Jump to content

Recommended Posts

Posted

========== FireFox ==========

 

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"

FF - prefs.js..browser.search.param.yahoo-type: "${8}"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "Bing Start"

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716

FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005

FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.60

FF - prefs.js..extensions.enabledItems: {4671ed49-739e-cae1-a47a-0b736ad28b5c}:4.6.6.4

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7

FF - prefs.js..extensions.enabledItems: {896642E4-C556-4ED3-85D1-9AC431603E7D}:1.0.4

FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655

FF - prefs.js..keyword.URL: "Bing Start="

FF - prefs.js..network.proxy.no_proxies_on: "localhost"

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@kiwee.com: C:\Program Files (x86)\Kiwee Toolbar\2.8.167\firefox

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/12 11:05:08 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/02/23 19:04:33 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/02/23 19:05:12 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/02/23 19:48:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/02/23 19:48:37 | 000,000,000 | ---D | M]

 

[2009/07/01 09:32:27 | 000,000,000 | ---D | M] -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Extensions

[2009/04/24 08:47:20 | 000,000,000 | ---D | M] -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

[2010/03/08 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\extensions

[2009/08/13 20:12:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/12/17 10:28:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010/02/26 10:27:40 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}

[2010/02/23 18:50:27 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\extensions\{896642E4-C556-4ED3-85D1-9AC431603E7D}

[2009/12/19 13:54:12 | 000,000,000 | ---D | M] -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\extensions\DefaultManager@Microsoft

[2010/02/23 19:46:42 | 000,002,188 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\searchplugins\bing-ff.xml

[2009/09/18 15:43:18 | 000,002,354 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\searchplugins\kiwee-live-search.xml

[2010/02/04 15:18:32 | 000,002,055 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\n79urp84.default\searchplugins\kiwee-toolbar.xml

[2010/02/23 18:50:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

  • Replies 122
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Posted

[2010/02/23 18:50:49 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{4671ed49-739e-cae1-a47a-0b736ad28b5c}

[2007/12/17 12:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npkimi.dll

 

O1 HOSTS File: ([2010/03/03 11:15:32 | 000,380,280 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 Proben bei 1000Gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 13103 more lines...

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)

O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll (Yontoo Technology, Inc.)

O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()

Posted

O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()

O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()

O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe ()

O4 - HKLM..\Run: [sunJavaUpdateReg] C:\Windows\SysWow64\jureg.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\RunOnce: [shockwave Updater] C:\Windows\SysWOW64\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -Mozilla\4.0 ( File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60

O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe ()

O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe ()

O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()

O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()

O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab (Windows Live OneCare safety scanner control)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Posted

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O24 - Desktop WallPaper: C:\Users\Judy Holsclaw\Pictures\trojans 2009 cody\andy cody 6.jpg

O24 - Desktop BackupWallPaper: C:\Users\Judy Holsclaw\Pictures\trojans 2009 cody\andy cody 6.jpg

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 0

O32 - AutoRun File - [2005/07/07 18:12:51 | 000,040,960 | R--- | M] () - E:\Autodisable.exe -- [ CDFS ]

O32 - AutoRun File - [2005/12/12 14:36:43 | 000,000,051 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

64bit: O35 - comfile [open] -- "%1" %* File not found

64bit: O35 - exefile [open] -- "%1" %* File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/03/08 00:07:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

[2010/03/08 00:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft

[2010/03/08 00:06:26 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010/03/07 15:39:39 | 000,000,000 | ---D | C] -- C:\Users\Judy Holsclaw\Desktop\OTL

[2010/03/07 15:27:36 | 000,000,000 | ---D | C] -- C:\_OTL

[2010/03/03 18:32:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2010/03/03 18:31:41 | 000,000,000 | ---D | C] -- C:\Users\Judy Holsclaw\AppData\Roaming\SUPERAntiSpyware.com

[2010/03/03 18:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware

[2010/03/03 18:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard

[2010/03/03 15:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2010/02/25 12:24:48 | 000,000,000 | ---D | C] -- C:\Users\Judy Holsclaw\AppData\Roaming\Malwarebytes

[2010/02/25 12:24:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2010/02/25 12:24:43 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2010/02/25 12:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2010/02/25 12:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/02/25 11:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit

[2010/02/23 19:49:11 | 000,000,000 | ---D | C] -- C:\Users\Judy Holsclaw\AppData\Local\AVG Security Toolbar

[2010/02/23 19:05:35 | 000,000,000 | -H-D | C] -- C:\$AVG

[2010/02/23 19:05:25 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll

[2010/02/23 19:05:23 | 000,470,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys

[2010/02/23 19:05:19 | 000,422,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys

[2010/02/23 19:05:18 | 000,034,248 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys

[2010/02/23 19:05:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg

[2010/02/23 19:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar

[2010/02/23 19:04:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG

[2010/02/23 19:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9

[2010/02/23 18:50:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Toolbar

[2010/02/23 18:23:55 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2010/02/23 18:23:54 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2010/02/23 18:22:44 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll

[2010/02/23 18:22:43 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll

[2010/02/23 18:22:43 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll

[2010/02/23 18:22:43 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll

[2010/02/23 18:22:42 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe

[2010/02/23 18:22:42 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe

[2010/02/23 18:22:42 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe

[2010/02/23 18:22:41 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe

[2010/02/23 18:22:41 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe

[2010/02/23 18:22:41 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe

[2010/02/23 18:22:41 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe

[2010/02/23 18:22:40 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe

[2010/02/23 18:22:40 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll

[2010/02/23 18:22:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll

[2010/02/23 18:22:40 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll

[2010/02/23 18:22:40 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll

[2010/02/23 18:22:40 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll

[2010/02/23 18:22:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll

[2010/02/23 18:22:38 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll

[2010/02/23 18:22:37 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll

[2010/02/23 18:22:36 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll

[2010/02/23 18:22:36 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll

[2010/02/23 18:22:36 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll

[2010/02/23 18:22:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll

[2010/02/22 22:44:45 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll

[2010/02/22 22:44:45 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll

[2010/02/22 22:44:45 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll

[2010/02/22 22:44:45 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll

[2010/02/22 22:44:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll

[2010/02/22 22:44:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll

[2010/02/22 22:44:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll

[2010/02/22 22:44:44 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll

[2010/02/22 22:44:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll

[2010/02/22 22:44:44 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll

[2010/02/22 22:43:30 | 004,698,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2010/02/22 14:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab(98)

[2010/02/14 22:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework

[2010/02/14 22:18:32 | 000,000,000 | ---D | C] -- C:\Users\Judy Holsclaw\AppData\Local\Kiwee Toolbar

 

========== Files - Modified Within 30 Days ==========

 

[2010/03/08 19:13:18 | 008,126,464 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat

[2010/03/08 18:32:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/03/08 18:11:39 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C1F62CBE-08DD-434E-BE16-B2AFB420784F}.job

[2010/03/08 18:01:09 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/03/08 18:01:09 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/03/08 17:58:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2010/03/08 09:41:23 | 000,268,778 | ---- | M] () -- C:\Users\Judy Holsclaw\Documents\cc_20100308_094050.reg

[2010/03/08 09:37:34 | 056,870,110 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm

[2010/03/08 08:17:59 | 002,444,952 | ---- | M] () -- C:\Users\Judy Holsclaw\Desktop\JUDY1.jpg

[2010/03/08 08:13:47 | 002,717,060 | ---- | M] () -- C:\Users\Judy Holsclaw\Desktop\DSC_0402.jpgJUDY.jpg

[2010/03/08 08:07:22 | 000,789,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/03/08 08:07:22 | 000,663,486 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/03/08 08:07:22 | 000,128,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/03/08 08:05:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/03/08 08:05:54 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\ErrorFix Startup.job

[2010/03/08 08:01:09 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/03/08 08:01:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/03/08 00:28:08 | 000,524,288 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat{a243ed2f-202a-11df-a4fe-001fc68a00cc}.TMContainer00000000000000000001.regtrans-ms

[2010/03/08 00:28:08 | 000,065,536 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat{a243ed2f-202a-11df-a4fe-001fc68a00cc}.TM.blf

[2010/03/08 00:27:57 | 003,245,073 | -H-- | M] () -- C:\Users\Judy Holsclaw\AppData\Local\IconCache.db

[2010/03/07 21:39:51 | 000,003,584 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/03/05 14:02:47 | 002,442,752 | ---- | M] () -- C:\Users\Judy Holsclaw\Documents\20010 dog.nws

[2010/03/03 18:31:43 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/03/03 15:51:58 | 000,000,067 | ---- | M] () -- C:\Users\Judy Holsclaw\Desktop\InstalledProducts.ini

[2010/03/03 11:15:32 | 000,380,280 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2010/03/03 08:33:07 | 000,004,571 | ---- | M] () -- C:\Windows\wininit.ini

[2010/03/02 08:03:00 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job

[2010/03/01 17:42:31 | 000,028,672 | ---- | M] () -- C:\Users\Judy Holsclaw\Desktop\MomsQuitClaimDeed.doc

[2010/03/01 15:21:03 | 001,431,040 | ---- | M] () -- C:\Users\Judy Holsclaw\Documents\2010 dog 2.sig

[2010/02/28 22:08:43 | 000,088,507 | ---- | M] () -- C:\Users\Judy Holsclaw\Desktop\0205001246a.jpg

[2010/02/28 21:44:59 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/02/26 08:51:54 | 001,134,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/02/26 08:46:17 | 000,406,704 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Local\GDIPFONTCACHEV1.DAT

[2010/02/25 13:50:35 | 000,000,680 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Local\d3d9caps.dat

[2010/02/24 15:23:35 | 004,942,705 | ---- | M] () -- C:\Users\Judy Holsclaw\Desktop\Do_not_text_while_driving.wmv

[2010/02/24 14:49:00 | 000,000,047 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Roaming\AVSMediaPlayer.m3u

[2010/02/23 19:05:31 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk

[2010/02/23 19:05:25 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll

[2010/02/23 19:05:23 | 000,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys

[2010/02/23 19:05:19 | 000,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys

[2010/02/23 19:05:18 | 000,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm

[2010/02/23 19:05:18 | 000,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys

[2010/02/23 19:05:16 | 006,061,540 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg

[2010/02/23 19:05:16 | 000,492,629 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg

[2010/02/23 19:05:16 | 000,142,495 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg

[2010/02/22 23:17:02 | 001,687,612 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.dat

[2010/02/22 23:17:02 | 000,074,476 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.idx

[2010/02/22 23:17:02 | 000,008,724 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.idx

[2010/02/22 23:17:01 | 007,870,524 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.dat

[2010/02/22 22:35:05 | 000,524,288 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat{a243ed2f-202a-11df-a4fe-001fc68a00cc}.TMContainer00000000000000000002.regtrans-ms

[2010/02/22 22:29:23 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2010/02/22 21:55:38 | 000,524,288 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat{00680f6f-2023-11df-9db7-001fc68a00cc}.TMContainer00000000000000000002.regtrans-ms

[2010/02/22 21:55:38 | 000,524,288 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat{00680f6f-2023-11df-9db7-001fc68a00cc}.TMContainer00000000000000000001.regtrans-ms

[2010/02/22 21:55:38 | 000,065,536 | -HS- | M] () -- C:\Users\Judy Holsclaw\ntuser.dat{00680f6f-2023-11df-9db7-001fc68a00cc}.TM.blf

[2010/02/22 21:07:10 | 000,524,288 | -HS- | M] () -- C:\Users\Judy Holsclaw\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms

[2010/02/22 21:07:10 | 000,065,536 | -HS- | M] () -- C:\Users\Judy Holsclaw\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf

 

========== Files Created - No Company Name ==========

 

[2010/03/08 09:40:53 | 000,268,778 | ---- | C] () -- C:\Users\Judy Holsclaw\Documents\cc_20100308_094050.reg

[2010/03/08 08:17:59 | 002,444,952 | ---- | C] () -- C:\Users\Judy Holsclaw\Desktop\JUDY1.jpg

[2010/03/08 08:13:47 | 002,717,060 | ---- | C] () -- C:\Users\Judy Holsclaw\Desktop\DSC_0402.jpgJUDY.jpg

[2010/03/07 21:32:37 | 000,003,584 | ---- | C] () -- C:\Users\Judy Holsclaw\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/03/03 18:31:43 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/03/03 15:51:58 | 000,000,067 | ---- | C] () -- C:\Users\Judy Holsclaw\Desktop\InstalledProducts.ini

[2010/03/03 08:32:24 | 000,004,571 | ---- | C] () -- C:\Windows\wininit.ini

[2010/03/01 17:42:31 | 000,028,672 | ---- | C] () -- C:\Users\Judy Holsclaw\Desktop\MomsQuitClaimDeed.doc

[2010/03/01 15:21:03 | 001,431,040 | ---- | C] () -- C:\Users\Judy Holsclaw\Documents\2010 dog 2.sig

[2010/03/01 15:20:37 | 002,442,752 | ---- | C] () -- C:\Users\Judy Holsclaw\Documents\20010 dog.nws

[2010/02/28 22:08:41 | 000,088,507 | ---- | C] () -- C:\Users\Judy Holsclaw\Desktop\0205001246a.jpg

[2010/02/25 12:24:47 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/02/24 15:23:26 | 004,942,705 | ---- | C] () -- C:\Users\Judy Holsclaw\Desktop\Do_not_text_while_driving.wmv

[2010/02/23 19:05:31 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk

[2010/02/23 19:05:18 | 000,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm

[2010/02/23 19:05:16 | 056,870,110 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm

[2010/02/23 19:05:16 | 000,492,629 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg

[2010/02/23 19:05:16 | 000,142,495 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg

[2010/02/23 19:05:15 | 006,061,540 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg

Posted

[2010/02/22 22:23:03 | 000,524,288 | -HS- | C] () -- C:\Users\Judy Holsclaw\ntuser.dat{a243ed2f-202a-11df-a4fe-001fc68a00cc}.TMContainer00000000000000000002.regtrans-ms

[2010/02/22 22:23:03 | 000,524,288 | -HS- | C] () -- C:\Users\Judy Holsclaw\ntuser.dat{a243ed2f-202a-11df-a4fe-001fc68a00cc}.TMContainer00000000000000000001.regtrans-ms

[2010/02/22 22:23:03 | 000,065,536 | -HS- | C] () -- C:\Users\Judy Holsclaw\ntuser.dat{a243ed2f-202a-11df-a4fe-001fc68a00cc}.TM.blf

[2010/02/22 21:28:25 | 000,524,288 | -HS- | C] () -- C:\Users\Judy Holsclaw\ntuser.dat{00680f6f-2023-11df-9db7-001fc68a00cc}.TMContainer00000000000000000002.regtrans-ms

[2010/02/22 21:28:25 | 000,524,288 | -HS- | C] () -- C:\Users\Judy Holsclaw\ntuser.dat{00680f6f-2023-11df-9db7-001fc68a00cc}.TMContainer00000000000000000001.regtrans-ms

[2010/02/22 21:28:25 | 000,065,536 | -HS- | C] () -- C:\Users\Judy Holsclaw\ntuser.dat{00680f6f-2023-11df-9db7-001fc68a00cc}.TM.blf

[2009/11/07 11:51:51 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\AscSQLite.dll

[2009/09/11 08:09:16 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2009/09/11 08:07:50 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/12 15:02:12 | 000,000,680 | ---- | C] () -- C:\Users\Judy Holsclaw\AppData\Local\d3d9caps.dat

[2009/06/06 17:55:11 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2009/05/22 17:31:59 | 000,000,047 | ---- | C] () -- C:\Users\Judy Holsclaw\AppData\Roaming\AVSMediaPlayer.m3u

[2009/05/22 17:26:24 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2009/05/22 17:26:24 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2009/01/29 22:30:04 | 000,870,128 | ---- | C] () -- C:\Users\Judy Holsclaw\AppData\Roaming\mcs.rma

[2009/01/29 22:30:04 | 000,000,004 | ---- | C] () -- C:\Users\Judy Holsclaw\AppData\Roaming\D54CCC

[2009/01/09 09:15:06 | 000,786,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2008/12/20 10:46:32 | 000,001,406 | ---- | C] () -- C:\Users\Judy Holsclaw\AppData\Roaming\wklnhst.dat

[2008/12/02 18:23:08 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2008/10/25 19:07:45 | 000,001,890 | ---- | C] () -- C:\ProgramData\hpzinstall.log

[2008/05/12 20:21:23 | 000,339,968 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll

[2008/05/12 20:21:23 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll

[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\yoyo poems.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\trojans 2009 sponsor adds.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\trojan 2009 youth football camp.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\TROJAN 2009 youth football camp1.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\spirit page samples.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\pic.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\oz3.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\oz iron on.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\oz coloring book.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\lc food signs.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\iron man add 2009.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\DEER RECIPES BK.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\danny , vicki.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\dads diaper belt.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\andys quilt.nws:OECustomProperty

@Alternate Data Stream - 143 bytes -> C:\Users\Judy Holsclaw\Documents\20010 dog.nws:OECustomProperty

< End of report >

Posted

Starbuck we have 3 computers here at the house. My sons have lap top computer.Lee is saying that my computer is making the connection for enternet run slow. I have notice latley that the pages are loading a little slowe than they usualy do. can my computer make the enternet run slow for their

computer?

Posted

OTL Extras logfile created on: 3/8/2010 7:12:04 PM - Run 3

OTL by OldTimer - Version 3.1.34.0 Folder = C:\Users\Judy Holsclaw\Desktop\OTL

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18882)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

5.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 42.00% Memory free

10.00 Gb Paging File | 7.00 Gb Available in Paging File | 69.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 687.22 Gb Total Space | 507.92 Gb Free Space | 73.91% Space Free | Partition Type: NTFS

Drive D: | 11.41 Gb Total Space | 1.52 Gb Free Space | 13.33% Space Free | Partition Type: NTFS

Drive E: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: JUDYHOLSCLAW-PC

Current User Name: Judy Holsclaw

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Include 64bit Scans

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 0

"InternetSettingsDisableNotify" = 0

"AutoUpdateDisableNotify" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

Posted

"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

"VistaSp2" = 8D C8 73 F1 EA 4C CA 01 [binary data]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"oobe_av" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{06934412-3AEF-4F97-AB53-63C4651D6FF9}" = lport=10243 | protocol=6 | dir=in | app=system |

"{0A772C1A-3FF3-4370-9F63-6B00DD8FF51F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2BB612B2-70A0-4ADF-9D1A-18FE43871F25}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{44C0F741-39DF-43DC-A205-DADAF8002920}" = lport=2869 | protocol=6 | dir=in | app=system |

"{4D4D4AE0-376C-49F1-AD1F-B402F2BBA9BA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{55AB1C88-15B8-4DD0-A867-8B899FB963FB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7460292D-4BA2-4BD7-A1B9-A86D4F1B9C5C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{78EDA175-38C7-4694-BC54-86459D8F5A0E}" = rport=10243 | protocol=6 | dir=out | app=system |

Posted

"{AC9D7F86-3054-4684-9FD9-2648C624A6EA}" = lport=2869 | protocol=6 | dir=in | app=system |

"{C1E34C96-316D-46D8-AA79-827FA6C4D639}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{E9B96097-0F2D-47E9-8BC6-A118665DD91E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{053898F2-E363-4074-BA8B-FC769583F6E9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{05B14F5D-746D-4093-B3D4-CA06BCDE0475}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |

"{0D17F36B-79BD-40C7-8AAC-04873279B557}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{0F07E5C0-3BDB-4456-BDC8-2FB3434FE4CA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{1A8A7148-C885-45DF-848E-EDAEF997208E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{1C571399-158C-4E7E-BB43-9D260D5AD562}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |

"{1C898D93-5DA0-40C5-B996-0C6EDFA6CC36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{22C5161E-BFD8-4408-B328-E59F6501C72B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |

"{341FA6AB-D990-40DA-B7F9-8FDA9BAE51F2}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |

"{3A695766-6CDC-42BC-B0BC-005765192789}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{3E49E2DF-4446-4F09-BDF6-E35C405EDBC6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |

"{3E855EF9-5F1C-406D-B9DB-614CD4F8C873}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{40442F0F-13FE-42BE-9FD2-74763074567F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4CC57CE9-D94B-4609-AB13-F26AF089793F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |

"{546A5462-572E-44CB-9EF3-A2F2845CF891}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |

"{5734EE99-21B2-4F84-8A88-4D8EADCD3BDE}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe |

"{59E42BA2-E00E-4D42-B4D5-A9D3B38B908C}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

"{5CF14097-52F8-4FA7-BF9A-FCC5D6976791}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |

"{5E62C4E1-D8D7-46A5-8E80-187DF10A0D96}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |

"{5F264FF4-D60D-428A-9340-95C658BBD97E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |

"{62965951-39C8-4DDB-A08B-FEEFD5971E0F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{62D0613E-A010-4EDE-8A85-06C29DA9C261}" = dir=in | app=c:\program files (x86)\avg\avg9\avgemc.exe |

"{6306984E-9A1D-4D08-BA49-2D514832FB89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{6381712F-202D-46BB-9679-CF3EE9AE052D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{6848B486-5197-487E-A8C0-A29488134B17}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{6CB9B2E8-C0F6-4F20-A402-3DB18B725DCA}" = dir=in | app=c:\program files (x86)\myspace\im\myspaceim.exe |

"{70B3B8EA-8343-41E9-8DD1-80749EBBA1C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |

"{7834C4AE-CAE3-40E8-9A83-F887A8815A10}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |

"{78B2EA1E-F2D6-4CFC-B9A4-5D4A8B0991FC}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |

"{7F2F1BED-FE06-4AFB-9B90-4686F0A93100}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{80DA051F-B96D-42AE-88B0-4763A30934F2}" = protocol=6 | dir=out | app=system |

"{903A8190-5836-4BEE-A29D-8C81D77F918F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |

"{9750E1B3-C6C4-490B-A5CE-BAFC147FF06E}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe |

"{9D698DA2-45CE-4202-B5A5-CF311B642D6E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{9FB8F8E7-5AE3-4050-BA68-D5A1688E8DB6}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |

"{A1D15574-90BA-4720-80D3-311B09802383}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{A233EF87-A603-4CE5-8377-EDC63AD83125}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |

"{A6064472-FF35-4637-8CAD-05AAA907F0DF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{A71E6ADE-0BE0-4892-ABCC-60E298312E34}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{A87CE96C-DDEB-496D-8EB3-9F7318559427}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{A9F066FE-15FC-466E-A991-494EE03E659E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |

"{AA114378-9C75-4034-99E2-AEB966F3B2A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{AF5AEC62-678B-420B-B182-9A5CF200CE8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{B14AA0CB-5406-44FD-A34F-902F3B93382D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{B2D0AD7A-D75F-4BC1-A782-2F7AF3526B12}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |

"{B609C569-7F2E-45A0-A23A-45E945068A89}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |

"{B6F78F6E-104C-4790-AB24-A281965988CC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |

"{CEE491DA-264E-4380-A535-20DF3936518F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |

"{D119F750-9BC3-4BDF-90BB-42A51CF47562}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |

"{D425B5D6-8B9E-4440-BE22-2436F3447337}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D4E4FA41-A6DF-4D66-B8CE-102569DE3B78}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

"{D83C6DAC-7E56-48E1-809C-B4C1DF09C27B}" = dir=in | app=c:\program files (x86)\myspace\im\myspaceim.exe |

"{DA1288A7-B446-470C-BBD8-4633CEA738E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{DC02BBBA-E3B2-477C-8977-D2651D973993}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

Posted

"{E48911D1-5885-46CD-A517-905B638A8FEF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{EB3168B0-8207-4394-A639-9610A9C5E471}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |

"{F0A1FB17-0596-4248-9DB9-D04CCAECF6F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |

"{F11A332D-3D85-44C3-B3BC-5F9C6AEC098B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{F3B6EE02-8839-485F-90D4-DA47114FC625}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |

"{F725AF7C-7132-41C9-BA4B-D16A9D9FCCF7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |

"TCP Query User{109F7A15-B371-4EF9-A948-413A6818A274}C:\users\judy holsclaw\appdata\local\temp\ccug.exe" = protocol=6 | dir=in | app=c:\users\judy holsclaw\appdata\local\temp\ccug.exe |

"TCP Query User{18D11887-1A27-4974-837F-C49BD3ED8A03}C:\users\judy holsclaw\documents\my received files\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\judy holsclaw\documents\my received files\teamviewer.exe |

"TCP Query User{720BAA10-77B7-4608-8A77-FC953AC08C9F}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

"TCP Query User{82ED219D-C5D1-4158-AE55-3AF8A2FC19C1}C:\users\judy holsclaw\desktop\pictures\videos\school\bs2-20081014\burningsand2.exe" = protocol=6 | dir=in | app=c:\users\judy holsclaw\desktop\pictures\videos\school\bs2-20081014\burningsand2.exe |

"TCP Query User{95A46E36-D58C-46EE-A720-AAD5F72D5982}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"UDP Query User{60FAC156-58CB-4123-8E1D-F1F471F4B2D4}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"UDP Query User{64BDD8C1-F739-4B1D-9E2B-CFA3106CBD09}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |

"UDP Query User{908500DC-058A-4A60-BAC6-E093516C12EA}C:\users\judy holsclaw\appdata\local\temp\ccug.exe" = protocol=17 | dir=in | app=c:\users\judy holsclaw\appdata\local\temp\ccug.exe |

"UDP Query User{C55B182A-4631-48A1-90D7-301D351D454F}C:\users\judy holsclaw\documents\my received files\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\judy holsclaw\documents\my received files\teamviewer.exe |

"UDP Query User{CF6FB107-B676-4139-A8C9-4F42534B202E}C:\users\judy holsclaw\desktop\pictures\videos\school\bs2-20081014\burningsand2.exe" = protocol=17 | dir=in | app=c:\users\judy holsclaw\desktop\pictures\videos\school\bs2-20081014\burningsand2.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{249E9ED4-1C67-4DA5-9E39-F0F09AFD93B7}" = Logitech QuickCam

"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client for Internet Explorer 1.03.02

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{C9A7340B-1EFD-42A6-9A27-243C50E57FA4}_is1" = HP Demo

"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP

"CutePDF Writer Installation" = CutePDF Writer 2.7

"HP Document Manager" = HP Document Manager 1.0

Posted

"HP Imaging Device Functions" = HP Imaging Device Functions 10.0

"HP Photosmart Essential" = HP Photosmart Essential 2.5

"HP Smart Web Printing" = HP Smart Web Printing 4.60

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPExtendedCapabilities" = HP Customer Participation Program 10.0

"HPOCR" = OCR Software by I.R.I.S. 10.0

"lvdrivers_11.80" = Logitech QuickCam Driver Package

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"NVIDIA Drivers" = NVIDIA Drivers

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status

"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5

"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware

"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0

"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16

"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini

"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt

"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)

"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler

"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE

"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup

"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore

"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2

"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant

"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001

"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater

"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help

"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan

"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail

"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc

"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7396F7C8-EDD8-4473-BF6A-2CE4996716E1}" = JavaFX 1.1 SDK

"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software

"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan

"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS

"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini

"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

Posted

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse

"{98BAE2F8-2045-4736-BD9E-FCADD83003C5}" = DigitalPersona Privacy Manager

"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL

"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp

"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback

"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2

"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2

"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK

"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook

"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI

"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore

"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5

"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements

"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1

"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr

"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch

"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software

"{D49B0B95-DF54-40E9-9169-8BB6A6A1E03F}" = The Print Shop 23

"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery

"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component

"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR

"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page

"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax

"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery

"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK

"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call

"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS

"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup

"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock

"{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}" = muvee autoProducer 6.1

"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player

"AT&&T Yahoo! Messenger" = AT&T Yahoo! Messenger

"AVG9Uninstall" = AVG Free 9.0

Posted

"AVS Audio Converter 5.1_is1" = AVS Audio Converter version 5.1

"AVS Media Player_is1" = AVS Media Player 3.1

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3

"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6

"CCleaner" = CCleaner

"Coupon Printer for Windows4.0" = Coupon Printer for Windows

"ESET Online Scanner" = ESET Online Scanner v3

"Google Chrome" = Google Chrome

"Google Updater" = Google Updater

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"HotspotShield" = Hotspot Shield 1.17

"Imikimi Plugin" = Imikimi Plugin

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Morpheus Photo Morpher_is1" = Morpheus Photo Morpher v3.11

"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)

"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools

"PKR" = PKR

"Pro Media Director_is1" = Pro Media Director Version 2.0.0.1

"QuickTime" = QuickTime

"sp41119" = sp41119

"Stamp" = Stamp ID3 Tag Editor

"ToolBox" = NCH Toolbox

"V CAST Music with Rhapsody" = V CAST Music with Rhapsody

"WavePad" = WavePad Sound Editor

"WebPost" = Microsoft Web Publishing Wizard 1.52

"WildTangent hp Master Uninstall" = My HP Games

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinLiveSuite_Wave3" = Windows Live Essentials

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Facebook Plug-In" = Facebook Plug-In

"Move Media Player" = Move Media Player

"myPhotopipe ROES" = myPhotopipe ROES

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 10/14/2009 1:27:44 PM | Computer Name = JudyHolsclaw-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

 

Error - 10/14/2009 1:27:58 PM | Computer Name = JudyHolsclaw-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

 

Error - 10/14/2009 1:27:58 PM | Computer Name = JudyHolsclaw-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

 

Error - 10/14/2009 7:42:37 PM | Computer Name = JudyHolsclaw-PC | Source = Application Error | ID = 1000

Description = Faulting application WLXQuickTimeControlHost.exe, version 14.0.8064.206,

time stamp 0x498cf80c, faulting module QuickTime.qts, version 5.0.1.10, time stamp

0x3ad4ae99, exception code 0xc0000005, fault offset 0x002f1312, process id 0x2fd0,

application start time 0x01ca4d2800e4ccfd.

 

Error - 10/14/2009 10:04:35 PM | Computer Name = JudyHolsclaw-PC | Source = Application Error | ID = 1000

Description = Faulting application YahooMessenger.exe, version 9.0.0.2162, time

stamp 0x4a1cb91c, faulting module MSVCR80.dll, version 8.0.50727.4016, time stamp

0x49cc5361, exception code 0x40000015, fault offset 0x000046b4, process id 0x149c,

application start time 0x01ca4ceb11246c7d.

 

Error - 10/15/2009 7:24:48 AM | Computer Name = JudyHolsclaw-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/15/2009 7:28:14 AM | Computer Name = JudyHolsclaw-PC | Source = HP AdvisorUpdate | ID = 0

Description = Could not find a part of the path 'C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd'.

at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String

path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare

share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String

msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode

mode, FileAccess access, FileShare share, Int32 bufferSize) at System.Xml.XmlDownloadManager.GetStream(Uri

uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri,

String role, Type ofObjectToReturn) at System.Xml.XmlReader.Create(String inputUri,

XmlReaderSettings settings, XmlParserContext inputContext) at System.Xml.Schema.XmlSchemaSet.Add(String

targetNamespace, String schemaUri) at HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String

path) ValidateDocument failed Business\SearchTargets.xml

 

Error - 10/15/2009 7:46:01 AM | Computer Name = JudyHolsclaw-PC | Source = Application Error | ID = 1000

Description = Faulting application firefox.exe, version 1.9.0.3498, time stamp 0x4a728f53,

faulting module NPComponent.dll, version 1.0.0.3804, time stamp 0x4a5d6723, exception

code 0xc0000005, fault offset 0x0000b431, process id 0xca4, application start time

0x01ca4d8ce360a4ad.

 

Error - 10/15/2009 7:54:14 AM | Computer Name = JudyHolsclaw-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 7.0.6002.18005, time stamp

0x49e01e78, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03824,

exception code 0xc0000374, fault offset 0x000ab0bf, process id 0x165c, application

start time 0x01ca4d8ae2e0ff4d.

 

Error - 10/15/2009 7:54:50 AM | Computer Name = JudyHolsclaw-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 7.0.6002.18005, time stamp

0x49e01e78, faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03824,

exception code 0xc0000374, fault offset 0x000ab0bf, process id 0x1f58, application

start time 0x01ca4d8e3b6c346d.

 

[ Media Center Events ]

Error - 5/6/2009 10:32:02 AM | Computer Name = JudyHolsclaw-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

 

Error - 8/13/2009 7:31:07 PM | Computer Name = JudyHolsclaw-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

 

[ System Events ]

Error - 3/8/2010 9:00:37 AM | Computer Name = JudyHolsclaw-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

 

Error - 3/8/2010 9:00:41 AM | Computer Name = JudyHolsclaw-PC | Source = Application Popup | ID = 1060

Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS has been

blocked from loading due to incompatibility with this system. Please contact your

software vendor for a compatible version of the driver.

 

Error - 3/8/2010 9:00:41 AM | Computer Name = JudyHolsclaw-PC | Source = Application Popup | ID = 1060

Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been

blocked from loading due to incompatibility with this system. Please contact your

software vendor for a compatible version of the driver.

 

Error - 3/8/2010 9:00:54 AM | Computer Name = JudyHolsclaw-PC | Source = volmgr | ID = 262190

Description = Crash dump initialization failed!

 

Error - 3/8/2010 9:02:30 AM | Computer Name = JudyHolsclaw-PC | Source = Service Control Manager | ID = 7009

Description =

 

Error - 3/8/2010 9:02:30 AM | Computer Name = JudyHolsclaw-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 3/8/2010 9:02:30 AM | Computer Name = JudyHolsclaw-PC | Source = Service Control Manager | ID = 7003

Description =

 

Error - 3/8/2010 9:02:30 AM | Computer Name = JudyHolsclaw-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 3/8/2010 9:02:42 AM | Computer Name = JudyHolsclaw-PC | Source = Service Control Manager | ID = 7022

Description =

 

Error - 3/8/2010 9:02:42 AM | Computer Name = JudyHolsclaw-PC | Source = Service Control Manager | ID = 7026

Description =

 

 

< End of report >

  • ExTS Admin
Posted

Hi Judy,

I'm getting confused now.

 

it says my yahoo messenger kiwee toolbar, do not understand why this is affecting my msn messenger?
Did you install the Kiwee toolbar with yahoo or msn?

We've removed the kiwee entries before, but they are now back!

 

Please don't install or uninstall anything until we have finished, (unless i say so) it's too confusing.

 

I'll check the report against the uninstall list to see what may be orphan entries.... and remove them.

Member of:

UNITE

Posted

It was on my msn messenger I think but when i sign in my computer it says my yahoo. I may have had them on both not sure. But I thought we delete it all. in my toolbar section i click on now the kiwee is not showing any more but that little pop up came on when i booted up the computer.

 

I ran a scan with super antispyware and MBAM i did each one 2 time but had time in between them. Each time a tracking cookie shoed up. If it deleted it why does it keep coming back?

  • ExTS Admin
Posted

Hi Judy,

 

Each time a tracking cookie shoed up. If it deleted it why does it keep coming back?
It's nothing to worry about. These are harmless.

Cookies are actually harmless text files that certain web sites will place onto the hard drive of your computer. Your Internet Browser will then load the information into memory while you are visiting their site. The Cookie itself, actually takes up very little space and acts as an identification card for the visiting site. You can compare this to visiting your favorite restaurant where your food server will usually remember certain aspects of how you like your food prepared and what you usually order. This information would obviously be based upon his familiarity of your prior visits. Well Cookies actually act in a similar manner and do not contain viruses

 

The Kiwee toolbar isn't showing in your uninstall list, but for some reason entries are still showing in your report.

Time to get tough now.

 

Double click on OTL.exe to run it.

Copy the lines in the codebox below. (make sure that :Otl is on the first line )

:Otl
FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@ kiwee.com: C:\Program Files (x86)\Kiwee Toolbar\2.8.167\firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr @mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found
[2009/09/18 15:43:18 | 000,002,354 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\ n79urp84.default\searchplugins\kiwee-live-search.xml
[2010/02/04 15:18:32 | 000,002,055 | ---- | M] () -- C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\ n79urp84.default\searchplugins\kiwee-toolbar.xml
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files (x86)\Search Toolbar\tbcore3.dll ()
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe ()
[2010/02/23 18:50:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Search Toolbar
[2010/02/14 22:18:32 | 000,000,000 | ---D | C] -- C:\Users\Judy Holsclaw\AppData\Local\Kiwee Toolbar

:Files
C:\Program Files (x86)\MyWebSearch
C:\Program Files (x86)\Kiwee Toolbar
C:\Programs\PartyGaming

:commands
[emptytemp]
[purity]
[EMPTYFLASH]

  • Return to OTL,
  • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.
     
    http://img.photobucket.com/albums/v708/starbuck50/new%20forum/scan-fix.png
     
  • Click the red Run Fix button.
     
    http://img.photobucket.com/albums/v708/starbuck50/runfixbutton.png
     
  • OTL will reboot your system once the fix has completed.
  • After the reboot, you may need to double click OTL to launch the program and retrieve the log.

 

Copy and paste the contents of the OTL log that comes up after the fix in your next reply.

 

Thanks

Member of:

UNITE

Posted

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\toolbar@ kiwee.com not found.

File C:\Program Files (x86)\Kiwee Toolbar\2.8.167\firefox not found.

Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr @mywebsearch.com not found.

File C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\ n79urp84.default\searchplugins\kiwee-live-search.xml not found.

File C:\Users\Judy Holsclaw\AppData\Roaming\Mozilla\Firefox\Profiles\ n79urp84.default\searchplugins\kiwee-toolbar.xml not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0C8413C1-FAD1-446C-8584-BE50576F863E} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C8413C1-FAD1-446C-8584-BE50576F863E}\ deleted successfully.

C:\Program Files (x86)\Search Toolbar\tbcore3.dll moved successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0C8413C1-FAD1-446C-8584-BE50576F863E} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C8413C1-FAD1-446C-8584-BE50576F863E}\ not found.

File C:\Program Files (x86)\Search Toolbar\tbcore3.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ not found.

C:\Programs\PartyGaming\PartyCasino\RunApp.exe moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}\ not found.

File C:\Programs\PartyGaming\PartyCasino\RunApp.exe not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

C:\Programs\PartyGaming\PartyPoker\RunApp.exe moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.

File C:\Programs\PartyGaming\PartyPoker\RunApp.exe not found.

C:\Program Files (x86)\Search Toolbar folder moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Kiwee Toolbar\Logs folder moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Kiwee Toolbar folder moved successfully.

========== FILES ==========

File\Folder C:\Program Files (x86)\MyWebSearch not found.

C:\Program Files (x86)\Kiwee Toolbar\3.2 folder moved successfully.

C:\Program Files (x86)\Kiwee Toolbar\2.8.167 folder moved successfully.

C:\Program Files (x86)\Kiwee Toolbar folder moved successfully.

C:\Programs\PartyGaming\tmpUpgrade folder moved successfully.

C:\Programs\PartyGaming\res folder moved successfully.

C:\Programs\PartyGaming\PRacing\tmpUpgrade folder moved successfully.

C:\Programs\PartyGaming\PRacing\language\en_US\articles folder moved successfully.

C:\Programs\PartyGaming\PRacing\language\en_US folder moved successfully.

C:\Programs\PartyGaming\PRacing\language folder moved successfully.

C:\Programs\PartyGaming\PRacing\images\lobby folder moved successfully.

C:\Programs\PartyGaming\PRacing\images\games\racinggame\Tmp folder moved successfully.

C:\Programs\PartyGaming\PRacing\images\games\racinggame\greyhound\resources folder moved successfully.

C:\Programs\PartyGaming\PRacing\images\games\racinggame\greyhound folder moved successfully.

C:\Programs\PartyGaming\PRacing\images\games\racinggame folder moved successfully.

C:\Programs\PartyGaming\PRacing\images\games folder moved successfully.

C:\Programs\PartyGaming\PRacing\images folder moved successfully.

C:\Programs\PartyGaming\PRacing folder moved successfully.

C:\Programs\PartyGaming\plugins folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\tmpUpgrade folder moved successfully.

Posted

C:\Programs\PartyGaming\PartyPoker\Temp\language\en_US\images folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Temp\language\en_US folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Temp\language folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Temp folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Stats folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\PokerTrainer folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\PGR folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Language\en_US\temp folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Language\en_US\images\NewGameTable folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Language\en_US\images folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Language\en_US\articles folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Language\en_US folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Language folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\Studio folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\Skyscraper folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\ShipDeck folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\NewGameTable folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\NewCharacters folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\ClassicTable\NewCharacters folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images\ClassicTable folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\Images folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\HandHistory\XMLHandHistory folder moved successfully.

C:\Programs\PartyGaming\PartyPoker\HandHistory folder moved successfully.

C:\Programs\PartyGaming\PartyPoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\games\cardgames\multiplayerbj folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\games\cardgames\blackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\games\cardgames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\games folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\fcgames\roulette\europeanroulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\fcgames\roulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\fcgames\cardgames\blackjack\multihandbj folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\fcgames\cardgames\blackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\fcgames\cardgames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp\fcgames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\Temp folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\PGR folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\temp folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\lobby folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\topgun folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\tod folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\theterminator folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\sweethawaii folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\superstar folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\supermystic folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\superjoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\superfortunewheel folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\silvercity folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\shipwreck folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\saturdaynightfever folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\rambo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\predator folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\piggypayback folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\missionimpossible folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\metropolis folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\megafortunewheel folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\matador folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\magicman folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\hotroller folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\gonewiththewind folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\goldenoasis folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\goldengopher folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\goldeneagle folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\godfather folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\goannagold folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\firedrake folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\coolbananas folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\cashcruise folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\bullseye folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots\boardbabe folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\slots folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\roulette\europeanroulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\roulette\americanroulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\roulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\partygames\slots\monopoly folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\partygames\slots\cluedo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\partygames\slots folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\partygames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\multilineslots\kingtutsfortune folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\multilineslots\graveyardbash folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\multilineslots\fruitparty folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\multilineslots\bustdasafe folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\multilineslots folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\keno\safecrackerkeno folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\keno folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\vegasclub folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\kookakeno folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\kangacash folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\junglerumble folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\jokerpoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\jacksorbettermhvp folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\jacksorbetter folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\flamingo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker\deuceswild folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\videopoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\poker\threecardpoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\poker\studcaribbeanpoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\poker\reddog folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\poker\paigowpoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\poker\letitride folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\poker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\multiplayerbj\texasholdempoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\multiplayerbj\multiplayerblackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\multiplayerbj folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\casinowar\casinowar folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\casinowar folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\singledeckblackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\highlimitblackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\bonuspairsblackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\blackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\baccarat\baccarat folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\baccarat folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games\cardgames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\games folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\flashlobby folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\treasurecove folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\topgun folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\theterminator folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\sumo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\speeddemon folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\sinatra folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\shipwreck folder moved successfully

Posted

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\saturdaynightfever folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\residentevil folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\raptorisland folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\rambo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\paradiseriches folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\octopusgarden folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\missionimpossible folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\megafortunewheel folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\matador folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\luckylady folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\leagues20k folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\jungleking folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\irisheyes folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\hurdygurdy folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\highnoon folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\gonewiththewind folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\godfather folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\drlove folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\coralcash folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\cityofgold folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\cherryblossoms folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\californiagold folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\butterflies folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\bullseye folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\birdsofparadise folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots\beatthebank folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\slots folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\roulette\europeanroulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\roulette folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\thor folder moved successfully.

Posted

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\thelastkingofegypt folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\spiderman folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\shaaark folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\ramessesriches folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\paradisereels folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\monopoly folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\lacucaracha folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\hulk folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\funnymoney folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\firehawk folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\fantasticfour folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\fairiesforest folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\easterndragon folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\dynasty folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\dragonmaster folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\dolphinreef folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\cluedo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\cleopatra folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\callofthecolosseum folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots\bangkoknights folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\slots folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\scratchcard\lovelinesscratchgame folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\scratchcard\hollywoodstarsscratchgame folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\scratchcard\hattricksscratchgame folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\scratchcard\formulaonescratchgame folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\scratchcard folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\hilo\trailblazer folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\hilo\hiloshuffle folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames\hilo folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\partygames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\poker\texasholdempoker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\poker folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multiplayerblackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multihandbj\mhlasvegasdowntownbj folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multihandbj folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images\fcgames folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\images folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US\articles folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language\en_US folder moved successfully.

C:\Programs\PartyGaming\PartyCasino\language folder moved successfully.

C:\Programs\PartyGaming\PartyCasino folder moved successfully.

C:\Programs\PartyGaming\Language\en_US\temp folder moved successfully.

C:\Programs\PartyGaming\Language\en_US folder moved successfully.

C:\Programs\PartyGaming\Language folder moved successfully.

C:\Programs\PartyGaming\images folder moved successfully.

C:\Programs\PartyGaming\greprefs folder moved successfully.

C:\Programs\PartyGaming\defaults\pref folder moved successfully.

C:\Programs\PartyGaming\defaults folder moved successfully.

C:\Programs\PartyGaming\components folder moved successfully.

C:\Programs\PartyGaming\chrome folder moved successfully.

C:\Programs\PartyGaming folder moved successfully.

========== COMMANDS ==========

Posted

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Judy Holsclaw

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 41019481 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 64266382 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 1720 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 290864 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 101.00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Judy Holsclaw

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0.00 mb

 

 

OTL by OldTimer - Version 3.1.34.0 log created on 03092010_194056

Files\Folders moved on Reboot...

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V30AZ8PC\blank[1].html moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V30AZ8PC\ff2CA14PLE3.htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V30AZ8PC\_trans[1].gif moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V30AZ8PC\__utm[2].gif moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW9R3SJE\adsCAHDNHG9.htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW9R3SJE\blank[1].html moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW9R3SJE\dot[1].jpg moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW9R3SJE\index[2].htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW9R3SJE\yoville[1].html moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW9R3SJE\zpu[1].htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Q8LJO6M\9319-pyagcore-search-4[1].html moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Q8LJO6M\adsCA6JND9E.htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Q8LJO6M\adsCAUMUCVT.htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Q8LJO6M\banner[1].htm moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Q8LJO6M\play[1].php moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4Q8LJO6M\topbuttons[1].xml moved successfully.

C:\Users\Judy Holsclaw\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

File move failed. C:\Windows\temp\logishrd\LVPrcInj02.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Posted

Time to get tough was right lol ty ty ty

when i rebooted my yahoo came up and the msn came up and i was able to sign. The pop I was getting before about Kiwee did not show up this time . It looks like things are better

please let me know what i need to do next. i know now that i need to down load the avast but i wait untill i hear from you.

 

Now i dont get a whole lot in my check each month but I would be glad to donate 20 dollars. sorry that it is not more.

I am disable . I do what i can. I have nerve damage caused by a neck injury. I am very lucky. I am limited to things but am greatfull that i still can go out and help people or animals.

 

Dont feel bad I am very lucky that i am not paralized. I can still walk thank goodness. But my knees are not so good lol. i spend my time now helping and doing things for others.

 

i take pics for the team and my church and give them a cd with all the pics on it.

Kinda like what u do for people like me who have trouble with computers. I make signs and scrap books,cd's and i help people to find the meds either cheap or free on the internet.

So i ty for helping me get this resolve so I can continue.

 

I guess i see u tomorrow Starbuck waiting on the next move to make.

I feel i was so beless to stumble on to your site.

Thanks Judy

Posted

starbuck I mdo have another problem. Whe i sign on my game yovill i get a pop up that says i need adobe flash player 9 then it goes to my page.

 

I have adobe 10 on my computer that should be ok

But i did down load adob 9 it said adobe flash player but after down loading it says adobe 9 reader. Is that the same ?

do i need to delet one of them

 

i only get that when i am on a game that has graphics like yoville

Posted

i unistall the adobe 9 because i got this

 

TypeError: Error #1009: Cannot access a property or method of a null object reference.

at MyLife.AsyncVisit.AsyncVisitScripts::GuestbookAsyncVisitScript/getNPCObject()

at MyLife.AsyncVisit.AsyncVisitScripts::GuestbookAsyncVisitScript/processMouseEvent()

at MyLife::AsyncVisitManager/avatarToolTipHandler()

  • ExTS Admin
Posted

Hi Judy,

 

but I would be glad to donate 20 dollars. sorry that it is not more.
Any amount not matter how small is always very welcome. It's just to help with the site running costs, don't make yourself short.

 

adobe flash player and adobe reader are 2 separate programs.

You can get the latest version of each here:

Adobe Flash Player - Downloads

 

Adobe - Adobe Reader download - All versions

 

We just need to clean up the programs we've asked you to install, but i'll wait until you have installed Avast ... then we can check everything.

 

First download Avast and save it to your desktop:

avast! Free Antivirus - Download Software for Virus Protection

 

Then download the AVG removal tool (this will help to clean the registry entries after the uninstall.) save this to your desktop as well.

http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

 

Now uninstall AVG.

When complete, run the AVG removal tool by double clicking on the desktop icon.

 

When finished you may have to reboot the system.

 

Now double click on the Avast icon to install Avast.

 

Let me know how things go.

Member of:

UNITE

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...