30 12:42:49 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job
[2013/07/30 08:01:12 | 000,113,480 | ---- | C] () -- C:\eaglecreek.flx
[2013/07/30 08:01:12 | 000,113,111 | ---- | C] () -- C:\eaglecreek.BAK
[2013/07/30 07:57:53 | 000,288,930 | ---- | C] () -- C:\eaglecreek.msd
[2013/07/30 07:57:53 | 000,288,930 | ---- | C] () -- C:\eaglecreek.mbk
[2013/07/30 07:57:53 | 000,063,198 | ---- | C] () -- C:\eaglecreek.dwg
[2013/07/16 15:12:43 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/07/16 15:05:06 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/15 15:14:16 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\SmartPCFix Task.job
[2013/07/15 15:12:08 | 001,160,856 | ---- | C] () -- C:\google_earth_setup.exe
[2013/07/15 14:13:04 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Internet.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
[2013/07/15 14:06:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Wireless Connection Manager.lnk
[2013/07/15 14:06:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.sys
[2013/07/15 14:06:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\WLNdis50.sys
[2013/07/15 14:06:35 | 000,010,667 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.cat
[2013/07/15 14:06:35 | 000,001,593 | ---- | C] () -- C:\WINDOWS\System32\wlndis50.inf
[2013/07/15 11:53:12 | 000,056,281 | ---- | C] () -- C:\13-103 JOSH.msd
[2013/07/15 11:53:12 | 000,056,281 | ---- | C] () -- C:\13-103 JOSH.mbk
[2013/07/15 11:52:59 | 000,135,324 | ---- | C] () -- C:\13-103 JOSH.flx
[2013/07/15 11:52:59 | 000,135,324 | ---- | C] () -- C:\13-103 JOSH.BAK
[2013/07/03 11:55:21 | 000,354,715 | ---- | C] () -- C:\13-103.msd
[2013/07/03 11:55:21 | 000,354,715 | ---- | C] () -- C:\13-103.mbk
[2013/07/03 11:55:21 | 000,121,426 | ---- | C] () -- C:\13-103.flx
[2013/07/03 11:55:21 | 000,121,426 | ---- | C] () -- C:\13-103.BAK
[2013/07/01 14:41:15 | 000,008,227 | ---- | C] () -- C:\120405.CR5
[2013/07/01 11:53:37 | 000,138,027 | ---- | C] () -- C:\prow composite.msd
[2013/07/01 11:53:37 | 000,138,027 | ---- | C] () -- C:\prow composite.mbk
[2013/07/01 11:53:37 | 000,035,561 | ---- | C] () -- C:\prow composite.flx
[2013/07/01 11:53:37 | 000,035,561 | ---- | C] () -- C:\prow composite.BAK
[2013/06/25 11:44:38 | 000,351,307 | ---- | C] () -- C:\13-106.msd
[2013/06/25 11:44:38 | 000,351,307 | ---- | C] () -- C:\13-106.mbk
[2013/06/25 11:44:38 | 000,117,763 | ---- | C] () -- C:\13-106.flx
[2013/06/25 11:44:38 | 000,117,763 | ---- | C] () -- C:\13-106.BAK
[2013/06/25 10:25:50 | 000,233,337 | ---- | C] () -- C:\13-105.msd
[2013/06/25 10:25:50 | 000,233,337 | ---- | C] () -- C:\13-105.mbk
[2013/06/25 10:25:50 | 000,047,626 | ---- | C] () -- C:\13-105.flx
[2013/06/25 10:25:50 | 000,047,626 | ---- | C] () -- C:\13-105.BAK
[2013/06/21 14:41:57 | 000,659,614 | ---- | C] () -- C:\jent sub.flx
[2013/06/21 14:41:57 | 000,659,614 | ---- | C] () -- C:\jent sub.BAK
[2013/06/21 14:41:57 | 000,489,562 | ---- | C] () -- C:\jent sub.msd
[2013/06/21 14:41:57 | 000,489,562 | ---- | C] () -- C:\jent sub.mbk
[2013/06/20 06:29:50 | 000,056,231 | ---- | C] () -- C:\13-102.msd
[2013/06/20 06:29:50 | 000,056,231 | ---- | C] () -- C:\13-102.mbk
[2013/06/20 06:29:49 | 000,161,912 | ---- | C] () -- C:\13-102.BAK
[2013/06/20 06:29:49 | 000,161,907 | ---- | C] () -- C:\13-102.flx
[2013/06/20 06:06:51 | 000,467,461 | ---- | C] () -- C:\QUALITY BORDER.msd
[2013/06/20 06:06:51 | 000,467,461 | ---- | C] () -- C:\QUALITY BORDER.mbk
[2013/06/20 06:06:51 | 000,147,303 | ---- | C] () -- C:\QUALITY BORDER.flx
[2013/06/20 06:06:51 | 000,147,302 | ---- | C] () -- C:\QUALITY BORDER.BAK
[2013/06/17 11:41:18 | 000,472,573 | ---- | C] () -- C:\13-101 Boundary2.msd
[2013/06/17 11:41:18 | 000,472,573 | ---- | C] () -- C:\13-101 Boundary2.mbk
[2013/06/17 11:41:18 | 000,185,603 | ---- | C] () -- C:\13-101 Boundary2.flx
[2013/06/17 11:41:18 | 000,185,597 | ---- | C] () -- C:\13-101 Boundary2.BAK
[2013/06/17 06:36:02 | 000,424,541 | ---- | C] () -- C:\13-101 Boundary.msd
[2013/06/17 06:36:02 | 000,424,541 | ---- | C] () -- C:\13-101 Boundary.mbk
[2013/06/17 06:36:01 | 000,140,836 | ---- | C] () -- C:\13-101 Boundary.flx
[2013/06/17 06:36:01 | 000,140,798 | ---- | C] () -- C:\13-101 Boundary.BAK
[2013/06/13 12:42:58 | 000,341,552 | ---- | C] () -- C:\13-101.msd
[2013/06/13 12:42:58 | 000,341,552 | ---- | C] () -- C:\13-101.mbk
[2013/06/13 12:42:58 | 000,088,515 | ---- | C] () -- C:\13-101.BAK
[2013/06/13 12:42:58 | 000,088,511 | ---- | C] () -- C:\13-101.flx
[2013/06/13 12:41:40 | 000,008,654 | ---- | C] () -- C:\13-101.dwg
[2013/06/10 06:20:40 | 000,216,479 | ---- | C] () -- C:\13101.msd
[2013/06/10 06:20:40 | 000,216,479 | ---- | C] () -- C:\13101.mbk
[2013/06/10 06:20:40 | 000,035,534 | ---- | C] () -- C:\13101.flx
[2013/06/10 06:20:40 | 000,035,391 | ---- | C] () -- C:\13101.BAK
[2009/12/01 15:51:19 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/29 15:32:07 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2008/08/29 13:47:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006/09/23 13:12:50 | 001,497,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 04:01:53 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 04:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2008/08/29 12:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\5400 Series
[2009/03/09 15:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T
[2009/07/20 12:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATTToolbar
[2013/07/16 16:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/10/22 06:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2013/07/16 15:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/07/15 15:14:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/07/15 14:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\D-Link
[2013/11/26 08:35:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/02/10 15:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NetZero
[2013/07/16 15:57:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2009/02/13 12:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\5400 Series
[2009/03/09 15:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AT&T
[2009/04/06 10:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ATTToolbar
[2013/07/16 16:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG
[2013/07/15 15:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG SafeGuard toolbar
[2013/07/16 15:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/06/24 15:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MSNInstaller
[2013/10/07 07:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nico Mak Computing
[2013/07/15 15:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix
[2013/07/16 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >

Share this post


Link to post
Share on other sites

Go to add/remove panel uninstall these: If Present .
1.  SafePCRepair_89  >>> This file has been identified as a program that is undesirable to have running on your computer.
This consists of programs that are misleading, harmful, or undesirable.
2.  SmartPCFix
3.  Javaâ„¢ 6 Update 15
===============

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the customFix.png.  text box of the OTL tool/program ! Start with and include the colon plus OTL . :OTL

:OTLSRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe -- (vToolbarUpdater17.1.3)SRV - File not found [Auto | Stopped] -- C:\PROGRA~1\SAFEPC~2\bar\1.bin\89barsvc.exe -- (SafePCRepair_89Service)SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)DRV - File not found [Kernel | System | Stopped] --  -- (Changer)IE - HKLM\..\SearchScopes,DefaultScope =IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\URLSearchHook: {be823b8c-a7ec-4078-a321-0f8046cbb48a} - No CLSID value foundIE - HKCU\..\SearchScopes,DefaultScope =IE - HKCU\..\SearchScopes\{4020153B-19DD-446F-A2F7-D99094AE3B4D}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7FF - HKLM\Software\MozillaPlugins\@SafePCRepair_89.com/Plugin: C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll File not foundFF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]_89.com: C:\Program Files\SafePCRepair_89\bar\1.binO2 - BHO: (Toolbar BHO) - {1fc509df-4b29-4ab3-96e6-47c178d60287} - C:\PROGRA~1\SAFEPC~2\bar\1.bin\89bar.dll File not foundO2 - BHO: (Search Assistant BHO) - {5d13bf91-ea09-4ed8-9acd-c6bad32617b9} - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrcAs.dll File not foundO3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.O3 - HKLM\..\Toolbar: (SafePCRepair) - {a9d9ea68-5d09-43ef-a0c5-6f6a6f82a0e1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not foundO3 - HKCU\..\Toolbar\WebBrowser: (SafePCRepair) - {A9D9EA68-5D09-43EF-A0C5-6F6A6F82A0E1} - C:\Program Files\SafePCRepair_89\bar\1.bin\89bar.dll File not foundO4 - HKLM..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF File not found[2013/07/15 15:14:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix[2013/07/15 15:13:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SmartPCFix[2013/07/15 15:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\SmartPCFix[2013/11/26 11:27:46 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\SmartPCFix Task.job[2013/11/25 15:01:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_DEFAULT.job[2013/11/20 13:42:00 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Registry Optimizer_UPDATES.job[2013/07/15 15:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SmartPCFix[2013/07/16 15:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software:Commands[emptyjava][emptyflash][EMPTYTEMP][RESETHOSTS][CREATERESTOREPOINT][Reboot]

# Then click the Run Fix button at the top.
# Click btnOK.png
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

Post the OTL fix log next !!
Thanks
Chuck

Share this post


Link to post
Share on other sites

Leaving this open for a few days extra by request till Monday or Tuesday !!

 

Chuck

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this