Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 (
ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by Gladys (administrator) on TOSHIBA-USER on 08-04-2014 00:39:11
Running from C:\Documents and Settings\Gladys\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(America Online, Inc) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(America Online Inc) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Tvs\TvsTray.exe
(TOSHIBA Corp.) C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
(Viewpoint Corporation) C:\Program Files\Viewpoint\Common\ViewpointService.exe
(TOSHIBA) C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
(Microsoft Corporation) C:\windows\system32\fxssvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
() C:\Program Files\Logitech\QuickCam\Quickcam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(TOSHIBA Corporation) C:\windows\system32\TPSMain.exe
(TOSHIBA Corporation) C:\windows\system32\TDispVol.exe
(Agere Systems) C:\Program Files\ltmoh\Ltmoh.exe
() C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
(TOSHIBA Corporation) C:\windows\system32\TPSBattM.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\DLACTRLW.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\windows\system32\wuauclt.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Tvs] - C:\Program Files\Toshiba\Tvs\TvsTray.exe [73728 2005-11-30] (TOSHIBA Corporation)
HKLM\...\Run: [THotkey] - C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256 2006-01-05] (TOSHIBA)
HKLM\...\Run: [TFncKy] - C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe [188416 2005-08-16] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [122880 2005-04-26] (TOSHIBA Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [98304 2008-01-03] (Apple Computer, Inc.)
HKLM\...\Run: [NDSTray.exe] - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [978944 2005-11-02] (TOSHIBA CORPORATION)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\QuickCam\Quickcam.exe [2178832 2007-10-25] ()
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [278528 2005-05-04] (Apple Computer, Inc.)
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [TPSMain] - C:\windows\system32\TPSMain.exe [282624 2005-05-31] (TOSHIBA Corporation)
HKLM\...\Run: [TDispVol] - C:\windows\system32\TDispVol.exe [73728 2005-03-11] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPLpr] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [82009 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [LtMoh] - C:\Program Files\ltmoh\Ltmoh.exe [184320 2004-08-18] (Agere Systems)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [563984 2007-10-25] ()
HKLM\...\Run: [IPHSend] - C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [124520 2006-02-17] (America Online, Inc.)
HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2005-12-05] (Intel Corporation)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2005-11-28] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2005-11-27] (Intel Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2005-11-27] (Intel Corporation)
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [dla] - C:\WINDOWS\system32\dla\DLACTRLW.exe [122940 2005-10-06] (Sonic Solutions)
HKLM\...\Run: [Pinger] - c:\toshiba\ivp\ism\pinger.exe [151552 2005-03-17] (TOSHIBA Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [Messenger (Yahoo!)] - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-26] (Yahoo! Inc.)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2004-12-30] (TOSHIBA)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-07-05] (Google Inc.)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [Google Update] - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [135664 2010-02-13] (Google Inc.)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [ROC_ROC_APR2013_AV] - C:\Documents and Settings\Gladys\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid b01f7e0ae60447d18fd1d15a44433191-9e2a69660b66eb00ba700cc717937b94c7f3cd27 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [AVG-Secure-Search-Update_0913a] - C:\Documents and Settings\Gladys\Application Data\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid b01f7e0ae60447d18fd1d15a44433191-9e2a69660b66eb00ba700cc717937b94c7f3cd27 --CMPID 0913a
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [DriverUpdate] - C:\Program Files\DriverUpdate\DriverUpdate.exe [34138432 2014-03-19] (SlimWare Utilities, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
DPF: {3CBA13C3-58C7-47F1-9758-D4B255A50D52}
file:///D:/data/index/ses_ocx/sessearch.ocx
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://www1.snapfish.com/SnapfishActivia.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155609754781
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155609798984
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default
FF user.js: detected! => C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\user.js
FF SelectedSearchEngine: Google
FF Homepage:
www.msn.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin:
yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSWF32.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npViewpoint.dll ()
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-09-08]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2006-12-14]
FF Extension: Display TroubleShoot CPL Extension - C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\Extensions\{F92C3348-3C53-6700-6CF0-690A7D9FAACF} [2014-01-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ []
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox 3.1 Beta 1\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://
www.yahoo.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (AVG Safe Search) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-18]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-09-10]
CHR Extension: (AVG Do Not Track) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-06-06]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx [2012-04-20]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AOL TopSpeedMonitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [100016 2004-10-15] (America Online, Inc)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [327680 2005-05-04] (Apple Computer, Inc.)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation )
R2 Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [40960 2005-07-12] ()
R2 TAPPSRV; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [35328 2005-12-20] (TOSHIBA Corp.)
R2 Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation)
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [21275 2006-08-12] (Meetinghouse Data Communications)
R2 ASCTRM; C:\windows\system32\Drivers\ASCTRM.sys [8552 2006-02-16] (Windows (R) 2000 DDK provider)
R3 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 DLABOIOM; C:\windows\System32\DLA\DLABOIOM.SYS [25628 2005-10-06] (Sonic Solutions)
R1 DLACDBHM; C:\windows\System32\Drivers\DLACDBHM.SYS [5628 2005-08-25] (Sonic Solutions)
R2 DLADResN; C:\windows\System32\DLA\DLADResN.SYS [2496 2005-10-06] (Sonic Solutions)
R2 DLAIFS_M; C:\windows\System32\DLA\DLAIFS_M.SYS [86524 2005-10-06] (Sonic Solutions)
R2 DLAOPIOM; C:\windows\System32\DLA\DLAOPIOM.SYS [14684 2005-10-06] (Sonic Solutions)
R2 DLAPoolM; C:\windows\System32\DLA\DLAPoolM.SYS [6364 2005-10-06] (Sonic Solutions)
R1 DLARTL_N; C:\windows\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions)
R2 DLAUDFAM; C:\windows\System32\DLA\DLAUDFAM.SYS [94332 2005-10-06] (Sonic Solutions)
R2 DLAUDF_M; C:\windows\System32\DLA\DLAUDF_M.SYS [87036 2005-10-06] (Sonic Solutions)
R2 DRVNDDM; C:\windows\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions)
S3 FilterService; C:\windows\System32\DRIVERS\lvuvcflt.sys [23832 2007-10-11] (Logitech Inc.)
R3 Iviaspi; C:\windows\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.)
S3 LVcKap; C:\windows\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\windows\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\windows\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\windows\System32\drivers\LVUSBSta.sys [41752 2007-10-11] (Logitech Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-08] (Malwarebytes Corporation)
R2 MCSTRM; C:\windows\system32\Drivers\MCSTRM.sys [8413 2006-12-11] (RealNetworks, Inc.)
R1 meiudf; C:\windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
R3 Pfc; C:\windows\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.)
R2 s24trans; C:\windows\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation)
R3 tbiosdrv; C:\windows\System32\DRIVERS\tbiosdrv.sys [9472 2005-08-24] ()
R3 TVALD; C:\windows\System32\DRIVERS\NBSMI.sys [6144 2005-10-20] (Toshiba Corporation)
R3 Tvs; C:\windows\System32\DRIVERS\Tvs.sys [43392 2005-11-30] (TOSHIBA Corporation)
R3 w39n51; C:\windows\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
S3 wanatw; C:\windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
2014-04-08 00:39 - 2014-04-08 00:42 - 00027443 _____ () C:\Documents and Settings\Gladys\Desktop\FRST.txt
2014-04-08 00:37 - 2014-04-08 00:39 - 00000000 ____D () C:\FRST
2014-04-08 00:36 - 2014-04-08 00:35 - 01145856 _____ (Farbar) C:\Documents and Settings\Gladys\Desktop\FRST.exe
2014-04-07 23:25 - 2014-04-07 23:25 - 00000000 ____D () C:\windows\LastGood
2014-04-03 23:16 - 2014-04-03 23:16 - 00001290 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_SC_04032014_231645.txt
2014-04-03 23:11 - 2011-02-18 15:26 - 00001878 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-04-03 23:11 - 2011-02-13 00:47 - 00001583 _____ () C:\Documents and Settings\All Users\Desktop\AIM.lnk
2014-04-03 23:11 - 2010-09-24 12:02 - 00001975 _____ () C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
2014-04-03 23:11 - 2010-08-07 16:02 - 00000707 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
2014-04-03 23:11 - 2009-05-28 13:13 - 00000823 _____ () C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
2014-04-03 23:11 - 2008-11-23 18:33 - 00001716 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.1 Beta 1.lnk
2014-04-03 23:11 - 2008-09-06 22:26 - 00001574 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-04-03 23:11 - 2008-07-21 23:17 - 00001751 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
2014-04-03 23:11 - 2008-04-14 14:08 - 00001792 _____ () C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
2014-04-03 23:11 - 2008-01-03 00:20 - 00001625 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-04-03 23:11 - 2008-01-03 00:20 - 00000735 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-04-03 23:11 - 2007-11-29 21:12 - 00001598 _____ () C:\Documents and Settings\All Users\Desktop\Convert with deskPDF.lnk
2014-04-03 23:11 - 2007-11-11 23:53 - 00001975 _____ () C:\Documents and Settings\All Users\Desktop\Norton SystemWorks.lnk
2014-04-03 23:11 - 2007-08-25 14:39 - 00001868 _____ () C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
2014-04-03 23:11 - 2006-08-17 21:01 - 00001891 _____ () C:\Documents and Settings\All Users\Desktop\AIM Triton.lnk
2014-04-03 23:11 - 2006-06-05 20:37 - 00001668 _____ () C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD.lnk
2014-04-03 23:11 - 2006-02-15 09:46 - 00001533 _____ () C:\Documents and Settings\All Users\Desktop\TOSHIBA Assist.lnk
2014-04-03 23:11 - 2006-02-15 08:39 - 00001515 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-04-03 23:11 - 2006-02-15 08:39 - 00000398 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
2014-04-03 23:11 - 2006-02-15 08:37 - 00000794 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2014-04-03 23:11 - 2006-02-15 08:35 - 00000609 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2014-04-03 23:11 - 2005-04-05 14:22 - 00000664 _____ () C:\Documents and Settings\All Users\Desktop\Recovery Disc Creator (Express Media Player).lnk
2014-04-03 23:11 - 2004-08-25 17:22 - 00007639 _____ () C:\Documents and Settings\All Users\Desktop\Bluetooth Stack Installation Guide.txt
2014-04-03 23:11 - 2002-10-29 14:11 - 00000405 _____ () C:\Documents and Settings\All Users\Desktop\User's Guide.lnk
2014-04-03 23:10 - 2005-04-05 14:22 - 00000664 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Recovery Disc Creator (Express Media Player).lnk
2014-04-03 23:09 - 2008-07-21 23:17 - 00001810 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
2014-04-03 23:09 - 2006-02-18 08:25 - 00001477 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Media Center.lnk
2014-04-03 23:09 - 2006-02-16 02:56 - 00000697 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\America Online 9.0.lnk
2014-04-03 23:08 - 2007-11-11 23:53 - 00001975 _____ () C:\Documents and Settings\All Users\Start Menu\Norton SystemWorks.lnk
2014-04-03 23:08 - 2006-08-14 19:43 - 00001577 _____ () C:\Documents and Settings\All Users\Start Menu\Microsoft Update.lnk
2014-04-03 23:00 - 2014-04-03 23:00 - 00001760 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_D_04032014_230039.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001713 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_193212.txt
2014-04-03 02:35 - 2014-04-03 02:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2014-04-03 02:34 - 2014-04-03 02:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-03 01:03 - 2014-04-03 19:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-04-03 00:57 - 2014-04-03 00:57 - 00000955 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_005730.txt
2014-04-02 22:42 - 2014-04-04 01:14 - 00000000 ____D () C:\Documents and Settings\Gladys\Desktop\RK_Quarantine
2014-04-02 00:07 - 2014-04-08 00:07 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 00:05 - 2014-04-08 00:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-02 00:04 - 2014-04-08 00:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-02 00:04 - 2014-04-03 09:51 - 00050648 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-27 01:30 - 2014-03-27 01:30 - 00000000 ____D () C:\Documents and Settings\Gladys\Local Settings\Application Data\SlimWare Utilities Inc
2014-03-27 00:41 - 2014-03-27 00:41 - 00001856 _____ () C:\Documents and Settings\All Users\Desktop\DriverUpdate.lnk
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DriverUpdate
2014-03-27 00:40 - 2014-03-27 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\Downloaded Installers
2014-03-12 01:21 - 2014-03-12 01:25 - 00013350 _____ () C:\windows\KB2925418-IE8.log
2014-03-12 01:20 - 2014-03-12 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB2929961$
2014-03-12 01:19 - 2014-03-12 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB2930275$
2014-03-11 23:42 - 2014-03-12 01:21 - 00012343 _____ () C:\windows\KB2929961.log
2014-03-11 23:41 - 2014-03-12 01:20 - 00013708 _____ () C:\windows\KB2930275.log
2014-03-09 19:02 - 2014-04-07 23:15 - 00000224 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-09 19:02 - 2014-03-10 20:12 - 00000218 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
==================== One Month Modified Files and Folders =======
2014-04-08 00:42 - 2014-04-08 00:39 - 00027443 _____ () C:\Documents and Settings\Gladys\Desktop\FRST.txt
2014-04-08 00:39 - 2014-04-08 00:37 - 00000000 ____D () C:\FRST
2014-04-08 00:35 - 2014-04-08 00:36 - 01145856 _____ (Farbar) C:\Documents and Settings\Gladys\Desktop\FRST.exe
2014-04-08 00:07 - 2014-04-02 00:07 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 00:04 - 2014-04-02 00:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-08 00:04 - 2014-04-02 00:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-07 23:53 - 2010-02-13 16:43 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 23:46 - 2010-02-13 18:21 - 00000982 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3633264511-1396050676-896409009-1006UA.job
2014-04-07 23:25 - 2014-04-07 23:25 - 00000000 ____D () C:\windows\LastGood
2014-04-07 23:25 - 2006-02-15 08:37 - 01734880 _____ () C:\windows\WindowsUpdate.log
2014-04-07 23:23 - 2011-03-14 20:48 - 00696848 _____ () C:\windows\setupapi.log
2014-04-07 23:23 - 2006-02-15 08:35 - 00000000 ____D () C:\windows\Registration
2014-04-07 23:18 - 2006-02-15 00:32 - 00000159 _____ () C:\windows\wiadebug.log
2014-04-07 23:17 - 2006-02-15 00:32 - 00000048 _____ () C:\windows\wiaservc.log
2014-04-07 23:15 - 2014-03-09 19:02 - 00000224 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-04-07 23:15 - 2010-02-13 16:43 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 23:15 - 2006-02-15 08:42 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-07 23:14 - 2006-02-16 03:18 - 00000000 ____D () C:\windows\system32\DLA
2014-04-07 23:08 - 2006-02-15 08:42 - 00032390 _____ () C:\windows\SchedLgU.Txt
2014-04-07 23:07 - 2006-08-14 19:23 - 00000278 ___SH () C:\Documents and Settings\Gladys\ntuser.ini
2014-04-07 18:46 - 2010-02-13 18:21 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3633264511-1396050676-896409009-1006Core.job
2014-04-07 18:02 - 2011-07-16 17:25 - 00000000 ____D () C:\windows\system32\Drivers\AVG
2014-04-05 23:27 - 2006-12-12 00:28 - 00000000 ____D () C:\Documents and Settings\Gladys\Application Data\Skype
2014-04-05 21:43 - 2011-07-10 13:58 - 00001908 _____ () C:\windows\diagwrn.xml
2014-04-05 21:43 - 2011-07-10 13:58 - 00001908 _____ () C:\windows\diagerr.xml
2014-04-05 21:43 - 2006-02-15 00:29 - 00000611 _____ () C:\windows\setupact.log
2014-04-05 21:36 - 2006-02-15 00:29 - 00000000 _____ () C:\windows\setuperr.log
2014-04-04 01:14 - 2014-04-02 22:42 - 00000000 ____D () C:\Documents and Settings\Gladys\Desktop\RK_Quarantine
2014-04-03 23:26 - 2006-09-19 14:10 - 00000000 ____D () C:\Gladys
2014-04-03 23:16 - 2014-04-03 23:16 - 00001290 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_SC_04032014_231645.txt
2014-04-03 23:11 - 2009-05-28 13:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
2014-04-03 23:11 - 2008-05-16 23:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live
2014-04-03 23:10 - 2006-02-16 02:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-04-03 23:10 - 2006-02-16 02:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TOSHIBA Applications
2014-04-03 23:10 - 2006-02-15 08:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
2014-04-03 23:09 - 2008-08-23 23:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2014-04-03 23:09 - 2008-04-14 14:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
2014-04-03 23:09 - 2008-01-03 00:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-04-03 23:09 - 2006-08-17 21:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AIM
2014-04-03 23:09 - 2006-08-12 16:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless
2014-04-03 23:09 - 2006-06-05 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\InterVideo WinDVD
2014-04-03 23:09 - 2006-02-16 03:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works
2014-04-03 23:09 - 2006-02-16 02:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\America Online
2014-04-03 23:09 - 2006-02-16 02:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\InterVideo WinDVD Creator 2
2014-04-03 23:09 - 2006-02-15 08:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
2014-04-03 23:09 - 2006-02-15 08:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-04-03 23:09 - 2006-02-15 08:33 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-04-03 23:00 - 2014-04-03 23:00 - 00001760 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_D_04032014_230039.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001713 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_193212.txt
2014-04-03 19:19 - 2014-04-03 01:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-04-03 09:51 - 2014-04-02 00:04 - 00050648 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2010-08-07 16:02 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-03 02:37 - 2014-04-03 02:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2014-04-03 02:34 - 2014-04-03 02:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-03 00:57 - 2014-04-03 00:57 - 00000955 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_005730.txt
2014-04-02 21:35 - 2006-02-15 08:59 - 00000000 __HDC () C:\windows\$NtUninstallKB905749$
2014-04-02 00:05 - 2010-08-07 16:03 - 00000000 ____D () C:\Documents and Settings\Gladys\Application Data\Malwarebytes
2014-04-02 00:05 - 2010-08-07 16:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-03-31 03:04 - 2006-08-14 19:23 - 00000000 ____D () C:\Documents and Settings\Gladys
2014-03-29 20:26 - 2006-08-14 19:23 - 00000000 ____D () C:\Documents and Settings\Gladys\Local Settings\Application Data\Google
2014-03-27 01:30 - 2014-03-27 01:30 - 00000000 ____D () C:\Documents and Settings\Gladys\Local Settings\Application Data\SlimWare Utilities Inc
2014-03-27 00:41 - 2014-03-27 00:41 - 00001856 _____ () C:\Documents and Settings\All Users\Desktop\DriverUpdate.lnk
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DriverUpdate
2014-03-27 00:40 - 2014-03-27 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\Downloaded Installers
2014-03-22 23:49 - 2006-02-15 07:04 - 00001158 _____ () C:\windows\system32\wpa.dbl
2014-03-19 03:13 - 2013-07-17 22:20 - 00000000 ____D () C:\windows\system32\MRT
2014-03-19 02:51 - 2006-08-14 19:58 - 87350280 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-15 19:21 - 2010-04-21 22:40 - 00002304 _____ () C:\Documents and Settings\Gladys\Desktop\Google Chrome.lnk
2014-03-12 17:47 - 2006-02-15 00:29 - 00229592 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-12 01:25 - 2014-03-12 01:21 - 00013350 _____ () C:\windows\KB2925418-IE8.log
2014-03-12 01:25 - 2006-02-15 00:30 - 03382758 _____ () C:\windows\FaxSetup.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01683118 _____ () C:\windows\iis6.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01622419 _____ () C:\windows\ocgen.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01549021 _____ () C:\windows\tsoc.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01041598 _____ () C:\windows\msmqinst.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00668748 _____ () C:\windows\ntdtcsetup.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00605606 _____ () C:\windows\netfxocm.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00384285 _____ () C:\windows\MedCtrOC.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00381287 _____ () C:\windows\plusoc.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00186103 _____ () C:\windows\ehOCGen.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00182369 _____ () C:\windows\ocmsn.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00170284 _____ () C:\windows\tabletoc.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00169072 _____ () C:\windows\msgsocm.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00055187 _____ () C:\windows\comsetup.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00001374 _____ () C:\windows\imsins.log
2014-03-12 01:24 - 2006-02-15 08:59 - 00497154 _____ () C:\windows\updspapi.log
2014-03-12 01:23 - 2012-02-18 04:10 - 00000000 ____D () C:\windows\ie8updates
2014-03-12 01:21 - 2014-03-11 23:42 - 00012343 _____ () C:\windows\KB2929961.log
2014-03-12 01:21 - 2006-02-15 00:30 - 00001374 _____ () C:\windows\imsins.BAK
2014-03-12 01:20 - 2014-03-12 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB2929961$
2014-03-12 01:20 - 2014-03-11 23:41 - 00013708 _____ () C:\windows\KB2930275.log
2014-03-12 01:19 - 2014-03-12 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB2930275$
2014-03-10 20:12 - 2014-03-09 19:02 - 00000218 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-09 19:11 - 2006-02-15 00:30 - 00528976 _____ () C:\windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Documents and Settings\Gladys\Local Settings\Temp\converter.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\msgup900_2162_us.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ntdll_dump.dll
C:\Documents and Settings\Gladys\Local Settings\Temp\quickcamenu.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\SkypeSetupFull(6.1.73.129)(Trackable457)trackable.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\svruninstall.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\SymLCSVC.EXE
C:\Documents and Settings\Gladys\Local Settings\Temp\yahoo_toolbar_install_helper.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ymsgr_inst.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ytb_7.2.5.15_1.6.6_ysp_1.2.8_mail_bts_pub_us_setup_.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ywiseext.dll
C:\Documents and Settings\Gladys\Local Settings\Temp\_is30.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\_is33.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================