Ken... I checked ALL the boxes shown under the various tabs of RogueKiller, except for one tab that had no boxes to check? The results: some showed as deleted, some as replaced, and some as error! Another strange thing happened... Mary's desktop pic was replaced with one I hadn't seen in years?
With the FRST program I incl. the Addition file just in-case you forgot to ask for it? Mary's computer seems to be running a bit faster, but not yet to speed.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-08-2014 01
Ran by MARY (administrator) on MJABROAD on 11-08-2014 15:38:56
Running from C:\Documents and Settings\MARY.MJABROAD\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\ToolbarUpdater.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\loggingserver.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Google Inc.) C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\.DEFAULT\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-21-746137067-2146843231-725345543-500\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-746137067-2146843231-725345543-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-746137067-2146843231-725345543-500\...\Run: [Google Update] => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2013-03-08] (Google Inc.)
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Internet Explorer.lnk
ShortcutTarget: Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\dlbcserv.lnk
ShortcutTarget: dlbcserv.lnk -> C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\dlbcserv.lnk
ShortcutTarget: dlbcserv.lnk -> C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://isearch.avg.com/search?cid={6AFDFF64-BDD0-4394-B7BF-0EE3822E91F6}&mid=950fddbc12eb47d2bd48d15a668f715c-07ebd5bbc5ce97c161dcff7c16f8330584c5af18&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-08 17:40:07&v=18.1.8.643&pid=avg&sg=&sap=dsp&q={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - No File
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.8\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.8\\npsitesafety.dll No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-31]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-02-24]
Chrome:
=======
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-11]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-11]
CHR Extension: (Google Wallet) - C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software) [File not signed]
R2 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-02-24] (Sun Microsystems, Inc.)
R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [311296 2004-03-04] (Lexmark International, Inc.)
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation) [File not signed]
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2004-08-04] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Skype C2C Service; C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
R2 vToolbarUpdater18.1.8; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\ToolbarUpdater.exe [1813528 2014-08-08] (AVG Secure Search)
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-13] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2004-08-04] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-13] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-13] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-08-08] (AVG Technologies)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-08-04] (Microsoft Corporation) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-08-04] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-08-04] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-13] (Microsoft Corporation) [File not signed]
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2005-03-22] (Adaptec, Inc.) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-08-04] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) [File not signed]
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-13] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-13] (Microsoft Corporation) [File not signed]
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-08-04] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2004-08-04] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation) [File not signed]
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-13] (Microsoft Corporation) [File not signed]
S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) [File not signed]
R0 IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [5504 2008-04-13] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-13] (Microsoft Corporation) [File not signed]
R2 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-08-04] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-13] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-13] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-13] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-13] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-11] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-08-04] (Microsoft Corporation) [File not signed]
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2004-08-04] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-13] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-13] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-13] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-08-04] (Microsoft Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-08-04] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-08-04] (Microsoft Corporation) [File not signed]
R3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-13] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-13] (Microsoft Corporation) [File not signed]
R2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2004-08-04] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-13] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-13] (Microsoft Corporation) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-08-04] (Parallel Technologies, Inc.) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-08-04] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-08-04] (Microsoft Corporation) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-08-04] (Microsoft Corporation) [File not signed]
R3 rdpdr; C:\WINDOWS\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-13] (Microsoft Corporation) [File not signed]
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-13] (Microsoft Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-13] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-06-23] (TuneUp Software)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-13] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2014-08-09] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-13] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) [File not signed]
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2004-08-04] (Microsoft Corporation) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) [File not signed]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) [File not signed]
S3 ZSMC301b; System32\Drivers\usbVM31b.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 15:38 - 2014-08-11 15:41 - 00033711 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\FRST.txt
2014-08-11 15:38 - 2014-08-11 15:38 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Desktop\FRST-OlderVersion
2014-08-11 14:15 - 2014-08-11 14:15 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\Macromedia
2014-08-11 12:19 - 2014-08-11 12:19 - 00029160 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-11 12:18 - 2014-08-11 12:19 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\RogueKiller
2014-08-11 12:18 - 2014-08-11 12:19 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\RogueKiller
2014-08-11 12:10 - 2014-08-11 12:13 - 04817496 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\RogueKiller.exe
2014-08-11 11:15 - 2014-08-11 01:20 - 00401920 _____ (Farbar) C:\Documents and Settings\MARY.MJABROAD\Desktop\MiniToolBox.exe
2014-08-10 22:32 - 2014-08-10 22:33 - 00000000 ___SD () C:\ComboFix
2014-08-10 22:10 - 2014-08-10 22:11 - 01944824 _____ (Bleeping Computer, LLC) C:\Documents and Settings\MARY.MJABROAD\Desktop\rkill.exe
2014-08-10 20:12 - 2014-08-10 20:12 - 00000000 ____D () C:\Program Files\Microsoft Windows OneCare Live(3)
2014-08-10 20:03 - 2014-08-10 20:04 - 00255488 ___SH () C:\Documents and Settings\Administrator\My Documents\Thumbs.db
2014-08-10 20:03 - 2014-08-10 20:03 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Temp
2014-08-10 20:03 - 2014-08-10 20:03 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Adobe
2014-08-10 20:00 - 2014-07-16 22:59 - 00002356 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\Google Chrome.lnk
2014-08-10 19:59 - 2011-07-25 16:42 - 00000803 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\Internet Explorer.lnk
2014-08-10 19:58 - 2013-06-12 18:09 - 00001720 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\888poker.lnk
2014-08-10 16:43 - 2014-08-11 15:26 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 16:42 - 2014-08-10 16:42 - 00000777 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-10 16:42 - 2014-08-10 16:42 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-10 16:42 - 2014-08-10 16:42 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 16:42 - 2014-08-10 16:42 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 16:42 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-10 16:42 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-09 17:33 - 2014-08-09 17:33 - 00000000 _RSHD () C:\cmdcons
2014-08-09 17:33 - 2005-10-04 23:34 - 00000211 _____ () C:\Boot.bak
2014-08-09 17:33 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-08-09 17:26 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-08-09 17:26 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-08-09 17:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-08-09 17:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-08-09 17:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-08-09 17:26 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-08-09 17:26 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-08-09 17:26 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-08-09 17:26 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-08-09 17:25 - 2014-08-09 17:26 - 00000000 ____D () C:\Qoobox
2014-08-09 17:21 - 2014-08-09 17:21 - 00000000 ____D () C:\WINDOWS\erdnt
2014-08-09 17:17 - 2014-08-09 17:19 - 05568206 ____R (Swearware) C:\Documents and Settings\MARY.MJABROAD\Desktop\ComboFix.exe
2014-08-09 03:55 - 2014-08-09 03:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-08-09 03:55 - 2014-08-09 03:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-08-09 03:03 - 2014-08-09 03:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-09 02:58 - 2014-08-09 02:59 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\MARY.MJABROAD\Desktop\tdsskiller.exe
2014-08-08 23:53 - 2014-08-11 15:39 - 00000000 ____D () C:\FRST
2014-08-08 23:17 - 2014-08-11 15:38 - 01091072 _____ (Farbar) C:\Documents and Settings\MARY.MJABROAD\Desktop\FRST.exe
2014-08-08 23:07 - 2014-08-08 23:08 - 05185536 _____ (AVAST Software) C:\Documents and Settings\MARY.MJABROAD\Desktop\aswMBR.exe
2014-08-08 20:51 - 2014-08-08 20:51 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Desktop\MALWARE TOOLS
2014-08-08 18:49 - 2014-08-08 18:49 - 00625664 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\dds.scr
2014-08-08 18:48 - 2014-08-08 18:48 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\MARY.MJABROAD\Desktop\HiJackThis.exe
2014-08-08 18:46 - 2014-08-08 18:47 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\MARY.MJABROAD\Desktop\OTL.exe
2014-08-08 17:41 - 2014-08-08 21:40 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\AVG Secure Search
2014-08-08 17:40 - 2014-08-08 17:40 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\AVG Secure Search
2014-08-08 17:40 - 2014-08-08 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
2014-08-08 17:40 - 2014-08-08 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
2014-08-08 17:39 - 2014-08-08 17:37 - 00042784 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-08-08 17:38 - 2014-08-08 17:40 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
2014-08-08 14:35 - 2014-08-08 14:45 - 00001370 _____ () C:\WINDOWS\setupapi.log
2014-08-08 14:06 - 2014-08-08 14:06 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\AVG
2014-08-08 14:06 - 2014-08-08 14:06 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\AVG
2014-08-06 07:01 - 2014-08-06 07:01 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\MFAData
2014-08-06 06:59 - 2014-08-06 07:00 - 04424240 _____ (AVG Technologies) C:\Documents and Settings\MARY.MJABROAD\Desktop\avg_isct_stb_all_2014_4116_cm5.exe
2014-08-06 06:51 - 2014-08-06 06:51 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Google
2014-08-06 06:02 - 2014-08-06 06:02 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\TuneUp Software
2014-08-06 05:25 - 2014-08-06 05:25 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\AVG
2014-08-06 05:25 - 2014-08-06 05:25 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\AVG
2014-08-06 05:20 - 2014-08-10 20:03 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\Adobe
2014-08-06 05:20 - 2014-08-06 05:20 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Accessories
2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 __SHD () C:\Documents and Settings\MARY.MJABROAD\PrivacIE
2014-08-06 05:15 - 2014-08-06 05:15 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\AVG2014
2014-08-06 05:14 - 2014-08-06 14:13 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Avg2014
2014-08-06 05:14 - 2014-08-06 05:14 - 00000803 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Internet Explorer.lnk
2014-08-06 05:14 - 2014-08-06 05:14 - 00000738 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Outlook Express.lnk
2014-08-06 05:13 - 2014-08-11 15:42 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Temp
2014-08-06 05:13 - 2014-08-11 15:23 - 00000178 ___SH () C:\Documents and Settings\MARY.MJABROAD\ntuser.ini
2014-08-06 05:13 - 2014-08-08 12:55 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD
2014-08-06 05:13 - 2014-08-06 05:14 - 00000788 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Windows Media Player.lnk
2014-08-06 05:13 - 2013-10-10 21:25 - 00000000 __SHD () C:\Documents and Settings\MARY.MJABROAD\IETldCache
2014-08-06 05:13 - 2013-03-09 00:51 - 00001599 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Remote Assistance.lnk
2014-08-06 02:46 - 2014-08-06 02:46 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\Macromedia
2014-08-06 01:44 - 2014-08-06 01:44 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\AVG
2014-08-06 01:44 - 2014-08-06 01:44 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\AVG
2014-08-06 01:39 - 2014-08-06 01:39 - 00000000 __SHD () C:\Documents and Settings\Mary's Computer\PrivacIE
2014-08-06 01:39 - 2014-08-06 01:39 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\Adobe
2014-08-06 01:31 - 2014-08-06 01:31 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\TuneUp Software
2014-08-06 01:23 - 2014-08-06 01:23 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\MFAData
2014-08-06 01:19 - 2014-08-06 01:19 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\Google
2014-08-06 01:18 - 2014-08-06 05:20 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Temp
2014-08-06 01:18 - 2014-08-06 05:13 - 00000178 ___SH () C:\Documents and Settings\Mary's Computer\ntuser.ini
2014-08-06 01:18 - 2014-08-06 05:13 - 00000000 ____D () C:\Documents and Settings\Mary's Computer
2014-08-06 01:18 - 2014-08-06 01:58 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\Avg2014
2014-08-06 01:18 - 2014-08-06 01:18 - 00000803 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Internet Explorer.lnk
2014-08-06 01:18 - 2014-08-06 01:18 - 00000788 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Windows Media Player.lnk
2014-08-06 01:18 - 2014-08-06 01:18 - 00000738 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Outlook Express.lnk
2014-08-06 01:18 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Accessories
2014-08-06 01:18 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\AVG2014
2014-08-06 01:18 - 2013-10-10 21:25 - 00000000 __SHD () C:\Documents and Settings\Mary's Computer\IETldCache
2014-08-06 01:18 - 2013-03-09 00:51 - 00001599 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Remote Assistance.lnk
2014-08-05 22:59 - 2014-08-11 15:23 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-08-05 22:58 - 2014-08-05 22:58 - 00001745 _____ () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00001745 _____ () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00001745 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 1-Click Maintenance.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00001739 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG PC TuneUp 2014.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014
2014-08-05 22:58 - 2014-08-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014
2014-08-05 22:58 - 2014-07-14 12:26 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
2014-08-05 22:57 - 2014-08-05 22:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG
2014-08-05 22:57 - 2014-08-05 22:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVG
2014-08-05 22:52 - 2014-08-05 22:52 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVG2014
2014-08-05 22:28 - 2014-08-05 23:33 - 00000000 __SHD () C:\Documents and Settings\All Users.WINDOWS\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-05 22:28 - 2014-08-05 23:33 - 00000000 __SHD () C:\Documents and Settings\All Users.WINDOWS\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-05 22:24 - 2014-08-05 22:59 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2014-08-05 22:24 - 2014-08-05 22:59 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2014-08-05 22:10 - 2014-08-05 22:10 - 00810198 _____ () C:\Documents and Settings\Administrator\Desktop\AVGInstLog.cab
2014-08-05 22:05 - 2014-08-06 07:13 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG
2014-08-05 22:05 - 2014-08-06 07:13 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG
2014-08-05 22:05 - 2014-08-05 22:05 - 00000702 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 2014.lnk
2014-08-05 22:05 - 2014-08-05 22:05 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2014-08-05 22:03 - 2014-08-05 22:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2014
2014-08-05 22:03 - 2014-08-05 22:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2014
2014-08-05 22:03 - 2014-08-05 22:03 - 00000000 ___HD () C:\$AVG
2014-08-05 22:01 - 2014-08-05 22:54 - 00000000 ____D () C:\Program Files\AVG
2014-08-05 21:39 - 2014-08-05 22:12 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2014
2014-08-05 21:39 - 2014-08-05 21:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData
2014-07-27 13:26 - 2014-07-27 13:26 - 00000000 ____D () C:\WINDOWS\LastGood(3)
2014-07-27 01:41 - 2014-07-27 01:45 - 00002048 _____ () C:\Documents and Settings\Administrator\My Documents\Backup.bkf
2014-07-19 16:07 - 2014-07-19 16:08 - 00065536 _____ () C:\WINDOWS\Minidump\Mini071914-01.dmp
2014-07-18 22:21 - 2014-07-18 22:21 - 00276848 _____ () C:\Documents and Settings\Administrator\Desktop\download.htm
2014-07-16 23:53 - 2014-07-16 23:51 - 00287423 _____ () C:\Documents and Settings\Administrator\Desktop\grandpa and his boys.htm
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 15:42 - 2014-08-06 05:13 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Temp
2014-08-11 15:41 - 2014-08-11 15:38 - 00033711 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\FRST.txt
2014-08-11 15:41 - 2009-08-12 16:39 - 00000438 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{7D0F0C55-E4E8-48A5-8365-85495DCEA754}.job
2014-08-11 15:39 - 2014-08-08 23:53 - 00000000 ____D () C:\FRST
2014-08-11 15:38 - 2014-08-11 15:38 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Desktop\FRST-OlderVersion
2014-08-11 15:38 - 2014-08-08 23:17 - 01091072 _____ (Farbar) C:\Documents and Settings\MARY.MJABROAD\Desktop\FRST.exe
2014-08-11 15:34 - 2013-03-08 19:24 - 00001010 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-2146843231-725345543-500UA.job
2014-08-11 15:31 - 2011-03-26 14:49 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
2014-08-11 15:31 - 2011-03-26 14:49 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
2014-08-11 15:26 - 2014-08-10 16:43 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 15:26 - 2005-10-04 23:38 - 02028243 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-11 15:25 - 2005-10-04 16:30 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2014-08-11 15:24 - 2014-03-27 18:23 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-11 15:24 - 2013-03-10 21:46 - 00000616 ____H () C:\WINDOWS\Tasks\ConfigExec.job
2014-08-11 15:24 - 2005-10-04 23:57 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-11 15:24 - 2005-10-04 16:30 - 00000049 ____C () C:\WINDOWS\wiaservc.log
2014-08-11 15:23 - 2014-08-06 05:13 - 00000178 ___SH () C:\Documents and Settings\MARY.MJABROAD\ntuser.ini
2014-08-11 15:23 - 2014-08-05 22:59 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-08-11 15:23 - 2005-10-04 23:57 - 00032556 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-11 14:56 - 2012-04-07 17:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-11 14:15 - 2014-08-11 14:15 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\Macromedia
2014-08-11 12:46 - 2013-03-10 21:46 - 00000580 ____H () C:\WINDOWS\Tasks\DataUpload.job
2014-08-11 12:19 - 2014-08-11 12:19 - 00029160 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-08-11 12:19 - 2014-08-11 12:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\RogueKiller
2014-08-11 12:19 - 2014-08-11 12:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\RogueKiller
2014-08-11 12:13 - 2014-08-11 12:10 - 04817496 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\RogueKiller.exe
2014-08-11 01:20 - 2014-08-11 11:15 - 00401920 _____ (Farbar) C:\Documents and Settings\MARY.MJABROAD\Desktop\MiniToolBox.exe
2014-08-10 22:33 - 2014-08-10 22:32 - 00000000 ___SD () C:\ComboFix
2014-08-10 22:11 - 2014-08-10 22:10 - 01944824 _____ (Bleeping Computer, LLC) C:\Documents and Settings\MARY.MJABROAD\Desktop\rkill.exe
2014-08-10 20:12 - 2014-08-10 20:12 - 00000000 ____D () C:\Program Files\Microsoft Windows OneCare Live(3)
2014-08-10 20:12 - 2010-06-17 21:27 - 00000000 ____D () C:\Program Files\Microsoft Windows OneCare Live
2014-08-10 20:04 - 2014-08-10 20:03 - 00255488 ___SH () C:\Documents and Settings\Administrator\My Documents\Thumbs.db
2014-08-10 20:03 - 2014-08-10 20:03 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Temp
2014-08-10 20:03 - 2014-08-10 20:03 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Adobe
2014-08-10 20:03 - 2014-08-06 05:20 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\Adobe
2014-08-10 20:03 - 2005-10-05 01:37 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\My Received Files
2014-08-10 17:34 - 2013-03-08 19:24 - 00000958 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-2146843231-725345543-500Core.job
2014-08-10 16:42 - 2014-08-10 16:42 - 00000777 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-10 16:42 - 2014-08-10 16:42 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-10 16:42 - 2014-08-10 16:42 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 16:42 - 2014-08-10 16:42 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 16:35 - 2013-03-12 19:49 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2014-08-10 16:35 - 2013-03-12 19:49 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2014-08-10 08:29 - 2005-10-04 23:58 - 00000278 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-10 08:28 - 2004-08-04 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-09 17:33 - 2014-08-09 17:33 - 00000000 _RSHD () C:\cmdcons
2014-08-09 17:33 - 2005-09-18 10:18 - 00000327 __RSH () C:\boot.ini
2014-08-09 17:26 - 2014-08-09 17:25 - 00000000 ____D () C:\Qoobox
2014-08-09 17:21 - 2014-08-09 17:21 - 00000000 ____D () C:\WINDOWS\erdnt
2014-08-09 17:19 - 2014-08-09 17:17 - 05568206 ____R (Swearware) C:\Documents and Settings\MARY.MJABROAD\Desktop\ComboFix.exe
2014-08-09 03:55 - 2014-08-09 03:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-08-09 03:55 - 2014-08-09 03:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-08-09 03:55 - 2013-08-14 07:55 - 04878677 _____ () C:\WINDOWS\KB2859537.log
2014-08-09 03:55 - 2013-03-11 03:00 - 07133110 _____ () C:\WINDOWS\KB2676562.log
2014-08-09 03:55 - 2005-10-04 16:28 - 02761811 ____C () C:\WINDOWS\FaxSetup.log
2014-08-09 03:55 - 2005-10-04 16:28 - 01349355 ____C () C:\WINDOWS\ocgen.log
2014-08-09 03:55 - 2005-10-04 16:28 - 01272137 ____C () C:\WINDOWS\tsoc.log
2014-08-09 03:55 - 2005-10-04 16:28 - 01132372 ____C () C:\WINDOWS\iis6.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00937088 _____ () C:\WINDOWS\comsetup.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00864910 ____C () C:\WINDOWS\msmqinst.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00572796 ____C () C:\WINDOWS\ntdtcsetup.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00484384 ____C () C:\WINDOWS\netfxocm.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00191640 ____C () C:\WINDOWS\MedCtrOC.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00153497 ____C () C:\WINDOWS\ocmsn.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00138912 ____C () C:\WINDOWS\tabletoc.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00138894 ____C () C:\WINDOWS\msgsocm.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-08-09 03:55 - 2005-10-04 16:28 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-08-09 03:07 - 2004-08-04 14:00 - 00052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-08-09 03:03 - 2014-08-09 03:03 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-09 02:59 - 2014-08-09 02:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\MARY.MJABROAD\Desktop\tdsskiller.exe
2014-08-08 23:08 - 2014-08-08 23:07 - 05185536 _____ (AVAST Software) C:\Documents and Settings\MARY.MJABROAD\Desktop\aswMBR.exe
2014-08-08 21:40 - 2014-08-08 17:41 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\AVG Secure Search
2014-08-08 20:51 - 2014-08-08 20:51 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Desktop\MALWARE TOOLS
2014-08-08 18:49 - 2014-08-08 18:49 - 00625664 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\dds.scr
2014-08-08 18:48 - 2014-08-08 18:48 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\MARY.MJABROAD\Desktop\HiJackThis.exe
2014-08-08 18:47 - 2014-08-08 18:46 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\MARY.MJABROAD\Desktop\OTL.exe
2014-08-08 17:40 - 2014-08-08 17:40 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\AVG Secure Search
2014-08-08 17:40 - 2014-08-08 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
2014-08-08 17:40 - 2014-08-08 17:40 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
2014-08-08 17:40 - 2014-08-08 17:38 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Program Files\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
2014-08-08 17:38 - 2014-08-08 17:38 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
2014-08-08 17:37 - 2014-08-08 17:39 - 00042784 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2014-08-08 15:00 - 2014-03-27 18:23 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 14:45 - 2014-08-08 14:35 - 00001370 _____ () C:\WINDOWS\setupapi.log
2014-08-08 14:45 - 2013-03-11 04:10 - 00000343 _____ () C:\WINDOWS\setuperr.log
2014-08-08 14:45 - 2005-10-04 23:35 - 00000000 ____D () C:\Program Files\Messenger
2014-08-08 14:45 - 2005-10-04 16:26 - 00178287 _____ () C:\WINDOWS\setupact.log
2014-08-08 14:06 - 2014-08-08 14:06 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\AVG
2014-08-08 14:06 - 2014-08-08 14:06 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\AVG
2014-08-08 12:55 - 2014-08-06 05:13 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD
2014-08-06 14:13 - 2014-08-06 05:14 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Avg2014
2014-08-06 07:13 - 2014-08-05 22:05 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG
2014-08-06 07:13 - 2014-08-05 22:05 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG
2014-08-06 07:12 - 2005-10-04 16:27 - 01027237 _____ () C:\WINDOWS\setupapi.log.0.old
2014-08-06 07:01 - 2014-08-06 07:01 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\MFAData
2014-08-06 07:00 - 2014-08-06 06:59 - 04424240 _____ (AVG Technologies) C:\Documents and Settings\MARY.MJABROAD\Desktop\avg_isct_stb_all_2014_4116_cm5.exe
2014-08-06 06:51 - 2014-08-06 06:51 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\Google
2014-08-06 06:02 - 2014-08-06 06:02 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\TuneUp Software
2014-08-06 05:25 - 2014-08-06 05:25 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Local Settings\Application Data\AVG
2014-08-06 05:25 - 2014-08-06 05:25 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\AVG
2014-08-06 05:20 - 2014-08-06 05:20 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Accessories
2014-08-06 05:20 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Temp
2014-08-06 05:16 - 2014-08-06 05:16 - 00000000 __SHD () C:\Documents and Settings\MARY.MJABROAD\PrivacIE
2014-08-06 05:15 - 2014-08-06 05:15 - 00000000 ____D () C:\Documents and Settings\MARY.MJABROAD\Application Data\AVG2014
2014-08-06 05:14 - 2014-08-06 05:14 - 00000803 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Internet Explorer.lnk
2014-08-06 05:14 - 2014-08-06 05:14 - 00000738 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Outlook Express.lnk
2014-08-06 05:14 - 2014-08-06 05:13 - 00000788 _____ () C:\Documents and Settings\MARY.MJABROAD\Start Menu\Programs\Windows Media Player.lnk
2014-08-06 05:14 - 2005-10-04 23:35 - 00029918 ____C () C:\WINDOWS\wmsetup.log
2014-08-06 05:13 - 2014-08-06 01:18 - 00000178 ___SH () C:\Documents and Settings\Mary's Computer\ntuser.ini
2014-08-06 05:13 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer
2014-08-06 05:02 - 2010-08-29 14:01 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-06 03:04 - 2005-10-04 23:57 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temp
2014-08-06 03:03 - 2005-09-27 16:05 - 00000000 ____D () C:\Documents and Settings\Mary Butler\Skrivbord
2014-08-06 02:46 - 2014-08-06 02:46 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\Macromedia
2014-08-06 01:58 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\Avg2014
2014-08-06 01:44 - 2014-08-06 01:44 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\AVG
2014-08-06 01:44 - 2014-08-06 01:44 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\AVG
2014-08-06 01:39 - 2014-08-06 01:39 - 00000000 __SHD () C:\Documents and Settings\Mary's Computer\PrivacIE
2014-08-06 01:39 - 2014-08-06 01:39 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\Adobe
2014-08-06 01:31 - 2014-08-06 01:31 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\TuneUp Software
2014-08-06 01:23 - 2014-08-06 01:23 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\MFAData
2014-08-06 01:19 - 2014-08-06 01:19 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Local Settings\Application Data\Google
2014-08-06 01:18 - 2014-08-06 01:18 - 00000803 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Internet Explorer.lnk
2014-08-06 01:18 - 2014-08-06 01:18 - 00000788 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Windows Media Player.lnk
2014-08-06 01:18 - 2014-08-06 01:18 - 00000738 _____ () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Outlook Express.lnk
2014-08-06 01:18 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Start Menu\Programs\Accessories
2014-08-06 01:18 - 2014-08-06 01:18 - 00000000 ____D () C:\Documents and Settings\Mary's Computer\Application Data\AVG2014
2014-08-06 01:04 - 2011-07-25 14:16 - 00001945 _____ () C:\WINDOWS\epplauncher.mif
2014-08-05 23:49 - 2005-10-04 23:58 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-05 23:48 - 2005-10-04 23:58 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-08-05 23:33 - 2014-08-05 22:28 - 00000000 __SHD () C:\Documents and Settings\All Users.WINDOWS\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-05 23:33 - 2014-08-05 22:28 - 00000000 __SHD () C:\Documents and Settings\All Users.WINDOWS\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-05 23:31 - 2010-06-17 21:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Second Life
2014-08-05 23:31 - 2010-06-17 21:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Second Life
2014-08-05 23:31 - 2010-06-17 21:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\American Airlines TravelDesk
2014-08-05 23:31 - 2010-06-17 21:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\American Airlines TravelDesk
2014-08-05 22:59 - 2014-08-05 22:24 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2014-08-05 22:59 - 2014-08-05 22:24 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2014-08-05 22:58 - 2014-08-05 22:58 - 00001745 _____ () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00001745 _____ () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00001745 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 1-Click Maintenance.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00001739 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG PC TuneUp 2014.lnk
2014-08-05 22:58 - 2014-08-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014
2014-08-05 22:58 - 2014-08-05 22:58 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\AVG PC TuneUp 2014
2014-08-05 22:57 - 2014-08-05 22:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG
2014-08-05 22:57 - 2014-08-05 22:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVG
2014-08-05 22:54 - 2014-08-05 22:01 - 00000000 ____D () C:\Program Files\AVG
2014-08-05 22:52 - 2014-08-05 22:52 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVG2014
2014-08-05 22:12 - 2014-08-05 21:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2014
2014-08-05 22:10 - 2014-08-05 22:10 - 00810198 _____ () C:\Documents and Settings\Administrator\Desktop\AVGInstLog.cab
2014-08-05 22:07 - 2014-08-05 22:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2014
2014-08-05 22:07 - 2014-08-05 22:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2014
2014-08-05 22:05 - 2014-08-05 22:05 - 00000702 _____ () C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG 2014.lnk
2014-08-05 22:05 - 2014-08-05 22:05 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2014-08-05 22:03 - 2014-08-05 22:03 - 00000000 ___HD () C:\$AVG
2014-08-05 21:39 - 2014-08-05 21:39 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData
2014-08-04 17:49 - 2010-06-01 17:40 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\888poker
2014-07-28 19:48 - 2012-05-08 21:43 - 00000000 ____D () C:\Documents and Settings\mary
2014-07-28 19:48 - 2005-10-04 23:57 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY
2014-07-28 19:48 - 2005-10-04 23:57 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY
2014-07-28 19:47 - 2004-09-16 10:53 - 00000000 ____D () C:\WINDOWS\Registration
2014-07-27 13:26 - 2014-07-27 13:26 - 00000000 ____D () C:\WINDOWS\LastGood(3)
2014-07-27 13:25 - 2004-09-16 10:44 - 00000000 ____D () C:\WINDOWS\repair
2014-07-27 01:45 - 2014-07-27 01:41 - 00002048 _____ () C:\Documents and Settings\Administrator\My Documents\Backup.bkf
2014-07-24 22:18 - 2013-09-05 18:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 22:16 - 2013-09-05 18:46 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Microsoft Silverlight
2014-07-24 22:16 - 2013-09-05 18:46 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Microsoft Silverlight
2014-07-22 17:47 - 2013-04-20 16:57 - 00000000 ____D () C:\Program Files\PacificPoker
2014-07-19 16:08 - 2014-07-19 16:07 - 00065536 _____ () C:\WINDOWS\Minidump\Mini071914-01.dmp
2014-07-19 16:07 - 2011-05-14 16:41 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-19 16:07 - 2005-10-04 15:58 - 534855680 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-18 22:21 - 2014-07-18 22:21 - 00276848 _____ () C:\Documents and Settings\Administrator\Desktop\download.htm
2014-07-16 23:51 - 2014-07-16 23:53 - 00287423 _____ () C:\Documents and Settings\Administrator\Desktop\grandpa and his boys.htm
2014-07-16 22:59 - 2014-08-10 20:00 - 00002356 _____ () C:\Documents and Settings\MARY.MJABROAD\Desktop\Google Chrome.lnk
2014-07-16 22:59 - 2013-03-08 19:37 - 00002344 _____ () C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
2014-07-14 12:26 - 2014-08-05 22:58 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
Some content of TEMP:
====================
C:\Documents and Settings\MARY.MJABROAD\Local Settings\Temp\{40B8EBF5-D49D-4208-B72E-5E38BFDAE85C}.exe
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temp\mpam-876bb297.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
ADDITION.txt
Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-08-2014 01
Ran by MARY at 2014-08-11 15:43:08
Running from C:\Documents and Settings\MARY.MJABROAD\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: PC Cleaner Pro (Disabled - Up to date) {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG Internet Security 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2014 (Disabled) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
888poker (HKLM\...\888poker) (Version: - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 -
http://www.adobe.com)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0 - Adobe Systems, Inc.) Hidden
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (en-US) (Version: 14.0.1001.519 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.519 - AVG)
AVG PC TuneUp 2014 (Version: 14.0.1001.519 - AVG) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.8.643 - AVG Technologies)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
Dell Photo Printer 720 (HKLM\...\Dell Photo Printer 720) (Version: - )
Dell Photo Printer 720 Logger (HKLM\...\Dell Photo Printer 720 Logger) (Version: 1.0 - Dell)
Dr Watson for Microsoft Windows OneCare Live v1.1.1067.14 (Version: 1.1.1067.14 - Microsoft) Hidden
DSL-300 Family Configuration Utility (HKLM\...\DSL-300 Family Configuration Utility) (Version: - )
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version: - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Jasc Paint Shop Photo Album (HKLM\...\{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}) (Version: 4.0.4 - Jasc Software, Inc.)
Jasc Paint Shop Pro 8 Dell Edition (HKLM\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
Java 6 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
Java 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java 6 Update 5 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Java 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Java SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Little Registry Cleaner (HKLM\...\Little Registry Cleaner) (Version: - Little Apps)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MemTurbo 4 (HKLM\...\{CD4D567E-44D7-4CDA-977D-C918D88FA3D9}_is1) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSN (HKLM\...\MSNINST) (Version: - )
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org Installer 1.0 (HKLM\...\{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}) (Version: 1.0.9221 - Sun Microsystems)
SAMSUNG CDMA Modem Driver Set (HKLM\...\SAMSUNG CDMA Modem) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.0.1.60510 - Samsung Electronics Co., Ltd.)
Samsung PC Studio (Version: 3.0.0.60510 - Samsung Electronics Co., Ltd.) Hidden
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB972636) (HKLM\...\KB972636-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vodafone 804SS USB driver Software (HKLM\...\Vodafone 804SS USB driver) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0 - Microsoft) Hidden
Windows Internet Explorer 7 (Version: 20061027.150806 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - )
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
24-07-2014 07:29:39 Software Distribution Service 3.0
24-07-2014 14:35:17 Software Distribution Service 3.0
24-07-2014 14:41:04 Restore Operation
24-07-2014 20:13:58 Software Distribution Service 3.0
24-07-2014 21:52:44 Software Distribution Service 3.0
25-07-2014 05:13:43 Software Distribution Service 3.0
25-07-2014 11:52:17 Software Distribution Service 3.0
25-07-2014 12:14:44 Software Distribution Service 3.0
25-07-2014 13:11:15 Restore Operation
25-07-2014 13:14:43 Restore Operation
25-07-2014 13:33:32 Software Distribution Service 3.0
25-07-2014 21:33:01 Software Distribution Service 3.0
25-07-2014 22:57:36 Software Distribution Service 3.0
26-07-2014 05:54:55 Software Distribution Service 3.0
26-07-2014 06:58:32 Restore Operation
26-07-2014 07:01:36 Restore Operation
26-07-2014 20:40:04 Software Distribution Service 3.0
26-07-2014 22:32:07 Restore Operation
26-07-2014 22:45:12 Restore Operation
26-07-2014 23:49:14 Restore Operation
26-07-2014 23:58:36 Software Distribution Service 3.0
27-07-2014 11:10:46 Restore Operation
27-07-2014 11:23:16 Restore Operation
27-07-2014 11:28:19 Restore Operation
27-07-2014 12:09:23 Software Distribution Service 3.0
27-07-2014 13:57:08 Software Distribution Service 3.0
27-07-2014 20:20:26 Software Distribution Service 3.0
28-07-2014 02:12:36 Software Distribution Service 3.0
28-07-2014 06:54:05 Software Distribution Service 3.0
28-07-2014 15:29:48 Restore Operation
28-07-2014 15:35:42 Software Distribution Service 3.0
28-07-2014 16:38:07 Software Distribution Service 3.0
28-07-2014 17:13:31 Restore Operation
28-07-2014 17:23:31 Restore Operation
28-07-2014 17:24:03 Restore Operation
28-07-2014 17:46:19 Restore Operation
28-07-2014 18:01:36 Software Distribution Service 3.0
28-07-2014 18:24:37 Software Distribution Service 3.0
28-07-2014 20:34:15 Software Distribution Service 3.0
29-07-2014 05:49:41 Software Distribution Service 3.0
29-07-2014 07:21:21 Software Distribution Service 3.0
29-07-2014 12:37:47 Software Distribution Service 3.0
29-07-2014 19:05:03 Software Distribution Service 3.0
29-07-2014 19:15:34 Restore Operation
29-07-2014 19:21:23 Restore Operation
29-07-2014 19:26:38 Restore Operation
29-07-2014 20:44:55 Software Distribution Service 3.0
30-07-2014 03:30:22 Software Distribution Service 3.0
30-07-2014 07:30:16 Software Distribution Service 3.0
30-07-2014 20:21:36 Software Distribution Service 3.0
31-07-2014 00:25:28 Software Distribution Service 3.0
31-07-2014 02:41:25 Software Distribution Service 3.0
31-07-2014 20:05:05 Software Distribution Service 3.0
01-08-2014 05:36:45 Software Distribution Service 3.0
01-08-2014 05:59:43 Software Distribution Service 3.0
01-08-2014 07:19:32 Software Distribution Service 3.0
01-08-2014 14:18:49 Software Distribution Service 3.0
01-08-2014 19:55:05 Software Distribution Service 3.0
01-08-2014 23:25:36 Software Distribution Service 3.0
02-08-2014 01:01:54 Software Distribution Service 3.0
02-08-2014 01:15:53 Software Distribution Service 3.0
02-08-2014 03:53:01 Software Distribution Service 3.0
02-08-2014 08:06:11 Software Distribution Service 3.0
02-08-2014 08:14:38 Software Distribution Service 3.0
02-08-2014 16:37:06 Software Distribution Service 3.0
02-08-2014 16:42:15 Restore Operation
02-08-2014 19:44:39 Software Distribution Service 3.0
03-08-2014 01:05:28 Software Distribution Service 3.0
03-08-2014 01:31:10 Software Distribution Service 3.0
03-08-2014 07:52:12 Software Distribution Service 3.0
03-08-2014 11:25:31 Software Distribution Service 3.0
03-08-2014 12:50:33 Software Distribution Service 3.0
03-08-2014 14:10:38 Software Distribution Service 3.0
03-08-2014 16:47:29 Restore Operation
03-08-2014 16:48:43 Software Distribution Service 3.0
03-08-2014 20:28:41 Software Distribution Service 3.0
03-08-2014 22:09:06 Software Distribution Service 3.0
04-08-2014 01:00:30 Software Distribution Service 3.0
04-08-2014 01:43:43 Software Distribution Service 3.0
04-08-2014 02:35:06 Software Distribution Service 3.0
04-08-2014 07:45:15 Software Distribution Service 3.0
04-08-2014 16:05:18 Software Distribution Service 3.0
05-08-2014 19:16:19 Software Distribution Service 3.0
05-08-2014 20:01:50 Installed AVG 2014
05-08-2014 20:02:40 Installed AVG 2014
05-08-2014 20:53:41 Installed AVG PC TuneUp 2014
06-08-2014 01:05:43 Software Distribution Service 3.0
06-08-2014 03:23:15 Restore Operation
06-08-2014 03:54:33 Restore Operation
06-08-2014 03:59:14 Restore Operation
06-08-2014 05:32:45 Software Distribution Service 3.0
06-08-2014 12:42:21 Software Distribution Service 3.0
08-08-2014 12:23:12 System Checkpoint
08-08-2014 19:04:26 Software Distribution Service 3.0
09-08-2014 01:01:38 Software Distribution Service 3.0
09-08-2014 01:53:20 Software Distribution Service 3.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 14:00 - 2014-08-11 15:15 - 00000000 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ConfigExec.job => C:\Program Files\Microsoft Fix it Center\MatsApi.dll
Task: C:\WINDOWS\Tasks\DataUpload.job => C:\Program Files\Microsoft Fix it Center\MatsApi.dll
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-2146843231-725345543-500Core.job => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-2146843231-725345543-500UA.job => C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{7D0F0C55-E4E8-48A5-8365-85495DCEA754}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2003-07-29 16:27 - 2003-07-29 16:27 - 00078336 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBCPP5C.dll
2014-08-08 17:38 - 2014-08-08 17:37 - 01645592 _____ () C:\Program Files\AVG Secure Search\TBAPI.dll
2014-08-08 17:38 - 2014-08-08 17:37 - 02571288 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2014-08-08 17:38 - 2014-08-08 17:37 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\log4cplusU.dll
2014-07-14 12:26 - 2014-07-14 12:26 - 00357176 _____ () C:\Program Files\AVG\AVG PC TuneUp\tuavgx.dll
2014-08-08 17:38 - 2014-08-08 17:36 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\loggingserver.exe
2004-08-04 14:00 - 2008-04-14 02:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-04 14:00 - 2008-04-14 02:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-07-16 22:59 - 2014-07-15 11:24 - 08537928 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-16 22:59 - 2014-07-15 11:24 - 00353096 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-16 22:59 - 2014-07-15 11:24 - 01732936 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\65225340.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\65225340.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/11/2014 03:24:28 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.
Error: (08/11/2014 03:24:26 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.
Error: (08/11/2014 03:20:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/11/2014 02:28:09 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 1180947459.
Error: (08/11/2014 02:26:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/11/2014 02:05:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (08/11/2014 11:10:18 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.
Error: (08/11/2014 11:10:16 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.
Error: (08/11/2014 10:49:49 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.
Error: (08/11/2014 10:49:47 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0x80070422
.
System errors:
=============
Error: (08/11/2014 03:26:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
Error: (08/11/2014 03:24:28 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{109DB0ED-7C89-416B-AC66-6D0323941464}
Error: (08/11/2014 03:24:26 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{109DB0ED-7C89-416B-AC66-6D0323941464}
Error: (08/11/2014 00:46:26 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{8843B4A2-A3CB-4CB9-9CCE-F443F641009F}
Error: (08/11/2014 11:12:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.
Error: (08/11/2014 11:10:18 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{109DB0ED-7C89-416B-AC66-6D0323941464}
Error: (08/11/2014 11:10:16 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{109DB0ED-7C89-416B-AC66-6D0323941464}
Error: (08/11/2014 11:04:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.
Error: (08/11/2014 11:03:23 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
Error: (08/11/2014 10:49:49 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service MatSvc with arguments ""
in order to run the server:
{109DB0ED-7C89-416B-AC66-6D0323941464}
Microsoft Office Sessions:
=========================
Error: (08/11/2014 03:24:28 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80070422
Error: (08/11/2014 03:24:26 PM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80070422
Error: (08/11/2014 03:20:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (08/11/2014 02:28:09 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 1180947459
Error: (08/11/2014 02:26:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (08/11/2014 02:05:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000
Error: (08/11/2014 11:10:18 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80070422
Error: (08/11/2014 11:10:16 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80070422
Error: (08/11/2014 10:49:49 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80070422
Error: (08/11/2014 10:49:47 AM) (Source: MatSvc) (EventID: 15) (User: )
Description: hr=0x80070422
==================== Memory info ===========================
Percentage of memory in use: 83%
Total physical RAM: 509.98 MB
Available physical RAM: 84.54 MB
Total Pagefile: 1245.16 MB
Available Pagefile: 379.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:71.46 GB) (Free:44.59 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 11B10323)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=DB)
==================== End Of Log ============================
-END-