Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
This topic is locked
I just registered on BleepingComputer and started a new post with my situation. As I tried to post the topic, my browser timed out as it has done hundreds of times lately. That is why I seek help now. I'll try to post some log files from OTL that I got from Geeks2go. If anyone can help, it will be greatly appreciated. Here are the OTL files:
OTL logfile created on: 2/24/2013 12:18:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\FREDA\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 2.56 Gb Available Physical Memory | 78.85% Memory free
7.07 Gb Paging File | 6.43 Gb Available in Paging File | 90.96% Paging File free
Paging file location(s): C:\pagefile.sys 4096 12288 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.72 Gb Total Space | 216.44 Gb Free Space | 46.47% Space Free | Partition Type: NTFS
Computer Name: FREDA | User Name: FREDA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/02/24 12:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FREDA\Desktop\OTL.exe
PRC - [2013/02/14 08:11:32 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/02/10 15:43:57 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/31 09:11:58 | 000,542,632 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/08/01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/10 17:21:58 | 000,210,568 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe
PRC - [2011/05/31 17:38:30 | 000,167,280 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/05/20 13:36:30 | 000,238,960 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 15:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2009/11/23 18:53:58 | 004,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/11/23 18:53:56 | 001,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008/10/04 12:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 06:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
========== Modules (No Company Name) ==========
MOD - [2011/06/10 17:22:10 | 001,048,512 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\wxmsw28u_core_vc_custom.dll
MOD - [2011/06/10 17:22:10 | 000,726,976 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\wxbase28u_vc_custom.dll
MOD - [2011/06/10 17:22:10 | 000,394,176 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\WebClient.dll
MOD - [2011/06/10 17:22:08 | 000,861,120 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\UIToolkit.dll
MOD - [2011/06/10 17:22:08 | 000,608,704 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Toolkit.dll
MOD - [2011/06/10 17:22:08 | 000,147,904 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\pcre3.dll
MOD - [2011/06/10 17:22:08 | 000,099,776 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\System.dll
MOD - [2011/06/10 17:22:08 | 000,049,600 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Preferences.dll
MOD - [2011/06/10 17:22:06 | 000,132,032 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Discovery.dll
MOD - [2011/06/10 17:22:06 | 000,061,888 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\DriveDetector.dll
MOD - [2011/06/10 17:22:04 | 000,360,896 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Device.dll
MOD - [2011/06/10 17:22:02 | 000,247,744 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\DB.dll
MOD - [2011/06/10 17:22:00 | 000,097,216 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ComCore.dll
MOD - [2011/06/10 17:21:58 | 000,210,568 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe
MOD - [2011/06/10 17:11:30 | 000,033,280 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryGeneric.plugin
MOD - [2011/06/10 17:11:26 | 000,028,160 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryMobileBroadband.plugin
MOD - [2011/06/10 17:11:22 | 000,029,696 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryVPorts.plugin
MOD - [2011/06/10 17:11:22 | 000,018,944 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryNdis.plugin
MOD - [2011/06/10 17:08:54 | 000,016,896 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\ContextSwitcher.plugin
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2006/08/18 13:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
========== Services (SafeList) ==========
SRV - [2013/02/14 08:11:32 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2013/02/10 15:43:57 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/09 21:48:01 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/05 17:08:06 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Stopped] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/05/31 17:38:30 | 000,167,280 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe -- (IERA)
SRV - [2011/05/20 13:36:30 | 000,238,960 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe -- (SwiCardDetectSvc)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2009/03/31 22:54:48 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/11/22 00:25:46 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\IcdSptSv.exe -- (ICDSPTSV)
SRV - [2008/10/04 12:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008/04/14 06:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 06:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [File_System | Auto | Stopped] -- -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mdmxsdk)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- -- (cdrbsvsd)
DRV - [2013/02/24 11:49:20 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/02/20 15:52:58 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gfibto.sys -- (gfibto)
DRV - [2012/11/12 04:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/19 22:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/09/19 22:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/27 18:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/16 12:44:17 | 000,083,968 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swiwdmbx.sys -- (swiwdmbx)
DRV - [2011/05/13 14:53:00 | 000,215,552 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swg3kser00.sys -- (swg3kser00)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/03 15:40:22 | 000,208,128 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2009/05/20 13:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/01/28 12:50:44 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/11/01 02:52:16 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/08/18 10:24:40 | 000,011,264 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ICDUSB3.sys -- (ICDUSB3)
DRV - [2008/01/15 18:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007/10/15 15:36:07 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/10/15 15:36:07 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/02/16 13:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/08/18 13:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {EA169F57-9B7E-4A36-9B14-D0A84A80F73A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1
IE - HKCU\..\SearchScopes\{EA169F57-9B7E-4A36-9B14-D0A84A80F73A}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:18.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1410
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/12/12 09:37:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 15:58:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/22 17:50:01 | 000,000,000 | ---D | M]
[2011/03/15 19:11:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Extensions
[2012/10/23 16:48:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Firefox\Profiles\4205w02i.default\extensions
[2013/02/20 15:57:43 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Firefox\Profiles\4205w02i.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/09/14 10:16:56 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Firefox\Profiles\4205w02i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/02/08 13:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/05 17:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/02/05 17:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/02/08 13:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2013/02/08 13:56:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}(2)
[2013/02/22 17:49:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2013/02/22 09:21:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/02/22 17:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/02/22 17:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/02/22 09:21:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}(2)
[2013/02/05 17:08:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/08/16 16:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008/08/16 16:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008/08/16 16:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2008/05/21 07:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008/05/21 07:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008/05/21 07:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008/08/16 16:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2008/08/16 16:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012/10/22 10:59:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/22 11:00:33 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2013/02/10 12:38:15 | 000,444,743 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 -h-n7y15mc.firoli-sys.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-domains-registrations.com
O1 - Hosts: 127.0.0.1 www.1-domains-registrations.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 15277 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [attcm_AppStart.exe] C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\FREDA\Start Menu\Programs\Startup\EzWare EzDesk.lnk = C:\WINDOWS\EzDesk.exe (EzWare Technology)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: friendsofjamesrogers.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: onlyimaginegraphics.com ([www] http in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258206523468 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1360358360593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{323E3141-105A-49C1-A74C-17F898A22C18}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\FREDA\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/27 16:35:31 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1dee7668-f028-11de-9060-00219b29862e}\Shell - "" = AutoRun
O33 - MountPoints2\{1dee7668-f028-11de-9060-00219b29862e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1dee7668-f028-11de-9060-00219b29862e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{58833bd2-25b8-11e1-9124-000272aa9e26}\Shell - "" = AutoRun
O33 - MountPoints2\{58833bd2-25b8-11e1-9124-000272aa9e26}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{58833bd2-25b8-11e1-9124-000272aa9e26}\Shell\AutoRun\command - "" = E:\WIN\setup.exe -ap
O33 - MountPoints2\{95f25ca4-3122-11de-bceb-b47c9a5178e3}\Shell - "" = AutoRun
O33 - MountPoints2\{95f25ca4-3122-11de-bceb-b47c9a5178e3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95f25ca4-3122-11de-bceb-b47c9a5178e3}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{ff392c54-f5b5-11e0-9117-000272aa9e26}\Shell - "" = AutoRun
O33 - MountPoints2\{ff392c54-f5b5-11e0-9117-000272aa9e26}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff392c54-f5b5-11e0-9117-000272aa9e26}\Shell\AutoRun\command - "" = I:\WIN\setup.exe -ap
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/02/24 12:16:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\FREDA\Desktop\OTL.exe
[2013/02/24 11:44:26 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/02/24 11:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\Malwarebytes
[2013/02/24 11:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/24 11:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/24 11:44:08 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/24 11:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/23 17:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\Anvil Studio
[2013/02/23 17:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\Anvil Studio 2012
[2013/02/22 21:50:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\attcm_AppStart
[2013/02/22 18:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AT&T
[2013/02/20 16:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
[2013/02/20 16:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\LavasoftStatistics
[2013/02/20 15:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2013/02/20 15:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\adawarebp
[2013/02/20 15:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/02/20 15:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2013/02/20 15:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\adawaretb
[2013/02/20 15:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/02/20 15:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus
[2013/02/20 15:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/02/20 15:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2013/02/20 15:52:59 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/02/20 15:52:59 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/02/20 15:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\Ad-Aware Antivirus
[2013/02/20 11:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\Sunbelt Software
[2013/02/15 13:43:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\My Documents\RCA Updater
[2013/02/15 13:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\My Documents\RCA Detective
[2013/02/15 13:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RCA Detective
[2013/02/15 13:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RCA easyRip
[2013/02/15 13:43:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\{userdocs}
[2013/02/15 13:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\My Documents\RCA easyRip
[2013/02/14 09:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\Sun
[2013/02/11 13:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\CrashDump
[2013/02/10 15:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/02/09 11:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/02/08 16:17:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/02/08 14:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Start Menu\Programs\Revo Uninstaller
[2013/02/08 13:56:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\FREDA\Recent
[2013/02/08 10:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2013/02/08 07:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/02/07 16:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\SUPERAntiSpyware.com
[2013/02/07 16:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/02/07 16:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/02/07 16:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/02/07 14:20:23 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2013/02/07 14:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2013/02/05 17:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[35 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[253 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/02/24 12:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FREDA\Desktop\OTL.exe
[2013/02/24 11:49:20 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/02/24 11:45:13 | 000,569,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/24 11:45:13 | 000,110,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/24 11:44:10 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/24 11:41:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/24 11:41:11 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
[2013/02/24 11:40:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/24 11:40:30 | 3487,723,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/24 09:19:40 | 111,077,230 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/02/23 22:31:36 | 000,574,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/23 18:14:59 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Anvil Studio 2012.lnk
[2013/02/23 17:44:23 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint Shop Pro 7.lnk
[2013/02/23 17:15:03 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Shortcut to astudio4.exe.lnk
[2013/02/23 15:59:52 | 000,003,955 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Speedtest.net - The Global Broadband Speed Test.url
[2013/02/23 15:32:53 | 000,000,319 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Weather.url
[2013/02/23 07:22:11 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\AT&T Communication Manager.lnk
[2013/02/22 21:16:33 | 000,003,634 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Novelty Midis.url
[2013/02/22 18:10:31 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AT&T Communication Manager.lnk
[2013/02/22 14:11:02 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hostsoriginal
[2013/02/21 16:41:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2013/02/21 15:54:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/21 15:25:18 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/02/21 15:25:18 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\ROC_REG_JAN.job
[2013/02/21 15:25:18 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\ROC_REG_JAN_DELETE.job
[2013/02/20 15:52:58 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/02/20 15:52:58 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/02/20 13:21:22 | 000,000,120 | -H-- | M] () -- C:\aaw7boot.cmd
[2013/02/18 14:54:32 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2013/02/18 14:43:18 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/02/18 14:43:18 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/02/17 07:45:30 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Barbie.url
[2013/02/16 23:57:00 | 000,000,343 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Wyndham Search Availability.url
[2013/02/16 21:23:14 | 000,000,221 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Not Doppler.url
[2013/02/15 13:43:52 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\RCA easyRip.lnk
[2013/02/15 13:43:52 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FREE AUDIOBOOK.URL
[2013/02/15 13:43:52 | 000,000,217 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GET FREE MP3s.URL
[2013/02/13 14:32:20 | 000,000,033 | ---- | M] () -- C:\WINDOWS\iltwain.ini
[2013/02/10 12:38:15 | 000,444,743 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/02/09 16:31:45 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\housecall.guid.cache
[2013/02/08 17:02:57 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\FREDA\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/08 16:19:05 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/07 17:14:08 | 000,445,128 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130209-215509.backup
[2013/02/07 16:01:16 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/02/07 14:20:16 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2013/02/03 14:11:16 | 269,657,031 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_101917_196.mp4
[2013/02/02 08:23:26 | 000,000,948 | ---- | M] () -- C:\WINDOWS\QIII.INI
[2013/01/31 18:43:04 | 000,083,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/01/30 20:52:46 | 000,037,607 | ---- | M] () -- C:\Program Files\Common Files\license.rtf
[2013/01/30 20:52:46 | 000,008,046 | ---- | M] () -- C:\Program Files\Common Files\setupBanner.jpg
[2013/01/30 16:20:34 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Smith Lake Water Level.url
[2013/01/26 17:48:07 | 047,840,257 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_102509_094.mp4
[2013/01/26 17:47:34 | 223,809,133 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_104558_660.mp4
[2013/01/26 17:46:11 | 250,078,030 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_110745_669.mp4
[35 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[253 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/02/24 11:44:10 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/23 17:15:03 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\Shortcut to astudio4.exe.lnk
[2013/02/23 17:03:19 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Anvil Studio 2012.lnk
[2013/02/23 17:03:19 | 000,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Anvil Studio 2012.lnk
[2013/02/23 15:59:52 | 000,003,955 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\Speedtest.net - The Global Broadband Speed Test.url
[2013/02/23 07:22:11 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\AT&T Communication Manager.lnk
[2013/02/22 21:16:33 | 000,003,634 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\Novelty Midis.url
[2013/02/22 18:10:31 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AT&T Communication Manager.lnk
[2013/02/20 16:24:04 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/02/20 15:57:34 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
[2013/02/20 13:21:22 | 000,000,120 | -H-- | C] () -- C:\aaw7boot.cmd
[2013/02/18 14:43:18 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/02/18 14:43:18 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/02/15 13:43:52 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\RCA easyRip.lnk
[2013/02/15 13:43:52 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FREE AUDIOBOOK.URL
[2013/02/15 13:43:52 | 000,000,217 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GET FREE MP3s.URL
[2013/02/15 13:43:25 | 000,459,663 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\User Manual English_TH18XXC.pdf
[2013/02/09 16:31:45 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\housecall.guid.cache
[2013/02/08 11:48:13 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/02/07 16:01:16 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/02/03 15:18:17 | 223,809,133 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_104558_660.mp4
[2013/02/03 15:18:16 | 047,840,257 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_102509_094.mp4
[2013/02/03 15:18:01 | 250,078,030 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_110745_669.mp4
[2013/02/03 14:11:13 | 269,657,031 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_101917_196.mp4
[2013/01/30 20:52:46 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf
[2013/01/30 20:52:46 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg
[2013/01/26 13:24:17 | 000,716,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-796266127-4252608427-1798623780-1005-0.dat
[2013/01/26 13:24:17 | 000,346,498 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/01/11 12:23:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\rx_image.Cache
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/06/10 11:07:15 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2012/06/10 11:07:15 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2012/06/10 11:07:15 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2012/04/22 21:54:47 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\FREDA\.recently-used.xbel
[2011/11/06 11:35:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/11/06 11:30:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/09/02 20:38:05 | 000,000,378 | ---- | C] () -- C:\WINDOWS\System32\Pen_Tablet.dat
[2011/09/02 20:35:55 | 000,000,654 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2011/03/15 19:11:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/14 11:30:32 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\FREDA\Application Data\ViewerApp.dat
[2010/09/07 10:20:05 | 002,755,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/05/16 21:02:56 | 000,120,832 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/22 08:31:09 | 000,019,461 | ---- | C] () -- C:\Documents and Settings\FREDA\DModem_Trace.trc
[2009/04/07 13:50:57 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\fusioncache.dat
========== ZeroAccess Check ==========
[2008/04/25 15:34:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 22:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/02/20 16:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
[2013/02/20 15:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/01/22 17:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/02/22 14:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/27 18:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/10 08:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2013/02/20 15:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2012/08/09 23:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/04/21 15:31:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/11/24 08:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon_Inc_IC
[2009/09/18 14:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/10/27 18:49:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/02/20 15:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012/12/28 12:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/05/23 08:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2012/11/12 11:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/05/26 17:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/03/31 22:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2012/03/17 12:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/01/20 11:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/04/21 15:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/07/22 15:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra
[2011/10/19 15:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2012/03/17 21:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2013/02/22 14:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/31 22:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2013/02/21 16:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Ad-Aware Antivirus
[2013/02/20 15:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\adawaretb
[2009/04/19 12:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Anvil Studio
[2013/02/22 14:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\AVG
[2010/10/27 19:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\AVG10
[2012/08/09 23:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Canneverbe Limited
[2012/03/10 14:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Canon
[2010/01/22 11:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\CoffeeCup Software
[2009/10/19 08:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/02 08:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ElevatedDiagnostics
[2011/07/10 08:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ERS G-Studio
[2010/05/23 08:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\GARMIN
[2011/09/03 13:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ICAClient
[2012/04/10 06:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\inkscape
[2009/04/08 15:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Jasc
[2009/11/22 11:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\KompoZer
[2012/11/12 11:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Leadertech
[2012/11/20 00:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Memeo
[2010/07/10 14:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Namco
[2012/03/17 12:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\PCDr
[2013/01/20 11:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Samsung
[2009/04/21 15:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ScanSoft
[2012/11/12 11:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Seagate
[2010/01/17 14:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Serif
[2009/12/25 12:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Sierra
[2011/10/19 15:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Sierra Wireless
[2013/01/14 14:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\SmartDraw
[2012/06/28 08:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Stykz
[2012/12/27 22:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\SwvUpdater
[2009/04/07 14:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Windows Search
[2010/12/25 14:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\WTouch
[2009/06/05 16:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Xilisoft Corporation
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\FREDA\Desktop\SavedSkadoodle 2-by Freda.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\FREDA\Desktop\Roy's Toys:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\FREDA\Desktop\DefaultMyDVD9 files:Roxio EMC Stream
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4EE323A4
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAC5BCF5
< End of report >
OTL Extras logfile created on: 2/24/2013 12:18:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\FREDA\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 2.56 Gb Available Physical Memory | 78.85% Memory free
7.07 Gb Paging File | 6.43 Gb Available in Paging File | 90.96% Paging File free
Paging file location(s): C:\pagefile.sys 4096 12288 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.72 Gb Total Space | 216.44 Gb Free Space | 46.47% Space Free | Partition Type: NTFS
Computer Name: FREDA | User Name: FREDA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with ACDSee] -- C:\Program Files\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [ZipExplode Directory] -- C:\Program Files\ZipExploder\Exploder.exe "%1" (BCW Software)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\1Ws_ftp\WS_FTP95.exe" = C:\Program Files\1Ws_ftp\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Kompozer\KompoZer 0.7.10\kompozer.exe" = C:\Program Files\Kompozer\KompoZer 0.7.10\kompozer.exe:*:Disabled:Composer -- (Mozilla Foundation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Disabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Disabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Quake III Arena\quake3.exe" = C:\Program Files\Quake III Arena\quake3.exe:*:Disabled:quake3 -- ()
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Disabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Program Files\AT&T\AT&T Communication Manager\SwiApiMuxX.exe" = C:\Program Files\AT&T\AT&T Communication Manager\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX -- (Sierra Wireless, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Disabled:WebKit -- (Apple Inc.)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0EF946E8-2406-82FB-23CD-09B39AFD781D}" = CCC Help French
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series" = Canon MP610 series
"{12A3AF78-CBB5-484B-AE87-927C4DE6B9A8}" = Garmin City Navigator North America NT 2011.10 Update
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FAFEF2D-E38E-AFF2-873E-743381EF6011}" = ccc-utility
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{26E4576A-C55C-386C-379A-4F048FBE811F}" = Skins
"{2E625F3B-FA2B-27C4-F470-45F2D208277F}" = CCC Help English
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{371D967E-8E71-4E47-8F97-E5EC49A58556}" = AT&T Communication Manager
"{3BDC625A-5326-112C-2285-51EFFE42DD27}" = CCC Help Korean
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{486B99AF-8BCF-849E-ABAB-FC3C321EA4DA}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D860F7C-B285-64AC-EB84-343891A58885}" = Catalyst Control Center Localization All
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{55115B99-1B96-479E-AFD6-CE17FC9F94B5}" = AVG 2011
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5BF4F3D5-703F-6352-AB20-ADEFCEE81AB6}" = CCC Help Chinese Traditional
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5FD5BE54-CFAC-9CF0-8983-5931E495D2D4}" = CCC Help Italian
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{62201736-0A1F-4C6F-9C59-1AA3360CEA50}" = Homespun Collection
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A11104-530E-6702-DA2A-7D56F052FE52}" = CCC Help Hungarian
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CE979C6-E5FF-41C5-B6CC-4EE18071563B}" = SierraAddressBook 3.0
"{7E44C354-10A8-4214-9C56-F3F00775E415}_is1" = Stykz for Windows 1.0.2
"{822A27F8-420B-A5AE-D9E6-B925B84988D1}" = CCC Help German
"{8344D4A2-FE9C-4275-AE51-0FD07CC9A5DB}" = Xara3D6
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98FF6869-E903-0A4B-D2D0-7BB99C8EFAB7}" = CCC Help Chinese Standard
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2A42043-BCC2-495A-8BD6-5A905D101619}" = Anvil Studio 2012
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A676D72C-6ADD-2F00-2696-A3612D7FEB7C}" = ccc-core-static
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD2ED779-9542-9D3A-1FA5-7EBBB904C2D2}" = CCC Help Turkish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C797EAF2-707A-4239-BDF3-F2672314A734}" = First Step Guide
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8899CF-02A9-FC4C-EF06-4DEF8D70E824}" = Catalyst Control Center Graphics Previews Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{CEB4458B-5F7F-478A-B69A-C16EE67C9E7D}" = Ad-Aware Antivirus
"{CEDD9A6B-7C8C-2CCB-1282-3BB949D4200E}" = Catalyst Control Center Graphics Full New
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{DFF1DFAE-8545-B6A8-2A5F-22A452CB866B}" = Catalyst Control Center Graphics Light
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EADC19D5-5639-EAB9-335B-A46D8762EE95}" = Catalyst Control Center Graphics Full Existing
"{EBB54970-8AA5-2830-02D0-7DD016EBA860}" = ccc-core-preinstall
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0E10150-790C-469E-882D-3EFA82542D2E}" = AVG 2011
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2C1EDB3-B1AA-55C8-FE0C-F6F7F87A7489}" = CCC Help Japanese
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FE81A5E6-D32A-ABD7-3819-A8549CA8E3D4}" = CCC Help Portuguese
"{FF904D22-BE29-3D7C-611A-3D556DA2FE7D}" = Catalyst Control Center Core Implementation
"20/20 v2.1" = 20/20 v2.1
"ACDSee 32" = ACDSee 32
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Software Uninstall Utility
"Arachnophilia version 4.0_is1" = Arachnophilia version 4.0
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"BFGC" = Big Fish Games: Game Manager
"BFG-Hidden Wonders of the Depths 3 - Atlantis Adventures" = Hidden Wonders of the Depths 3: Atlantis Adventures
"CameraUserGuide-PSSX40HS" = Canon PowerShot SX40 HS Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC 8
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Encoder" = Canon MOV Encoder
"Canon MP610 series User Registration" = Canon MP610 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Codec" = DivX Codec
"DivX Player" = DivX Player 2.1
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Eye Candy 4000" = Eye Candy 4000
"FreeCell Plus" = FreeCell Plus
"GoToAssist" = GoToAssist 8.0.0.514
"HughesNetTools" = HughesNetTools
"Icon Restore_is1" = Icon Restore 1.0
"ie8" = Windows Internet Explorer 8
"Indeo® Software" = Indeo® Software
"Inkscape" = Inkscape 0.48.2
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 18.0.2 (x86 en-US)" = Mozilla Firefox 18.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Path Copy" = Path Copy 3.0
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.6
"Print Artist 2003" = Print Artist 2003
"PROSet" = Intel® PRO Network Connections Drivers
"Quake III Arena" = Quake III Arena
"RCA Detective™_is1" = RCA Detective™ 3.0.4.0
"RCA easyRip_is1" = RCA easyRip 2.5.9.0
"RCA Updater_is1" = RCA Updater 2.1.7.1
"RealSimpleAnniversaryClock_is1" = RealSimpleAnniversaryClock
"RegScrubXP_is1" = RegScrubXP 3.25
"Revo Uninstaller" = Revo Uninstaller 1.93
"ScanSoft PaperPort Viewer 7.0" = ScanSoft PaperPort Viewer 7.0
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"Spell Checker For OE 2.1" = Spell Checker For OE 2.1
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VLC media player 0.9.9
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bd4d3a0508d364f5" = Dell Driver Download Manager
"MyFreeCodec" = MyFreeCodec
"SmartDraw 6" = SmartDraw 6
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/2/2012 4:35:52 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application anim.exe, version 3.0.0.4, faulting module mfc42.dll,
version 6.2.8081.0, fault address 0x0000451c.
Error - 6/3/2012 8:42:31 AM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application psp.exe, version 7.0.0.4, faulting module psp.exe,
version 7.0.0.4, fault address 0x000c752d.
Error - 6/3/2012 8:44:57 AM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application psp.exe, version 7.0.0.4, faulting module psp.exe,
version 7.0.0.4, fault address 0x000c752d.
Error - 6/3/2012 1:00:30 PM | Computer Name = FREDA | Source = Application Hang | ID = 1002
Description = Hanging application moviemk.exe, version 2.1.4028.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 6/3/2012 3:28:00 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application anim.exe, version 3.0.0.4, faulting module mfc42.dll,
version 6.2.8081.0, fault address 0x0007327b.
Error - 6/3/2012 5:32:21 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application anim.exe, version 3.0.0.4, faulting module mfc42.dll,
version 6.2.8081.0, fault address 0x0000451c.
Error - 11/14/2012 5:57:45 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application dreamweaver.exe, version 4.0.1064.0, faulting
module dreamweaver.exe, version 4.0.1064.0, fault address 0x00046189.
Error - 11/20/2012 12:17:17 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
spybotsd.exe, version 1.6.2.46, fault address 0x000049ee.
Error - 2/21/2013 6:36:52 PM | Computer Name = FREDA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
Error - 2/21/2013 6:36:56 PM | Computer Name = FREDA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown
[ System Events ]
Error - 11/20/2012 11:21:27 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7024
Description = The IIS Admin service terminated with service-specific error 2147549183
(0x8000FFFF).
Error - 11/20/2012 11:21:57 AM | Computer Name = FREDA | Source = DCOM | ID = 10010
Description = The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not register
with DCOM within the required timeout.
Error - 11/20/2012 11:46:13 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7000
Description = The StarOpen service failed to start due to the following error: %%2
Error - 11/20/2012 11:46:13 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7001
Description = The Canon Camera Access Library 8 service depends on the Windows Image
Acquisition (WIA) service which failed to start because of the following error:
%58
Error - 11/20/2012 11:50:26 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7022
Description = The IIS Admin service hung on starting.
Error - 11/20/2012 11:50:26 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7001
Description = The World Wide Web Publishing service depends on the IIS Admin service
which failed to start because of the following error: %70
Error - 11/20/2012 11:50:27 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7024
Description = The IIS Admin service terminated with service-specific error 2147549183
(0x8000FFFF).
Error - 11/20/2012 11:50:56 AM | Computer Name = FREDA | Source = DCOM | ID = 10010
Description = The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not register
with DCOM within the required timeout.
Error - 11/20/2012 12:50:22 PM | Computer Name = FREDA | Source = Service Control Manager | ID = 7024
Description = The IIS Admin service terminated with service-specific error 2147549183
(0x8000FFFF).
Error - 11/20/2012 12:50:52 PM | Computer Name = FREDA | Source = DCOM | ID = 10010
Description = The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not register
with DCOM within the required timeout.
< End of report >
Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum. Duplicate topic in same forum was deleted. ~ Animal
Back to top
to 
