Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect Virus -- Not Google, Something else.


  • This topic is locked This topic is locked
26 replies to this topic

#1 Heavily Armed Pixie

Heavily Armed Pixie

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 03 February 2014 - 09:25 PM

I was JUST here not too long ago asking for some help with a DCOM issue, and now I have a new issue. I have no idea how this new issue came to be, because I haven't done anything other than browse Facebook and check email since, but here we are again. Ugh.

So this new issue is that sometimes I'll open links and it will redirect me. It's NOT a Google thing (it's not redirecting my Google searches, I mean), it's any link in any webpage. Doesn't happen all the time, but occasionally when I try to open a link - bam - it takes me to a site that's obviously a redirect virus; and on top of that, when it does redirect, occasionally AVG will pop up and tell me it blocked a bad website attack.

I did run an AVG scan that found some trojans (!!? I haven't downloaded anything since the last successful help from this site, but oookay) and two Malware Bytes scans have removed some buggies, too.

I'm running windows XP on a Dell Inspiron desktop.



BC AdBot (Login to Remove)

 


m

#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:57 PM

Posted 03 February 2014 - 09:39 PM





Hello Heavily Armed Pixie

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 03 February 2014 - 10:18 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-02-2014
Ran by Desiree Delmastro (administrator) on NEW on 03-02-2014 22:15:31
Running from C:\Documents and Settings\Desiree Delmastro\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK COMPUTER INC.) C:\WINDOWS\ATKKBService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\WINDOWS\Runservice.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
() C:\Program Files\AVG Secure Search\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Gammon Software Solutions) C:\Program Files\MUSHclient\MUSHclient.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16132608 2007-07-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [1107552 2012-07-09] ()
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [16744256 2011-10-07] (NVIDIA Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [Freecorder FLV Service] - "C:\Program Files\Freecorder\FLVSrvc.exe" /run
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2013-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll (LogMeIn, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-741003188-2100121653-3323792151-1006\...\Run: [Google Update] - C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-08-28] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - DefaultScope {58338271-1361-4F1C-98BC-B608066A42AD} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {58338271-1361-4F1C-98BC-B608066A42AD} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={01CCB0C1-87F8-4954-8E2D-5B16A963DC63}&mid=1e5ef7ba74a747d6a723d153e67b4b56-ab734e0c84f706d700338534921eaa4d802af3e9&lang=us&ds=AVG&pr=pa&d=2011-12-07 03:20:18&v=9.0.0.18&sap=dsp&q={searchTerms}
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Yahtzee\Images\stg_drm.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235510026328
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1235510020343
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Yahtzee\Images\armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 167.206.251.130 167.206.251.129

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\fo8rbyqz.default-1365107352359
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF Homepage: hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ff
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMGWRAP.DLL (Network Associates Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll (CNN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\fo8rbyqz.default-1365107352359\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-19]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.12\ []
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ []
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ []

========================== Services (Whitelisted) =================

S4 aawservice; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-07] (Lavasoft)
S4 AdobeActiveFileMonitor7.0; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
R2 ATKKeyboardService; C:\WINDOWS\ATKKBService.exe [253440 2009-07-21] (ASUSTeK COMPUTER INC.)
S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S4 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [70656 2007-03-19] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161768 2012-11-22] (Oracle Corporation)
R2 LicCtrlService; C:\WINDOWS\runservice.exe [2560 2009-07-10] ()
S4 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [66872 2008-02-08] ()
S4 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-08-13] (Skype Technologies S.A.)
S4 vToolbarUpdater11.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [935008 2012-07-09] ()
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [X]

==================== Drivers (Whitelisted) ====================

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2004-08-12] (Microsoft Corporation)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [41160 2007-01-27] (SlySoft, Inc.)
R3 asusgsb; C:\WINDOWS\System32\drivers\asusgsb.sys [12416 2009-02-17] (ASUSTeK Computer Inc.)
R1 asuskbnt; C:\WINDOWS\System32\drivers\atkkbnt.sys [11136 2009-02-17] (ASUSTeK COMPUTER INC.)
R3 ASUSVRC; C:\WINDOWS\System32\DRIVERS\AsusVRC.sys [18432 2007-01-29] (ASUSTeK COMPUTER INC.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 CamDrL; C:\WINDOWS\System32\DRIVERS\Camdrl.sys [326656 2004-10-08] (Logitech Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [15440 2006-12-13] (Elaborate Bytes AG)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-02-19] ()
R3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
S3 mamotou; C:\WINDOWS\System32\DRIVERS\mamotou.sys [49377 2007-02-02] (Mobile Action Technology Inc.)
S3 MaRdPnp; C:\WINDOWS\System32\DRIVERS\MaRdP2K.sys [49867 2005-08-18] (Mobile Action Technology Inc.)
R2 MaVctrl; C:\WINDOWS\System32\DRIVERS\MaVc2K.sys [11986 2007-01-16] (Mobile Action Technology Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [119656 2011-07-07] (NVIDIA Corporation)
S4 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2007-11-26] (Duplex Secure Ltd.)
R3 Video3D; C:\WINDOWS\System32\Drivers\Video3D32.sys [10752 2009-02-17] (ASUSTeK COMPUTER INC.)
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S4 LMIRfsClientNP; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;
U3 TrueSight; \??\ [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-03 22:15 - 2014-02-03 22:15 - 01137152 _____ (Farbar) C:\Documents and Settings\Desiree Delmastro\Desktop\FRST.exe
2014-02-03 22:15 - 2014-02-03 22:15 - 00019517 _____ () C:\Documents and Settings\Desiree Delmastro\Desktop\FRST.txt
2014-01-13 20:13 - 2014-01-13 20:19 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\My Documents\RCT3
2014-01-13 20:13 - 2014-01-13 20:13 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\Atari
2014-01-13 19:30 - 2014-02-03 18:00 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\Search Protection
2014-01-07 18:32 - 2014-01-07 18:32 - 00000000 ____D () C:\RegBackup
2014-01-07 18:32 - 2014-01-07 18:32 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-01-05 18:58 - 2014-01-05 19:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-05 14:29 - 2014-01-05 18:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-05 14:29 - 2014-01-05 14:29 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-05 12:15 - 2014-01-05 12:15 - 04403712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtkHDAud.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 01309184 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00685816 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00492000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdf01000.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00456320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00452736 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00404990 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00384768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\update.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00361600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00226880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip6.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00203136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00196224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00182656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00180360 _____ (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00175744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00166912 _____ (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00146048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00139784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpwd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00129535 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00126686 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00121984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00120192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcmcia.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00119656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda32.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00106792 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdmdm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00096384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00095424 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00091520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00088320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwlnkipx.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00085248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nabtsfec.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdmaud.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00081924 _____ (FUJI PHOTO FILM CO.,LTD.) C:\WINDOWS\system32\Drivers\VC4CB104.SYS.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00081664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00080552 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdbus.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00079232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00073472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\psched.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00068224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nic1394.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sysaudio.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00059520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00059136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00057600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\redbook.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swmidi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00045056 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00043528 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\pxhelp20.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00042752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\p3.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00042240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaagp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040960 _____ (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\Drivers\sisagp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\termdd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nmnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00036736 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\ultra.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00035072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpc.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00034688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00034560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00034432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rawwan.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00033152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ql10wnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032640 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\symc8xx.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwlnkfwd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfldr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030688 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\sym_u3.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00028384 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\sym_hi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00027296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\perc2.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00026368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbstor.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcamd2.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcamd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025471 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv10nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sonydcam.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00024960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00022328 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00022271 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv06nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00021896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdtcp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00021632 _____ (Nokia) C:\WINDOWS\system32\Drivers\pccsmcfd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vga.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00020608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wstcodec.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019072 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\sparrow.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpdusb.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00017792 _____ (Parallel Technologies, Inc.) C:\WINDOWS\system32\Drivers\ptilink.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00016512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspti.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00016256 _____ (Symbios Logic Inc.) C:\WINDOWS\system32\Drivers\symc810.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbintel.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015648 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\NSDriver.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssmbios.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\streamip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00013776 _____ (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00013240 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwlnkflt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunmp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdpipe.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\WINDOWS\system32\Drivers\riodrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\WINDOWS\system32\Drivers\rio8drv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\WINDOWS\system32\Drivers\nikedrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011984 _____ (Elaborate Bytes AG) C:\WINDOWS\system32\Drivers\RegKill.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011944 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdmdfl.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011935 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv11nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffdisk.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011871 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv09nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011807 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv07nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011295 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv08nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\slip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_sd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010752 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\Drivers\Video3D32.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwhnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwh.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcmnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00008832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00007552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parvdm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\splitter.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005632 _____ () C:\WINDOWS\system32\Drivers\StarOpen.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\perc2hib.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaide.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\toside.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpcdd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\oprghdlr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00003328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak
2014-01-05 12:14 - 2014-01-05 12:15 - 00180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 05760096 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igxpmp32.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 03565056 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 02180096 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvsvf2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 01042432 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\HSF_DP.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 01041536 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00799744 _____ (Microsoft Corp., Veritas Software) C:\WINDOWS\system32\Drivers\dmboot.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00685056 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00680704 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\HSF_CNXT.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00327040 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00326656 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\Camdrl.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00272128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00254872 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1e5132.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00220032 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00212224 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\HSFHWBS2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00208184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00182072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kmixer.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00171320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00153344 _____ (Microsoft Corp., Veritas Software) C:\WINDOWS\system32\Drivers\dmio.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00152832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00144384 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\system32\Drivers\hdaudbus.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00142592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00141056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00138496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00129792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltmgr.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e100b325.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00113664 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\system32\Drivers\Hdaudio.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00104960 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00099176 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00096568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00096512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00092928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipsec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00073216 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxg.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mf.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063663 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063488 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\arp1394.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00060216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00060160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atmarpc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00057856 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00056623 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atmlane.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmusic.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00052480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00052224 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00051768 _____ (Roxio) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049867 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\mardp2k.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\classpnp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049484 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\MARDPNP.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049377 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\mamotou.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00047640 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00046464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00044928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agpcpq.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fips.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00043008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdagp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\alim1541.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agp440.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\imapi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00039224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk7.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037392 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LMouFilt.Sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk6.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crusoe.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ip6fw.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036463 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00035472 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidFilt.Sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00034735 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00031744 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atmepvc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00030671 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00030080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00029455 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00028672 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00028184 _____ (Roxio) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00027392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fdc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00026496 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\Drivers\asc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00026367 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hpn.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00025302 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\MaVctrl.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00024960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\abp480n5.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022992 _____ (AVG Technologies CZ, s.r.o. ) C:\WINDOWS\system32\Drivers\AVGIDSEH.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asc3350p.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022328 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022016 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\LVUSBSta.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00021343 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00020864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipinip.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00020192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dpti2o.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthusb.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00018560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i2omp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00018432 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\Drivers\AsusVRC.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00017280 _____ (American Megatrends Inc.) C:\WINDOWS\system32\Drivers\mraid35x.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ccdecode.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MODEMCSA.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00016000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ini910u.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00015648 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\Awrtrd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00015440 _____ (Elaborate Bytes AG) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cpqarray.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014848 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\Drivers\asc3550.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dac960nt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014336 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\diskdump.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00013952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cbidf2k.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012960 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\Awrtpd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012920 _____ (Roxio) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aha154x.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012416 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\asusgsb.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsvga.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012047 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amsint.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011986 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\MaVc2K.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011615 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011136 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\Drivers\atkkbnt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011043 _____ (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00010496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxapi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00010384 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LBeepKE.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00008704 _____ (ASMT) C:\WINDOWS\system32\Drivers\Bravo.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i2omgmt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cd20xrnt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00006656 _____ (CMD Technology, Inc.) C:\WINDOWS\system32\Drivers\cmdide.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005888 _____ (Microsoft Corp., Veritas Software.) C:\WINDOWS\system32\Drivers\dmload.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005376 _____ (Gteko Ltd.) C:\WINDOWS\system32\Drivers\dsunidrv.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005248 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\Drivers\aliide.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mnmdd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00003328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgthk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\audstub.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00002560 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00002432 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys.bak

==================== One Month Modified Files and Folders =======

2014-02-03 22:15 - 2014-02-03 22:15 - 01137152 _____ (Farbar) C:\Documents and Settings\Desiree Delmastro\Desktop\FRST.exe
2014-02-03 22:15 - 2014-02-03 22:15 - 00019517 _____ () C:\Documents and Settings\Desiree Delmastro\Desktop\FRST.txt
2014-02-03 22:14 - 2008-07-22 20:33 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Desktop\Misc Junk
2014-02-03 22:07 - 2010-04-22 18:53 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\Skype
2014-02-03 21:48 - 2007-11-21 20:00 - 00000000 ____D () C:\Program Files\MUSHclient
2014-02-03 18:06 - 2011-04-04 20:43 - 01962552 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-03 18:05 - 2013-06-30 14:45 - 00046725 _____ () C:\Documents and Settings\Desiree Delmastro\avgui.log
2014-02-03 18:05 - 2004-08-10 12:59 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-03 18:04 - 2011-06-15 17:09 - 00000553 ___SH () C:\WINDOWS\system32\mmf.sys
2014-02-03 18:04 - 2004-08-10 12:59 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-02-03 18:00 - 2014-01-13 19:30 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\Search Protection
2014-02-03 18:00 - 2007-11-21 15:00 - 00000178 ___SH () C:\Documents and Settings\Desiree Delmastro\ntuser.ini
2014-02-03 18:00 - 2004-08-10 12:52 - 00000000 ____D () C:\WINDOWS\Media
2014-02-03 17:49 - 2011-02-27 13:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-02-01 20:06 - 2011-07-09 12:11 - 01641472 ___SH () C:\Documents and Settings\Desiree Delmastro\Desktop\Thumbs.db
2014-02-01 15:56 - 2004-08-10 13:01 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-02-01 15:36 - 2009-02-24 16:00 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\My Documents\My Received Files
2014-01-23 22:09 - 2013-09-27 19:17 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-21 18:27 - 2011-05-06 17:04 - 01145910 _____ () C:\WINDOWS\setupapi.log
2014-01-18 21:41 - 2010-09-21 19:48 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\vlc
2014-01-16 19:15 - 2007-11-21 15:00 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\Adobe
2014-01-14 21:40 - 2012-11-10 12:01 - 00000000 ____D () C:\Program Files\Steam
2014-01-13 23:29 - 2004-08-10 12:51 - 00000498 _____ () C:\WINDOWS\win.ini
2014-01-13 20:19 - 2014-01-13 20:13 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\My Documents\RCT3
2014-01-13 20:13 - 2014-01-13 20:13 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\Atari
2014-01-13 19:56 - 2012-11-10 12:11 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Start Menu\Programs\Steam
2014-01-13 19:38 - 2007-11-22 13:01 - 00000000 ____D () C:\Documents and Settings\Desiree Delmastro\Application Data\BitTorrent
2014-01-13 19:30 - 2009-05-26 18:30 - 00000868 _____ () C:\Documents and Settings\Desiree Delmastro\Start Menu\BitTorrent.lnk
2014-01-08 18:59 - 2014-01-03 17:31 - 00000000 ____D () C:\FRST
2014-01-07 18:32 - 2014-01-07 18:32 - 00000000 ____D () C:\RegBackup
2014-01-07 18:32 - 2014-01-07 18:32 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-01-06 20:16 - 2012-08-08 10:14 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-01-05 19:26 - 2014-01-05 18:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-05 18:55 - 2014-01-05 14:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-01-05 14:29 - 2014-01-05 14:29 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-01-05 12:15 - 2014-01-05 12:15 - 04403712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtkHDAud.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 01309184 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00685816 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00492000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdf01000.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00456320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00452736 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00404990 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00384768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\update.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00361600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00226880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip6.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00203136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00196224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00182656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00180360 _____ (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00175744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00166912 _____ (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00146048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00139784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpwd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00129535 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00126686 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00121984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00120192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcmcia.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00119656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda32.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00106792 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdmdm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00096384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00095424 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00091520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00088320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwlnkipx.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00085248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nabtsfec.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdmaud.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00081924 _____ (FUJI PHOTO FILM CO.,LTD.) C:\WINDOWS\system32\Drivers\VC4CB104.SYS.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00081664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00080552 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdbus.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00079232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00073472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\psched.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00068224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nic1394.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sysaudio.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00060032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00059520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00059136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00057600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\redbook.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swmidi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00045056 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00043528 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\pxhelp20.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00042752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\p3.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00042240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaagp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040960 _____ (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\Drivers\sisagp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\termdd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00040320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nmnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00036736 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\ultra.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00035072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpc.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00034688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00034560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00034432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rawwan.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00033152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ql10wnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032640 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\symc8xx.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwlnkfwd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdfldr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00032128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030688 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\sym_u3.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00028384 _____ (LSI Logic) C:\WINDOWS\system32\Drivers\sym_hi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00027296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\perc2.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00026368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbstor.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcamd2.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcamd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025471 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv10nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00025344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sonydcam.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00024960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00022328 _____ () C:\WINDOWS\system32\Drivers\PnkBstrK.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00022271 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv06nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00021896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdtcp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00021632 _____ (Nokia) C:\WINDOWS\system32\Drivers\pccsmcfd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vga.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00020608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wstcodec.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00019072 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\sparrow.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpdusb.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00017792 _____ (Parallel Technologies, Inc.) C:\WINDOWS\system32\Drivers\ptilink.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00016512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspti.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00016256 _____ (Symbios Logic Inc.) C:\WINDOWS\system32\Drivers\symc810.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbintel.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015648 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\NSDriver.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssmbios.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\streamip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00015104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00013776 _____ (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00013240 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwlnkflt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunmp.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdpipe.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\WINDOWS\system32\Drivers\riodrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\WINDOWS\system32\Drivers\rio8drv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\WINDOWS\system32\Drivers\nikedrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011984 _____ (Elaborate Bytes AG) C:\WINDOWS\system32\Drivers\RegKill.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011944 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdmdfl.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011935 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv11nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffdisk.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011871 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv09nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011807 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv07nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011295 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv08nt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\slip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00011008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_sd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisip.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010752 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\Drivers\Video3D32.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwhnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdwh.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcmnt.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00009256 _____ (MCCI Corporation) C:\WINDOWS\system32\Drivers\sscdcm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00008832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00007552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parvdm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\splitter.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005632 _____ () C:\WINDOWS\system32\Drivers\StarOpen.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\perc2hib.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaide.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\toside.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpcdd.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\oprghdlr.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00003328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys.bak
2014-01-05 12:15 - 2014-01-05 12:15 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak
2014-01-05 12:15 - 2014-01-05 12:14 - 00180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 05760096 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igxpmp32.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 03565056 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 02180096 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvsvf2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 01042432 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\HSF_DP.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 01041536 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00799744 _____ (Microsoft Corp., Veritas Software) C:\WINDOWS\system32\Drivers\dmboot.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00685056 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00680704 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\HSF_CNXT.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00327040 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00326656 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\Camdrl.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00272128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00254872 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1e5132.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00246072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00220032 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00212224 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\HSFHWBS2.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00208184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00182072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kmixer.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00171320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00153344 _____ (Microsoft Corp., Veritas Software) C:\WINDOWS\system32\Drivers\dmio.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00152832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00144384 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\system32\Drivers\hdaudbus.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00142592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00141056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00138496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00129792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltmgr.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e100b325.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00113664 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\system32\Drivers\Hdaudio.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00104960 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00099176 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00096568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00096512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00092928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipsec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00073216 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxg.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mf.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063663 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00063488 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\arp1394.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00060216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00060160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atmarpc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00057856 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00056623 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atmlane.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmusic.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00052480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00052224 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00051768 _____ (Roxio) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049867 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\mardp2k.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\classpnp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049484 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\MARDPNP.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00049377 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\mamotou.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00047640 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\LMIRfsDriver.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00046464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00044928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agpcpq.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fips.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00043008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdagp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\alim1541.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agp440.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00042112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\imapi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00039224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk7.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037392 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LMouFilt.Sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk6.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00037248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crusoe.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ip6fw.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036463 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00035472 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidFilt.Sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00034735 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00031744 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atmepvc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00030671 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00030080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00029455 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00028672 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00028184 _____ (Roxio) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00027392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fdc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00026496 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\Drivers\asc.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00026367 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hpn.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00025302 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\MaVctrl.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00024960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\abp480n5.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022992 _____ (AVG Technologies CZ, s.r.o. ) C:\WINDOWS\system32\Drivers\AVGIDSEH.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asc3350p.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022328 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00022016 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\LVUSBSta.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00021343 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00020864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipinip.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00020192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dpti2o.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthusb.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00018560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i2omp.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00018432 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\Drivers\AsusVRC.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00017280 _____ (American Megatrends Inc.) C:\WINDOWS\system32\Drivers\mraid35x.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ccdecode.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MODEMCSA.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00016000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ini910u.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00015648 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\Awrtrd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00015440 _____ (Elaborate Bytes AG) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cpqarray.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014848 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\Drivers\asc3550.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dac960nt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014336 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00014208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\diskdump.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00013952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cbidf2k.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012960 _____ (Lavasoft AB) C:\WINDOWS\system32\Drivers\Awrtpd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012920 _____ (Roxio) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aha154x.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012416 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\asusgsb.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsvga.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012047 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amsint.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011986 _____ (Mobile Action Technology Inc.) C:\WINDOWS\system32\Drivers\MaVc2K.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011615 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011136 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\Drivers\atkkbnt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00011043 _____ (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00010496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxapi.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00010384 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LBeepKE.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00010368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00008704 _____ (ASMT) C:\WINDOWS\system32\Drivers\Bravo.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i2omgmt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cd20xrnt.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00006656 _____ (CMD Technology, Inc.) C:\WINDOWS\system32\Drivers\cmdide.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005888 _____ (Microsoft Corp., Veritas Software.) C:\WINDOWS\system32\Drivers\dmload.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005376 _____ (Gteko Ltd.) C:\WINDOWS\system32\Drivers\dsunidrv.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00005248 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\Drivers\aliide.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mnmdd.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00003328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgthk.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\audstub.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00002560 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys.bak
2014-01-05 12:14 - 2014-01-05 12:14 - 00002432 _____ (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys.bak

Files to move or delete:
====================
C:\Documents and Settings\All Users\hash.dat


Some content of TEMP:
====================
C:\Documents and Settings\Desiree Delmastro\Local Settings\temp\ntdll_dump.dll
C:\Documents and Settings\Desiree Delmastro\Local Settings\temp\SkypeSetup.exe
C:\Documents and Settings\Desiree Delmastro\Local Settings\temp\utt3D5.tmp.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
 

 

 

 

 

 

I don't see an addition.txt log.  I downloaded the program to my desktop and only see the one log (FRST.txt)



#4 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 03 February 2014 - 11:04 PM

Just to let you know that I appreciate the help very much, but my work schedule doesn't allow me to be home until after 6pm-ish eastern time. But this is a priority for me and I will respond daily. :)



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:57 PM

Posted 03 February 2014 - 11:20 PM



Hello Heavily Armed Pixie

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 04 February 2014 - 06:30 PM

Evenin'!

 

 

 

# AdwCleaner v3.018 - Report created 04/02/2014 at 18:07:08
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Desiree Delmastro - NEW
# Running from : C:\Documents and Settings\Desiree Delmastro\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater11.2.0

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Trymedia
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Local Settings\Application Data\BitTorrentBar
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\Search Protection
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\Conduit
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\ConduitEngine
Folder Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\ICQToolbarData
File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1A03F196-9617-4CA0-842B-A83CEECB022B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{237FCCB0-1669-4937-83EC-031D75CA702E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26A67772-5AC7-4417-9967-38DACF181D80}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26A67772-5AC7-4417-9967-38DACF181D80}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{26A67772-5AC7-4417-9967-38DACF181D80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63F8D406-3D63-4235-B5E8-03A71C20E7C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B283B07-4045-4201-B36F-AEC29F4F47EA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Steam\steamapps\common\Torchlight II\ModLauncher.exe]
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\AutocompleteProBHO
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\BitTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BitTorrentBar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\fo8rbyqz.default-1365107352359\prefs.js ]


[ File : C:\Documents and Settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\prefs.js ]

Line Deleted : user_pref("CT1060933..clientLogIsEnabled", true);
Line Deleted : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1060933.1000082.currentList", "[{\"stationId\":\"21504191\",\"url\":\"hxxp://live.cumulusstreaming.com/KFOG-FM\",\"description\":\"KFOG\",\"text\":\"KFOG\",\"type\":\"STREAM\"},{\"station[...]
Line Deleted : user_pref("CT1060933.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT1060933.1000082.localStations", "[{\"stationId\":\"9942\",\"url\":\"hxxp://1.fm/wm/energycountry32k.asx\",\"description\":\"1.FM (Country)\",\"text\":\"1.FM (Cou...\",\"type\":\"STREAM\"}[...]
Line Deleted : user_pref("CT1060933.1000082.nowPlaying", "{\"stationId\":\"21504191\",\"url\":\"hxxp://live.cumulusstreaming.com/KFOG-FM\",\"description\":\"KFOG\",\"text\":\"KFOG\",\"type\":\"STREAM\"}");
Line Deleted : user_pref("CT1060933.1000082.publisherStations", "[{\"stationId\":\"21504191\",\"url\":\"hxxp://live.cumulusstreaming.com/KFOG-FM\",\"description\":\"KFOG\",\"text\":\"KFOG\",\"type\":\"STREAM\"},{\"s[...]
Line Deleted : user_pref("CT1060933.1000082.state", "{\"state\":\"stopped\",\"text\":\"KFOG\",\"description\":\"KFOG\",\"url\":\"hxxp://live.cumulusstreaming.com/KFOG-FM\"}");
Line Deleted : user_pref("CT1060933.129677514212584059.APP_WIN_FEATURES", "resizable=no,scrollbars=no,titlebar=no,openposition=alignment:B,savelocation=0,saveresizedsize=0");
Line Deleted : user_pref("CT1060933.129686665230467549.APP_WIN_FEATURES", "resizable=no,hscroll=no,vscroll=no,savelocation=no,saveresizedsize=no,closebutton=no,openposition=center");
Line Deleted : user_pref("CT1060933.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT1060933.AppTrackingLastCheckTime", "Wed Jan 11 2012 09:07:04 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_129633202291172081", true);
Line Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_129652058719725628", true);
Line Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_129681785283868963", true);
Line Deleted : user_pref("CT1060933.BrowserCompStateIsOpen_129686665230467549", true);
Line Deleted : user_pref("CT1060933.CTID", "CT1060933");
Line Deleted : user_pref("CT1060933.CommunitiesChangesLastCheckTime", "Mon Mar 26 2012 07:32:25 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.CommunitiesChangesLastUrl", "hxxp://grouping.services.conduit.com/GroupingRequest.ctp?type=ToolbarsInfo&ctids=CT1060933");
Line Deleted : user_pref("CT1060933.CommunityChanged", true);
Line Deleted : user_pref("CT1060933.CurrentServerDate", "11-1-2012");
Line Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT1060933.DialogsGetterLastCheckTime", "Wed Jan 11 2012 09:06:56 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.DownloadDomainsCheckInterval", "168");
Line Deleted : user_pref("CT1060933.DownloadDomainsListLastCheckTime", "Mon Mar 26 2012 07:32:25 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.DownloadDomainsListLastServerUpdateTime", "1201069983");
Line Deleted : user_pref("CT1060933.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT1060933.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1060933.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1060933.EnableClickToSearchBox", false);
Line Deleted : user_pref("CT1060933.EnableSearchHistory", false);
Line Deleted : user_pref("CT1060933.EnableSearchSuggest", false);
Line Deleted : user_pref("CT1060933.EnableUsage", false);
Line Deleted : user_pref("CT1060933.FirstServerDate", "12-8-2010");
Line Deleted : user_pref("CT1060933.FirstTime", true);
Line Deleted : user_pref("CT1060933.FirstTimeFF3", true);
Line Deleted : user_pref("CT1060933.FirstTimeSettingsDone", true);
Line Deleted : user_pref("CT1060933.FixPageNotFoundErrors", false);
Line Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT1060933.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT1060933.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT1060933.HomepageBeforeUnload", "hxxp://www.weightwatchers.com/index.aspx");
Line Deleted : user_pref("CT1060933.Initialize", true);
Line Deleted : user_pref("CT1060933.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT1060933.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT1060933.InstalledDate", "Wed Aug 11 2010 21:21:54 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.InvalidateCache", false);
Line Deleted : user_pref("CT1060933.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT1060933.IsGrouping", false);
Line Deleted : user_pref("CT1060933.IsMulticommunity", true);
Line Deleted : user_pref("CT1060933.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT1060933.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Mon Mar 26 2012 07:32:26 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT1060933.LastLogin_2.7.1.3", "Tue Mar 22 2011 18:08:01 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.LastLogin_3.2.5.2", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.LastLogin_3.3.2.1", "Sat Mar 26 2011 10:15:34 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.LastLogin_3.3.3.2", "Fri Oct 21 2011 23:47:45 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.LastLogin_3.7.0.6", "Wed Jan 11 2012 09:06:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.LatestVersion", "3.9.0.3");
Line Deleted : user_pref("CT1060933.Locale", "en-us");
Line Deleted : user_pref("CT1060933.LoginCache", 4);
Line Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT1060933.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT1060933.PrintItGreenStatus", "true");
Line Deleted : user_pref("CT1060933.PublisherContainerWidth", 704);
Line Deleted : user_pref("CT1060933.RadioIsPodcast", false);
Line Deleted : user_pref("CT1060933.RadioLastCheckTime", "Sun Oct 10 2010 10:29:57 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT1060933.RadioLastUpdateServer", "129089749660500000");
Line Deleted : user_pref("CT1060933.RadioMediaID", "5020427");
Line Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT10609335020427");
Line Deleted : user_pref("CT1060933.RadioStationName", "Classic%20Rock");
Line Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://tuner1.dc1.sonixtream.com/playlists/wmgk/wmgkWMGKFM.asx");
Line Deleted : user_pref("CT1060933.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT1060933.SearchBackToDefaultEngine", false);
Line Deleted : user_pref("CT1060933.SearchBoxWidth", 173);
Line Deleted : user_pref("CT1060933.SearchEngineBeforeUnload", "  ");
Line Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Wed Jan 11 2012 09:06:53 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.SearchInNewTabUserEnabled", false);
Line Deleted : user_pref("CT1060933.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT1060933.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT1060933.ServiceMapLastCheckTime", "Mon Mar 26 2012 07:32:25 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Mon Mar 26 2012 07:32:24 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.SettingsLastUpdate", "1330957254");
Line Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Mon Mar 26 2012 07:32:24 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Line Deleted : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT1060933.UserID", "UN64475667690961854");
Line Deleted : user_pref("CT1060933.ValidationData_Search", 2);
Line Deleted : user_pref("CT1060933.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT1060933.alertChannelId", "15651");
Line Deleted : user_pref("CT1060933.appApproved.129272674122038321", true);
Line Deleted : user_pref("CT1060933.autoDisableScopes", 0);
Line Deleted : user_pref("CT1060933.autocompletepro_enable", "1");
Line Deleted : user_pref("CT1060933.autocompletepro_enable_auto", "1");
Line Deleted : user_pref("CT1060933.backendstorage.autocompletepro_enable", "31");
Line Deleted : user_pref("CT1060933.backendstorage.autocompletepro_enable_auto", "31");
Line Deleted : user_pref("CT1060933.backendstorage.cbfirsttime", "5475652044656320323720323031312031383A35353A313020474D542D3035303020284561737465726E205374616E646172642054696D6529");
Line Deleted : user_pref("CT1060933.backendstorage.shoppingapp.gk.exipres", "536174204D617220333120323031322030373A33323A323720474D542D3034303020284561737465726E204461796C696768742054696D6529");
Line Deleted : user_pref("CT1060933.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Line Deleted : user_pref("CT1060933.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT1060933.cbcountry_000", "US");
Line Deleted : user_pref("CT1060933.cbfirsttime", "Mon Mar 26 2012 07:35:50 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT1060933.clientLogIsEnabled", true);
Line Deleted : user_pref("CT1060933.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT1060933.components.1000082", false);
Line Deleted : user_pref("CT1060933.components.129032145384800518", true);
Line Deleted : user_pref("CT1060933.components.129032152822456983", true);
Line Deleted : user_pref("CT1060933.components.129032154330894193", true);
Line Deleted : user_pref("CT1060933.components.129032155426050046", true);
Line Deleted : user_pref("CT1060933.components.129032157011675027", true);
Line Deleted : user_pref("CT1060933.components.129032162642925076", true);
Line Deleted : user_pref("CT1060933.components.129078058382649592", false);
Line Deleted : user_pref("CT1060933.components.129272674122038321", true);
Line Deleted : user_pref("CT1060933.defaultSearch", "true");
Line Deleted : user_pref("CT1060933.defaultSearchDisplayName", "");
Line Deleted : user_pref("CT1060933.defaultSearchUrl", "");
Line Deleted : user_pref("CT1060933.embeddedsData", "[{\"appId\":\"128280995260143876\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT1060933.enableAlerts", "always");
Line Deleted : user_pref("CT1060933.enableFix404", "true");
Line Deleted : user_pref("CT1060933.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT1060933.firstTimeDialogOpened", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Wed Jan 11 2012 09:06:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT1060933.initDone", true);
Line Deleted : user_pref("CT1060933.installId", "ConduitNSISIntegration");
Line Deleted : user_pref("CT1060933.installType", "ConduitXPEIntegration");
Line Deleted : user_pref("CT1060933.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT1060933.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1060933.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1060933.keyword", true);
Line Deleted : user_pref("CT1060933.myStuffEnabled", true);
Line Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT1060933.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fthesaurus.com%2Fbrowse%2Fneedy%3Fs%3Dt\",\"EB_MAIN_FRAME_TITLE\":\"%0ANeedy%20Synonyms%2C%20[...]
Line Deleted : user_pref("CT1060933.oldAppsList", "200,128346981843587669,128280995260143876,111,129272674122038321,129032145384800518,129032148247613461,129032152822456983,129032154330894193,129032155426050046,1290[...]
Line Deleted : user_pref("CT1060933.openThankYouPage", "false");
Line Deleted : user_pref("CT1060933.openUninstallPage", "true");
Line Deleted : user_pref("CT1060933.revertSettingsEnabled", false);
Line Deleted : user_pref("CT1060933.search.searchAppId", "128280995260143876");
Line Deleted : user_pref("CT1060933.search.searchCount", "0");
Line Deleted : user_pref("CT1060933.searchInNewTabEnabled", "false");
Line Deleted : user_pref("CT1060933.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT1060933.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1060933\"}");
Line Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://Freecorder.Media-Toolbar.com//xpi\"}");
Line Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Freecorder\"}");
Line Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1060933.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT1060933.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1333671247524");
Line Deleted : user_pref("CT1060933.serviceLayer_services_appTracking_lastUpdate", "1333671127295");
Line Deleted : user_pref("CT1060933.serviceLayer_services_appsMetadata_lastUpdate", "1333671127413");
Line Deleted : user_pref("CT1060933.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1332761744299");
Line Deleted : user_pref("CT1060933.serviceLayer_services_login_10.7.1.62_lastUpdate", "1333671127062");
Line Deleted : user_pref("CT1060933.serviceLayer_services_optimizer_lastUpdate", "1333671128535");
Line Deleted : user_pref("CT1060933.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1332761745007");
Line Deleted : user_pref("CT1060933.serviceLayer_services_searchAPI_lastUpdate", "1333671127484");
Line Deleted : user_pref("CT1060933.serviceLayer_services_serviceMap_lastUpdate", "1333671127456");
Line Deleted : user_pref("CT1060933.serviceLayer_services_toolbarContextMenu_lastUpdate", "1332761744255");
Line Deleted : user_pref("CT1060933.serviceLayer_services_toolbarSettings_lastUpdate", "1333671127418");
Line Deleted : user_pref("CT1060933.serviceLayer_services_translation_lastUpdate", "1333671127683");
Line Deleted : user_pref("CT1060933.settingsINI", true);
Line Deleted : user_pref("CT1060933.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT1060933.smartbar.CTID", "CT1060933");
Line Deleted : user_pref("CT1060933.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT1060933.smartbar.homepage", true);
Line Deleted : user_pref("CT1060933.smartbar.isHidden", true);
Line Deleted : user_pref("CT1060933.smartbar.toolbarName", "Freecorder ");
Line Deleted : user_pref("CT1060933.smartbar.userID", "UN78863962988970840");
Line Deleted : user_pref("CT1060933.startPage", "userChanged");
Line Deleted : user_pref("CT1060933.testingCtid", "");
Line Deleted : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Wed Jan 11 2012 09:06:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.toolbarBornServerTime", "26-3-2012");
Line Deleted : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Wed Jan 11 2012 09:06:55 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT1060933.toolbarCurrentServerTime", "6-4-2012");
Line Deleted : user_pref("CT1060933.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT1060933.url_history0001", "hxxp://www.tumblr.com/edit/19949949002?redirect_to=%2Fdashboard:::clickhandler:::1332761908404");
Line Deleted : user_pref("CT1060933.usagesFlag", 2);
Line Deleted : user_pref("CT2790392..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2790392.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.CurrentServerDate", "12-12-2010");
Line Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 161);
Line Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Line Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Line Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Line Deleted : user_pref("CT2790392.FirstServerDate", "12-12-2010");
Line Deleted : user_pref("CT2790392.FirstTime", true);
Line Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Line Deleted : user_pref("CT2790392.FixPageNotFoundErrors", false);
Line Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2790392.Initialize", true);
Line Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 1);
Line Deleted : user_pref("CT2790392.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT2790392.InstalledDate", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.IsGrouping", false);
Line Deleted : user_pref("CT2790392.IsMulticommunity", false);
Line Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2790392.LastLogin_3.2.5.2", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.LatestVersion", "3.2.3.3");
Line Deleted : user_pref("CT2790392.Locale", "en");
Line Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxps://www.google.com/#q=");
Line Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Sat Dec 11 2010 18:09:14 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Sat Dec 11 2010 18:09:14 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.SettingsLastUpdate", "1291812328");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sat Dec 11 2010 18:09:14 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2790392.UserID", "UN72856480281242836");
Line Deleted : user_pref("CT2790392.WeatherNetwork", "");
Line Deleted : user_pref("CT2790392.WeatherPollDate", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.WeatherUnit", "F");
Line Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Line Deleted : user_pref("CT2790392.myStuffEnabled", true);
Line Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2790392.testingCtid", "");
Line Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT1060933");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"5b4072d2a31aa85531cc9533ca92b8b71\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", "\"1324192924\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "Zee/agZSWJctT5JcsQKOQQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct1cJIHg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "/oUS1eK2SdsB3t6H2kLPsA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "+RsYuZ9IN1smka6Zuggr5w==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "o2to7MmrsZrvbHYQMnKy6A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80133a6b165cd1:12fc\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933", "\"88ab3d189479970c76432224e585cea4\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634268528229370000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634248284990000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=CT1060933", "\"1324825492\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT1060933/CT1060933", "\"1312118201\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"1291812328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634432176643630000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634274084120830000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"fa4380e73819351f6e9d753acaf55ed9\"");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bittorrentbar");
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Desiree Delmastro\\Application Data\\Mozilla\\Firefox\\Profiles\\rzbiogt2.default\\conduitCommon\\modules\\3.10.0.1");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://storage.conduit.com/gadgets/LiveTV.html?source=hxxp://a1482.v373745.c37374.g.vm.akamaistream.net/7/1482/37374/46f650bc/clipdownloads.bbc.co.[...]
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://storage.conduit.com/gadgets/LiveTV.html?source=hxxp://mfile.akamai.com/12441/live/reflector:39570.asx", "533x195");
Line Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/fc6/gadget/video.html", "833x246");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bittorrentbar");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933,ConduitEngine,CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933,ConduitEngine,CT2790392");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Mar 22 2011 20:14:12 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Oct 21 2011 15:47:52 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Oct 21 2011 15:47:44 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{8c337043-3e14-4420-bb18-0f01447a35f6}");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Dec 11 2010 18:09:16 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "1c2aa1c4-1bb6-46fe-acc3-555f008fe509");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Mar 26 2012 07:32:26 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Mar 26 2012 07:32:34 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Mar 26 2012 07:32:25 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "fbcf74a9-59ff-4d00-8aa7-af13b4b6830c");
Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line Deleted : user_pref("ConduitEngine.SavedHomepage", "hxxp://www.google.com/");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Dec 11 2010 18:09:14 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("ConduitEngine.UserID", "UN76455101053114293");
Line Deleted : user_pref("ConduitEngine.engineLocale", "en-US");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Dec 11 2010 18:09:15 GMT-0500 (Eastern Standard Time)");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Freecorder Customized Web Search");
Line Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AVG Secure Search\\9.0.0.18");
Line Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Line Deleted : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\"img\":\"hxxp://freecorder.com/fc7/ui/buttons/menu_header.png\",\"width\":225,\"height\":65},{\"name[...]
Line Deleted : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sale A Day\",\"autordr\":1,\"n\":\"3\",\"td\":1.5},\"1-Stop-Florists\":{\"name\":\"1 Stop Florists\",\[...]
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "43a745d2-8b09-4b4b-9d5c-498e60a7df03");
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "2.0.0.12");
Line Deleted : user_pref("icqtoolbar.uniqueID", "120639116312063911631206412830171");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1206412832);
Line Deleted : user_pref("icqtoolbar.version", "1.1.1");
Line Deleted : user_pref("socialfixer.100001078112539/cache/bfb_donate_pagelet", "<div style=\"background-color:#ffffcc;border:1px solid #cccc99;padding:5px;-moz-border-radius:3px;-webkit-border-radius:3px;border-ra[...]

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4iqqouc3.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [49109 octets] - [04/02/2014 18:03:19]
AdwCleaner[S0].txt - [50000 octets] - [04/02/2014 18:07:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [50061 octets] ##########





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Microsoft Windows XP x86
Ran by Desiree Delmastro on Tue 02/04/2014 at 18:23:51.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\freecorder"



~~~ FireFox

Successfully deleted: [Folder] C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\firefox\profiles\rzbiogt2.default\extensions\staged
Successfully deleted: [Folder] C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\firefox\profiles\rzbiogt2.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
Successfully deleted the following from C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\firefox\profiles\rzbiogt2.default\prefs.js

user_pref("socialfixer.100001078112539/cache/bfb_tip_pagelet", "<div style=\"border:2px solid #cccc99;padding:5px;background-color:#ffffcc;-moz-border-radius:5px;-webkit-borde
user_pref("socialfixer.100001485058353/cache/bfb_tip_pagelet", "<div style=\"border:2px solid #cccc99;padding:5px;background-color:#ffffcc;-moz-border-radius:5px;-webkit-borde
user_pref("socialfixer.100002722170398/cache/bfb_tip_pagelet", "<div style=\"border:2px solid #cccc99;padding:5px;background-color:#ffffcc;-moz-border-radius:5px;-webkit-borde
user_pref("socialfixer.100003615980797/cache/bfb_tip_pagelet", "<div style=\"border:2px solid #cccc99;padding:5px;background-color:#ffffcc;-moz-border-radius:5px;-webkit-borde
user_pref("socialfixer.509109970/typeahead_new", "for (;;);{\"__ar\":1,\"payload\":{\"entries\":[{\"uid\":100002466355061,\"photo\":\"hxxps:\\/\\/fbcdn-profile-a.akamaihd.net\
Emptied folder: C:\Documents and Settings\Desiree Delmastro\Application Data\mozilla\firefox\profiles\rzbiogt2.default\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/04/2014 at 18:28:57.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:57 PM

Posted 04 February 2014 - 09:16 PM


Hello Heavily Armed Pixie

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 04 February 2014 - 10:42 PM

ComboFix 14-02-03.01 - Desiree Delmastro 02/04/2014  22:11:35.6.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2558.1599 [GMT -5:00]
Running from: c:\documents and settings\Desiree Delmastro\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\537522h5w746s537w260c5hnt1r6
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\uninstaller.exe
c:\windows\EventSystem.log
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\371b756c03cd2a36.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5a4467ad5c836581.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\98c8313d46300821.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\aef24614769261bd.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d5ae2cdf9a4389d1.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\Thumbs.db
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-05 to 2014-02-05  )))))))))))))))))))))))))))))))
.
.
2014-02-04 23:23 . 2014-02-04 23:23    --------    d-----w-    c:\windows\ERUNT
2014-02-04 23:03 . 2014-02-04 23:08    --------    d-----w-    C:\AdwCleaner
2014-01-14 01:13 . 2014-01-14 01:13    --------    d-----w-    c:\documents and settings\Desiree Delmastro\Application Data\Atari
2014-01-07 23:32 . 2014-01-07 23:32    --------    d-----w-    C:\RegBackup
2014-01-07 23:32 . 2014-01-07 23:32    --------    d-----w-    c:\program files\Tweaking.com
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-05 19:29 . 2014-01-05 19:29    51416    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-01-05 17:15 . 2014-01-05 17:15    19200    ----a-w-    c:\windows\system32\drivers\wstcodec.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12032    ----a-w-    c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    83072    ----a-w-    c:\windows\system32\drivers\wdmaud.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    492000    ----a-w-    c:\windows\system32\drivers\wdf01000.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4352    ----a-w-    c:\windows\system32\drivers\wmilib.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    32224    ----a-w-    c:\windows\system32\drivers\wdfldr.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25471    ----a-w-    c:\windows\system32\drivers\watv10nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    18944    ----a-w-    c:\windows\system32\drivers\wpdusb.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    52352    ----a-w-    c:\windows\system32\drivers\volsnap.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    34560    ----a-w-    c:\windows\system32\drivers\wanarp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    22271    ----a-w-    c:\windows\system32\drivers\watv06nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    14208    ----a-w-    c:\windows\system32\drivers\wacompen.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11935    ----a-w-    c:\windows\system32\drivers\wadv11nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11871    ----a-w-    c:\windows\system32\drivers\wadv09nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11807    ----a-w-    c:\windows\system32\drivers\wadv07nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11295    ----a-w-    c:\windows\system32\drivers\wadv08nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    81924    ----a-w-    c:\windows\system32\drivers\VC4CB104.SYS.bak
2014-01-05 17:15 . 2014-01-05 17:15    81664    ----a-w-    c:\windows\system32\drivers\videoprt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5376    ----a-w-    c:\windows\system32\drivers\viaide.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    42240    ----a-w-    c:\windows\system32\drivers\viaagp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    20992    ----a-w-    c:\windows\system32\drivers\vga.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    121984    ----a-w-    c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    10752    ----a-w-    c:\windows\system32\drivers\Video3D32.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    59520    ----a-w-    c:\windows\system32\drivers\usbhub.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30208    ----a-w-    c:\windows\system32\drivers\usbehci.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    26368    ----a-w-    c:\windows\system32\drivers\usbstor.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    20608    ----a-w-    c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15872    ----a-w-    c:\windows\system32\drivers\usbintel.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15104    ----a-w-    c:\windows\system32\drivers\usbscan.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    143872    ----a-w-    c:\windows\system32\drivers\usbport.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    60032    ----a-w-    c:\windows\system32\drivers\usbaudio.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4736    ----a-w-    c:\windows\system32\drivers\usbd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    45056    ----a-w-    c:\windows\system32\drivers\usbaapl.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    32128    ----a-w-    c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25728    ----a-w-    c:\windows\system32\drivers\usbcamd2.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25600    ----a-w-    c:\windows\system32\drivers\usbcamd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12800    ----a-w-    c:\windows\system32\drivers\usb8023x.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12800    ----a-w-    c:\windows\system32\drivers\usb8023.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    66048    ----a-w-    c:\windows\system32\drivers\udfs.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4992    ----a-w-    c:\windows\system32\drivers\toside.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    44672    ----a-w-    c:\windows\system32\drivers\uagp35.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    384768    ----a-w-    c:\windows\system32\drivers\update.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    36736    ----a-w-    c:\windows\system32\drivers\ultra.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12288    ----a-w-    c:\windows\system32\drivers\tunmp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    40840    ----a-w-    c:\windows\system32\drivers\termdd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    361600    ----a-w-    c:\windows\system32\drivers\tcpip.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    226880    ----a-w-    c:\windows\system32\drivers\tcpip6.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    21896    ----a-w-    c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    19072    ----a-w-    c:\windows\system32\drivers\tdi.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12040    ----a-w-    c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    14976    ----a-w-    c:\windows\system32\drivers\tape.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    60800    ----a-w-    c:\windows\system32\drivers\sysaudio.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    56576    ----a-w-    c:\windows\system32\drivers\swmidi.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4352    ----a-w-    c:\windows\system32\drivers\swenum.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    32640    ----a-w-    c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30688    ----a-w-    c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    28384    ----a-w-    c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    16256    ----a-w-    c:\windows\system32\drivers\symc810.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15232    ----a-w-    c:\windows\system32\drivers\streamip.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdwhnt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdwh.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdcmnt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdcm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5632    ----a-w-    c:\windows\system32\drivers\StarOpen.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    49408    ----a-w-    c:\windows\system32\drivers\stream.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11944    ----a-w-    c:\windows\system32\drivers\sscdmdfl.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    106792    ----a-w-    c:\windows\system32\drivers\sscdmdm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    80552    ----a-w-    c:\windows\system32\drivers\sscdbus.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    73472    ----a-w-    c:\windows\system32\drivers\sr.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    357888    ----a-w-    c:\windows\system32\drivers\srv.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    685816    ----a-w-    c:\windows\system32\drivers\sptd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    6272    ----a-w-    c:\windows\system32\drivers\splitter.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5888    ----a-w-    c:\windows\system32\drivers\smbali.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25344    ----a-w-    c:\windows\system32\drivers\sonydcam.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    19072    ----a-w-    c:\windows\system32\drivers\sparrow.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    14592    ----a-w-    c:\windows\system32\drivers\smclib.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    13240    ----a-w-    c:\windows\system32\drivers\slwdmsup.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    95424    ----a-w-    c:\windows\system32\drivers\slnthal.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    404990    ----a-w-    c:\windows\system32\drivers\slntamr.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    129535    ----a-w-    c:\windows\system32\drivers\slnt7554.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11136    ----a-w-    c:\windows\system32\drivers\slip.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    64512    ----a-w-    c:\windows\system32\drivers\serial.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    40960    ----a-w-    c:\windows\system32\drivers\sisagp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    20480    ----a-w-    c:\windows\system32\drivers\secdrv.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15744    ----a-w-    c:\windows\system32\drivers\serenum.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11904    ----a-w-    c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11392    ----a-w-    c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11008    ----a-w-    c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    10240    ----a-w-    c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    79232    ----a-w-    c:\windows\system32\drivers\sdbus.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    96384    ----a-w-    c:\windows\system32\drivers\scsiport.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    166912    ----a-w-    c:\windows\system32\drivers\s3gnbm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4403712    ----a-w-    c:\windows\system32\drivers\RtkHDAud.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5888    ----a-w-    c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30592    ----a-w-    c:\windows\system32\drivers\rndismpx.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30592    ----a-w-    c:\windows\system32\drivers\rndismp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    203136    ----a-w-    c:\windows\system32\drivers\rmcast.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12032    ----a-w-    c:\windows\system32\drivers\riodrv.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12032    ----a-w-    c:\windows\system32\drivers\rio8drv.sys.bak
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-17 16132608]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-07-17 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-07-17 138008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-02-07 01:25    10792    ----a-w-    c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-05-19 15:54    87424    ----a-w-    c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0lsdelete\0sprestrt\0sprestrt\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SetPointII.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\SetPointII.lnk
backup=c:\windows\pss\SetPointII.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Desiree Delmastro^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Desiree Delmastro\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Desiree Delmastro^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\documents and settings\Desiree Delmastro\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccipStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Desiree Delmastro^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\documents and settings\Desiree Delmastro\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57    959904    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2007-01-27 18:45    287077    ----a-w-    c:\program files\SlySoft\AnyDVD\AnyDVD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2009-07-30 23:10    380928    ----a-w-    c:\program files\ASUS\GamerOSD\GamerOSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-11-17 11:53    171464    ----a-w-    c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39    1164584    ----a-w-    c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-29 02:57    136176    ----atw-    c:\documents and settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 16:35    221184    ----a-w-    c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37    81920    ----a-w-    c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2011-09-16 20:10    63048    ------w-    c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2013-04-04 18:50    887432    ----a-w-    c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 22:23    118784    ------w-    c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36    421888    ----a-w-    c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 14:00    1116920    ----a-w-    c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2006-11-05 16:22    221184    ----a-w-    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 21:42    20584608    ----a-r-    c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-01-27 19:02    1815976    ----a-w-    c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"Schedule"=2 (0x2)
"RoxWatch9"=2 (0x2)
"RoxMediaDB9"=3 (0x3)
"helpsvc"=2 (0x2)
"GoogleDesktopManager"=3 (0x3)
"Fax"=2 (0x2)
"tmproxy"=2 (0x2)
"TmPfw"=2 (0x2)
"Tmntsrv"=2 (0x2)
"vToolbarUpdater11.2.0"=2 (0x2)
"PnkBstrA"=3 (0x3)
"AdobeActiveFileMonitor7.0"=3 (0x3)
"Adobe LM Service"=3 (0x3)
"FsUsbExService"=3 (0x3)
"idsvc"=3 (0x3)
"Steam Client Service"=3 (0x3)
"SkypeUpdate"=2 (0x2)
"Skype C2C Service"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"DSBrokerService"=3 (0x3)
"CryptSvc"=3 (0x3)
"COMSysApp"=3 (0x3)
"BITS"=3 (0x3)
"AVG Security Toolbar Service"=3 (0x3)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)
"aawservice"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Documents and Settings\\Desiree Delmastro\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1363\\Agent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\MountBlade Warband\\mb_warband.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
"c:\\Documents and Settings\\Desiree Delmastro\\Application Data\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Rollercoaster Tycoon 3 Gold\\RCT3plus.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Sid Meier's Civilization V\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Torchlight II\\ModLauncher.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 3:50 AM 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2/8/2013 3:37 AM 246072]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [3/16/2011 3:03 PM 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 12:32 PM 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 12:32 PM 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [1/7/2011 5:41 AM 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4/4/2011 11:59 PM 182072]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [11/20/2013 1:54 AM 283136]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [1/7/2010 6:13 PM 10384]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [11/16/2011 10:06 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/16/2011 10:06 PM 12856]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [7/4/2013 2:53 PM 4939312]
S2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [7/10/2009 6:57 PM 2560]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9/5/2013 9:34 AM 171680]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [11/12/2009 12:18 PM 36608]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [12/20/2008 6:59 PM 49377]
S4 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 11:03 AM 169312]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [6/18/2011 7:47 PM 167264]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [8/13/2012 12:33 PM 3064000]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/26/2007 12:25 AM 685816]
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 20:15]
.
2011-08-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 21:57]
.
2010-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-741003188-2100121653-3323792151-1006Core1cb784dbabf1ff6.job
- c:\documents and settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-29 02:57]
.
2013-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-741003188-2100121653-3323792151-1006Core1ceefe9d403a470.job
- c:\documents and settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-29 02:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 167.206.251.130 167.206.251.129
FF - ProfilePath - c:\documents and settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.weightwatchers.com/index.aspx
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Freecorder FLV Service - c:\program files\Freecorder\FLVSrvc.exe
SafeBoot-74320569.sys
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
MSConfigStartUp-AmazonGSDownloaderTray - c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
MSConfigStartUp-AnukoWorldClock - c:\program files\Anuko\World Clock\world_clock.exe
MSConfigStartUp-LogitechSoftwareUpdate - c:\program files\Logitech\Video\ManifestEngine.exe
MSConfigStartUp-LogitechVideoRepair - c:\program files\Logitech\Video\ISStart.exe
MSConfigStartUp-LogitechVideoTray - c:\program files\Logitech\Video\LogiTray.exe
MSConfigStartUp-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
MSConfigStartUp-Spotify - c:\documents and settings\Desiree Delmastro\Application Data\Spotify\Spotify.exe
AddRemove-Freecorder4.01 - c:\windows\Freecorder\uninstall.exe
AddRemove-Freecorder5.11 - c:\program files\Freecorder\uninstall.exe
AddRemove-Search Protection - c:\documents and settings\Desiree Delmastro\Application Data\Search Protection\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-04 22:36
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-741003188-2100121653-3323792151-1006\Software\SecuROM\License information*]
"datasecu"=hex:c9,36,8d,89,bf,ad,59,3e,e3,d6,79,97,15,e1,33,eb,a0,be,d5,4c,84,
   11,98,72,13,fe,8d,12,00,20,95,77,70,1c,d1,37,f3,2c,00,35,07,d2,4c,c4,b9,0a,\
"rkeysecu"=hex:4f,ef,a3,fa,11,2b,b0,d3,c4,97,1d,bb,c3,b2,bd,45
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \DA9879757777DAE8]
"1"=hex:ed,4b,4a,ed,15,23,49,74,5a,62,6c,ea,06,f6,a6,df
"2"=hex:a9,40,80,f3,45,2c,d5,a1,17,53,11,d7,21,de,a4,9e,6a,1e,4c,7d,81,1f,25,
   c0
"3"=hex:ed,4b,4a,ed,15,23,49,74,b0,26,52,ff,a0,7d,07,31,e6,5f,d4,da,fb,3f,90,
   71,aa,b2,65,a5,35,5e,7b,42
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \DA9879757777DAE8\A4C6DC1D7052183A161573F7BA846387]
"1"=hex:af,cb,16,09,e4,79,a0,1b,a3,0f,f3,eb,ff,df,19,1a
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
   1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
   51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:ed,4b,4a,ed,15,23,49,74,5a,02,d0,c7,f9,dd,f2,e5,3e,e0,99,3d,a8,68,9c,
   4f,1f,71,fc,13,23,3b,2c,6b,94,db,ee,08,97,0d,d7,27,bf,b9,1b,eb,26,77,8c,fe,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,0e,b9,f2,3c,b9,b4,ef,
   ed,7d,0b,60,fe,65,75,f3,d1,8f,cf,f1,4b,a0,81,86,aa
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:b6,dd,00,4d,9d,38,11,d1
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Enum\HID\Vid_046d&Pid_c068&MI_00\7&11c8da54&0&0000\LogConf]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(968)
c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2014-02-04  22:41:39
ComboFix-quarantined-files.txt  2014-02-05 03:41
.
Pre-Run: 146,581,368,832 bytes free
Post-Run: 150,093,029,376 bytes free
.
- - End Of File - - 5465AD6C8BBBAD6D3B586317D93380CB
5CB90281D1A59B251F6603134774EEC3
 



#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:57 PM

Posted 04 February 2014 - 11:04 PM


Hello Heavily Armed Pixie

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 05 February 2014 - 08:54 AM

I'm running this in two seconds, but I wanted to report that last night at some point, Internet Explorer appeared on my desktop. I hate IE and though I never physically removed it from my computer (I don't think I can), I removed it from my start menu, my quick launch tool bar and my desktop, so I was surprised to see it there. I certainly didn't put it there, so the appearance was weird.

Will report back with my findings from your latest instructions shortly.



#11 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 05 February 2014 - 11:09 AM

ComboFix 14-02-05.02 - Desiree Delmastro 02/05/2014  10:18:52.7.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.2558.1920 [GMT -5:00]
Running from: c:\documents and settings\Desiree Delmastro\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Desiree Delmastro\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-05 to 2014-02-05  )))))))))))))))))))))))))))))))
.
.
2014-02-04 23:23 . 2014-02-04 23:23    --------    d-----w-    c:\windows\ERUNT
2014-02-04 23:03 . 2014-02-04 23:08    --------    d-----w-    C:\AdwCleaner
2014-01-14 01:13 . 2014-01-14 01:13    --------    d-----w-    c:\documents and settings\Desiree Delmastro\Application Data\Atari
2014-01-07 23:32 . 2014-01-07 23:32    --------    d-----w-    C:\RegBackup
2014-01-07 23:32 . 2014-01-07 23:32    --------    d-----w-    c:\program files\Tweaking.com
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-05 19:29 . 2014-01-05 19:29    51416    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-01-05 17:15 . 2014-01-05 17:15    19200    ----a-w-    c:\windows\system32\drivers\wstcodec.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12032    ----a-w-    c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    83072    ----a-w-    c:\windows\system32\drivers\wdmaud.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    492000    ----a-w-    c:\windows\system32\drivers\wdf01000.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4352    ----a-w-    c:\windows\system32\drivers\wmilib.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    32224    ----a-w-    c:\windows\system32\drivers\wdfldr.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25471    ----a-w-    c:\windows\system32\drivers\watv10nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    18944    ----a-w-    c:\windows\system32\drivers\wpdusb.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    52352    ----a-w-    c:\windows\system32\drivers\volsnap.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    34560    ----a-w-    c:\windows\system32\drivers\wanarp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    22271    ----a-w-    c:\windows\system32\drivers\watv06nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    14208    ----a-w-    c:\windows\system32\drivers\wacompen.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11935    ----a-w-    c:\windows\system32\drivers\wadv11nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11871    ----a-w-    c:\windows\system32\drivers\wadv09nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11807    ----a-w-    c:\windows\system32\drivers\wadv07nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11295    ----a-w-    c:\windows\system32\drivers\wadv08nt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    81924    ----a-w-    c:\windows\system32\drivers\VC4CB104.SYS.bak
2014-01-05 17:15 . 2014-01-05 17:15    81664    ----a-w-    c:\windows\system32\drivers\videoprt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5376    ----a-w-    c:\windows\system32\drivers\viaide.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    42240    ----a-w-    c:\windows\system32\drivers\viaagp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    20992    ----a-w-    c:\windows\system32\drivers\vga.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    121984    ----a-w-    c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    10752    ----a-w-    c:\windows\system32\drivers\Video3D32.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    59520    ----a-w-    c:\windows\system32\drivers\usbhub.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30208    ----a-w-    c:\windows\system32\drivers\usbehci.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    26368    ----a-w-    c:\windows\system32\drivers\usbstor.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    20608    ----a-w-    c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15872    ----a-w-    c:\windows\system32\drivers\usbintel.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15104    ----a-w-    c:\windows\system32\drivers\usbscan.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    143872    ----a-w-    c:\windows\system32\drivers\usbport.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    60032    ----a-w-    c:\windows\system32\drivers\usbaudio.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4736    ----a-w-    c:\windows\system32\drivers\usbd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    45056    ----a-w-    c:\windows\system32\drivers\usbaapl.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    32128    ----a-w-    c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25728    ----a-w-    c:\windows\system32\drivers\usbcamd2.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25600    ----a-w-    c:\windows\system32\drivers\usbcamd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12800    ----a-w-    c:\windows\system32\drivers\usb8023x.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12800    ----a-w-    c:\windows\system32\drivers\usb8023.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    66048    ----a-w-    c:\windows\system32\drivers\udfs.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4992    ----a-w-    c:\windows\system32\drivers\toside.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    44672    ----a-w-    c:\windows\system32\drivers\uagp35.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    384768    ----a-w-    c:\windows\system32\drivers\update.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    36736    ----a-w-    c:\windows\system32\drivers\ultra.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12288    ----a-w-    c:\windows\system32\drivers\tunmp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    40840    ----a-w-    c:\windows\system32\drivers\termdd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    361600    ----a-w-    c:\windows\system32\drivers\tcpip.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    226880    ----a-w-    c:\windows\system32\drivers\tcpip6.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    21896    ----a-w-    c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    19072    ----a-w-    c:\windows\system32\drivers\tdi.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12040    ----a-w-    c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    14976    ----a-w-    c:\windows\system32\drivers\tape.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    60800    ----a-w-    c:\windows\system32\drivers\sysaudio.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    56576    ----a-w-    c:\windows\system32\drivers\swmidi.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4352    ----a-w-    c:\windows\system32\drivers\swenum.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    32640    ----a-w-    c:\windows\system32\drivers\symc8xx.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30688    ----a-w-    c:\windows\system32\drivers\sym_u3.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    28384    ----a-w-    c:\windows\system32\drivers\sym_hi.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    16256    ----a-w-    c:\windows\system32\drivers\symc810.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15232    ----a-w-    c:\windows\system32\drivers\streamip.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdwhnt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdwh.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdcmnt.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    9256    ----a-w-    c:\windows\system32\drivers\sscdcm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5632    ----a-w-    c:\windows\system32\drivers\StarOpen.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    49408    ----a-w-    c:\windows\system32\drivers\stream.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11944    ----a-w-    c:\windows\system32\drivers\sscdmdfl.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    106792    ----a-w-    c:\windows\system32\drivers\sscdmdm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    80552    ----a-w-    c:\windows\system32\drivers\sscdbus.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    73472    ----a-w-    c:\windows\system32\drivers\sr.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    357888    ----a-w-    c:\windows\system32\drivers\srv.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    685816    ----a-w-    c:\windows\system32\drivers\sptd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    6272    ----a-w-    c:\windows\system32\drivers\splitter.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5888    ----a-w-    c:\windows\system32\drivers\smbali.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    25344    ----a-w-    c:\windows\system32\drivers\sonydcam.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    19072    ----a-w-    c:\windows\system32\drivers\sparrow.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    14592    ----a-w-    c:\windows\system32\drivers\smclib.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    13240    ----a-w-    c:\windows\system32\drivers\slwdmsup.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    95424    ----a-w-    c:\windows\system32\drivers\slnthal.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    404990    ----a-w-    c:\windows\system32\drivers\slntamr.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    129535    ----a-w-    c:\windows\system32\drivers\slnt7554.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11136    ----a-w-    c:\windows\system32\drivers\slip.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    64512    ----a-w-    c:\windows\system32\drivers\serial.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    40960    ----a-w-    c:\windows\system32\drivers\sisagp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    20480    ----a-w-    c:\windows\system32\drivers\secdrv.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    15744    ----a-w-    c:\windows\system32\drivers\serenum.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11904    ----a-w-    c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11392    ----a-w-    c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    11008    ----a-w-    c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    10240    ----a-w-    c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    79232    ----a-w-    c:\windows\system32\drivers\sdbus.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    96384    ----a-w-    c:\windows\system32\drivers\scsiport.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    166912    ----a-w-    c:\windows\system32\drivers\s3gnbm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    4403712    ----a-w-    c:\windows\system32\drivers\RtkHDAud.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    5888    ----a-w-    c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30592    ----a-w-    c:\windows\system32\drivers\rndismpx.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    30592    ----a-w-    c:\windows\system32\drivers\rndismp.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    203136    ----a-w-    c:\windows\system32\drivers\rmcast.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12032    ----a-w-    c:\windows\system32\drivers\riodrv.sys.bak
2014-01-05 17:15 . 2014-01-05 17:15    12032    ----a-w-    c:\windows\system32\drivers\rio8drv.sys.bak
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-17 16132608]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-07-17 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-07-17 138008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2012-02-23 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-02-07 01:25    10792    ----a-w-    c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-05-19 15:54    87424    ----a-w-    c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0lsdelete\0sprestrt\0sprestrt\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SetPointII.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\SetPointII.lnk
backup=c:\windows\pss\SetPointII.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Desiree Delmastro^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Desiree Delmastro\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Desiree Delmastro^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\documents and settings\Desiree Delmastro\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccipStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Desiree Delmastro^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\documents and settings\Desiree Delmastro\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57    959904    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2007-01-27 18:45    287077    ----a-w-    c:\program files\SlySoft\AnyDVD\AnyDVD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2009-07-30 23:10    380928    ----a-w-    c:\program files\ASUS\GamerOSD\GamerOSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-11-17 11:53    171464    ----a-w-    c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39    1164584    ----a-w-    c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-29 02:57    136176    ----atw-    c:\documents and settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-10-03 16:35    221184    ----a-w-    c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37    81920    ----a-w-    c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2011-09-16 20:10    63048    ------w-    c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2013-04-04 18:50    887432    ----a-w-    c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 22:23    118784    ------w-    c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36    421888    ----a-w-    c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 14:00    1116920    ----a-w-    c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2006-11-05 16:22    221184    ----a-w-    c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-11-14 21:42    20584608    ----a-r-    c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-01-27 19:02    1815976    ----a-w-    c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"Schedule"=2 (0x2)
"RoxWatch9"=2 (0x2)
"RoxMediaDB9"=3 (0x3)
"helpsvc"=2 (0x2)
"GoogleDesktopManager"=3 (0x3)
"Fax"=2 (0x2)
"tmproxy"=2 (0x2)
"TmPfw"=2 (0x2)
"Tmntsrv"=2 (0x2)
"vToolbarUpdater11.2.0"=2 (0x2)
"PnkBstrA"=3 (0x3)
"AdobeActiveFileMonitor7.0"=3 (0x3)
"Adobe LM Service"=3 (0x3)
"FsUsbExService"=3 (0x3)
"idsvc"=3 (0x3)
"Steam Client Service"=3 (0x3)
"SkypeUpdate"=2 (0x2)
"Skype C2C Service"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"DSBrokerService"=3 (0x3)
"CryptSvc"=3 (0x3)
"COMSysApp"=3 (0x3)
"BITS"=3 (0x3)
"AVG Security Toolbar Service"=3 (0x3)
"aspnet_state"=3 (0x3)
"AppMgmt"=3 (0x3)
"ALG"=3 (0x3)
"aawservice"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Documents and Settings\\Desiree Delmastro\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1040\\Agent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1363\\Agent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\MountBlade Warband\\mb_warband.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
"c:\\Documents and Settings\\Desiree Delmastro\\Application Data\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Rollercoaster Tycoon 3 Gold\\RCT3plus.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Sid Meier's Civilization V\\Launcher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Torchlight II\\ModLauncher.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 3:50 AM 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2/8/2013 3:37 AM 246072]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [3/16/2011 3:03 PM 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 12:32 PM 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 12:32 PM 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [1/7/2011 5:41 AM 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [4/4/2011 11:59 PM 182072]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [11/20/2013 1:54 AM 283136]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [1/7/2010 6:13 PM 10384]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [11/16/2011 10:06 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/16/2011 10:06 PM 12856]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [7/4/2013 2:53 PM 4939312]
S2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [7/10/2009 6:57 PM 2560]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [9/5/2013 9:34 AM 171680]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [11/12/2009 12:18 PM 36608]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [12/20/2008 6:59 PM 49377]
S4 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 11:03 AM 169312]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [6/18/2011 7:47 PM 167264]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [8/13/2012 12:33 PM 3064000]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11/26/2007 12:25 AM 685816]
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 20:15]
.
2011-08-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 21:57]
.
2010-10-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-741003188-2100121653-3323792151-1006Core1cb784dbabf1ff6.job
- c:\documents and settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-29 02:57]
.
2013-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-741003188-2100121653-3323792151-1006Core1ceefe9d403a470.job
- c:\documents and settings\Desiree Delmastro\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-29 02:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 167.206.251.130 167.206.251.129
FF - ProfilePath - c:\documents and settings\Desiree Delmastro\Application Data\Mozilla\Firefox\Profiles\rzbiogt2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.weightwatchers.com/index.aspx
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-05 10:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-741003188-2100121653-3323792151-1006\Software\SecuROM\License information*]
"datasecu"=hex:c9,36,8d,89,bf,ad,59,3e,e3,d6,79,97,15,e1,33,eb,a0,be,d5,4c,84,
   11,98,72,13,fe,8d,12,00,20,95,77,70,1c,d1,37,f3,2c,00,35,07,d2,4c,c4,b9,0a,\
"rkeysecu"=hex:4f,ef,a3,fa,11,2b,b0,d3,c4,97,1d,bb,c3,b2,bd,45
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \DA9879757777DAE8]
"1"=hex:ed,4b,4a,ed,15,23,49,74,5a,62,6c,ea,06,f6,a6,df
"2"=hex:a9,40,80,f3,45,2c,d5,a1,17,53,11,d7,21,de,a4,9e,6a,1e,4c,7d,81,1f,25,
   c0
"3"=hex:ed,4b,4a,ed,15,23,49,74,b0,26,52,ff,a0,7d,07,31,e6,5f,d4,da,fb,3f,90,
   71,aa,b2,65,a5,35,5e,7b,42
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \DA9879757777DAE8\A4C6DC1D7052183A161573F7BA846387]
"1"=hex:af,cb,16,09,e4,79,a0,1b,a3,0f,f3,eb,ff,df,19,1a
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
   1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
   51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:ed,4b,4a,ed,15,23,49,74,5a,02,d0,c7,f9,dd,f2,e5,3e,e0,99,3d,a8,68,9c,
   4f,1f,71,fc,13,23,3b,2c,6b,94,db,ee,08,97,0d,d7,27,bf,b9,1b,eb,26,77,8c,fe,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,0e,b9,f2,3c,b9,b4,ef,
   ed,7d,0b,60,fe,65,75,f3,d1,8f,cf,f1,4b,a0,81,86,aa
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:b6,dd,00,4d,9d,38,11,d1
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Enum\HID\Vid_046d&Pid_c068&MI_00\7&11c8da54&0&0000\LogConf]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(968)
c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(4032)
c:\windows\system32\WININET.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2014-02-05  10:41:48
ComboFix-quarantined-files.txt  2014-02-05 15:41
ComboFix2.txt  2014-02-05 03:41
.
Pre-Run: 150,275,649,536 bytes free
Post-Run: 150,242,230,272 bytes free
.
- - End Of File - - 66311A6C315A0E865E316E4CE5C440B9
5CB90281D1A59B251F6603134774EEC3
 



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:57 PM

Posted 05 February 2014 - 01:14 PM


Hello Heavily Armed Pixie

I would like to see a report that combofix makes.

extra combofix report
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok
copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 05 February 2014 - 01:25 PM

I just removed Internet Explorer 8 from the system in hopes it would stop the shenanigans.
 

 

Ad-Aware
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Builder 4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Photoshop Elements 7.0
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 11.6
Adobe Stock Photos 1.0
AnyDVD
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Gamer OSD
ASUS VideoSecurity Online
ATI - Software Uninstall Utility
AVG 2013
BitTorrent
Bonjour
Browser Address Error Redirector
CCleaner
CMUD 3.34
Conexant D850 56K V.9x DFVc Modem
Dell Driver Reset Tool
Dell Support Center
Dell System Restore
DellSupport
Digital Line Detect
DivX Setup
Documentation & Support Launcher
Dragon Age II
erLT
FUJIFILM USB Driver
Games, Music, & Photos Launcher
Google Chrome
Google Talk Plugin
GoToAssist 8.0.0.480
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
Intel® PRO Network Connections Drivers
Internet Service Offers Launcher
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 7 Update 9
Java Auto Updater
Java™ 6 Update 31
Logitech SetPoint 5.20
Logitech® Camera Driver
LogMeIn
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MobileMe Control Panel
Modem Diagnostic Tool
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NetWaiting
Node.js
NVIDIA Control Panel 285.58
NVIDIA Graphics Driver 285.58
NVIDIA HD Audio Driver 1.2.24.0
NVIDIA Install Application
NVIDIA nView 135.95
NVIDIA nView Desktop Manager
NVIDIA PhysX
Origin
PC Connectivity Solution
PowerDVD
QuickTime
Realtek High Definition Audio Driver
RollerCoaster Tycoon 3: Platinum!
Roxio Drag-to-Disc
Roxio MyDVD DE
Roxio Update Manager
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
SamsungConnectivityCableDriver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2675157)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Segoe UI
Sid Meier's Civilization V
Skype Click to Call
Skype™ 6.11
Sonic Activation Module
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
Steam
swMSM
The Sims™ 3
The Sims™ 3 Late Night
The Sims™ 3 Pets
Tweaking.com - Registry Backup
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User's Guides
VC80CRTRedist - 8.0.50727.4053
VLC media player 2.0.5
WebFldrs XP
Winamp
Windows Driver Package - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0)
Windows Driver Package - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinRAR archiver
WinZip 11.1
Xvid 1.1.3 final uninstall
XviD MPEG-4 Video Codec
Yahtzee Deluxe
 



#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:57 PM

Posted 05 February 2014 - 02:26 PM


Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)
  • Programs to remove

    • BitTorrent
      Browser Address Error Redirector
      Java 7 Update 9
      Java™ 6 Update 31


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Install Java:

Please go here to install Java
  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close
Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :


I see You have MBAM installed on the computer - that is great!! it is a very good program! I would like you to run a quick scan for me now
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Heavily Armed Pixie

Heavily Armed Pixie
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:57 PM

Posted 05 February 2014 - 03:45 PM

Malware bytes Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.02.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Desiree Delmastro :: NEW [administrator]

2/5/2014 2:51:28 PM
mbam-log-2014-02-05 (14-51-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 438909
Time elapsed: 50 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:43:40 PM, on 2/5/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\MUSHclient\MUSHclient.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Desiree Delmastro\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6071119
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [IERESETATTRIB] %SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\system32\ieudinit.exe -ResetFileAttributes
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Yahtzee\Images\stg_drm.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235510026328
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1235510020343
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Yahtzee\Images\armhelper.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)

--
End of file - 8624 bytes


 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users