Already scanned with Malwarebytes, Hitman Pro and RogueKiller but file names still missing

[sophis]

Hi,
I've followed the guide http://malwaretips.com/blogs/file-recovery-virus/ from Malwarebytes to RogueKiller but the shortcuts haven't been restored in my folder. Please help. Thanks.

 

[TwinHeadedEagle]

Hi,



Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Check Shortcut.txt
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[sophis]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by Gladys (administrator) on TOSHIBA-USER on 08-04-2014 00:39:11
Running from C:\Documents and Settings\Gladys\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(America Online, Inc) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(America Online Inc) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Tvs\TvsTray.exe
(TOSHIBA Corp.) C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
(Viewpoint Corporation) C:\Program Files\Viewpoint\Common\ViewpointService.exe
(TOSHIBA) C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
(Microsoft Corporation) C:\windows\system32\fxssvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
() C:\Program Files\Logitech\QuickCam\Quickcam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(TOSHIBA Corporation) C:\windows\system32\TPSMain.exe
(TOSHIBA Corporation) C:\windows\system32\TDispVol.exe
(Agere Systems) C:\Program Files\ltmoh\Ltmoh.exe
() C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
(TOSHIBA Corporation) C:\windows\system32\TPSBattM.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\DLACTRLW.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\windows\system32\wuauclt.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMASST.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Tvs] - C:\Program Files\Toshiba\Tvs\TvsTray.exe [73728 2005-11-30] (TOSHIBA Corporation)
HKLM\...\Run: [THotkey] - C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256 2006-01-05] (TOSHIBA)
HKLM\...\Run: [TFncKy] - C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe [188416 2005-08-16] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [122880 2005-04-26] (TOSHIBA Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [98304 2008-01-03] (Apple Computer, Inc.)
HKLM\...\Run: [NDSTray.exe] - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [978944 2005-11-02] (TOSHIBA CORPORATION)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\QuickCam\Quickcam.exe [2178832 2007-10-25] ()
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [278528 2005-05-04] (Apple Computer, Inc.)
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [TPSMain] - C:\windows\system32\TPSMain.exe [282624 2005-05-31] (TOSHIBA Corporation)
HKLM\...\Run: [TDispVol] - C:\windows\system32\TDispVol.exe [73728 2005-03-11] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPLpr] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [82009 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [LtMoh] - C:\Program Files\ltmoh\Ltmoh.exe [184320 2004-08-18] (Agere Systems)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [563984 2007-10-25] ()
HKLM\...\Run: [IPHSend] - C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [124520 2006-02-17] (America Online, Inc.)
HKLM\...\Run: [IntelZeroConfig] - C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2005-12-05] (Intel Corporation)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2005-11-28] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2005-11-27] (Intel Corporation)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2005-11-27] (Intel Corporation)
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [dla] - C:\WINDOWS\system32\dla\DLACTRLW.exe [122940 2005-10-06] (Sonic Solutions)
HKLM\...\Run: [Pinger] - c:\toshiba\ivp\ism\pinger.exe [151552 2005-03-17] (TOSHIBA Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [Messenger (Yahoo!)] - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-26] (Yahoo! Inc.)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2004-12-30] (TOSHIBA)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-07-05] (Google Inc.)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [Google Update] - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [135664 2010-02-13] (Google Inc.)
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [ROC_ROC_APR2013_AV] - C:\Documents and Settings\Gladys\Application Data\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid b01f7e0ae60447d18fd1d15a44433191-9e2a69660b66eb00ba700cc717937b94c7f3cd27 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [AVG-Secure-Search-Update_0913a] - C:\Documents and Settings\Gladys\Application Data\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid b01f7e0ae60447d18fd1d15a44433191-9e2a69660b66eb00ba700cc717937b94c7f3cd27 --CMPID 0913a
HKU\S-1-5-21-3633264511-1396050676-896409009-1006\...\Run: [DriverUpdate] - C:\Program Files\DriverUpdate\DriverUpdate.exe [34138432 2014-03-19] (SlimWare Utilities, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk
ShortcutTarget: RAMASST.lnk -> C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - No Name - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
DPF: {3CBA13C3-58C7-47F1-9758-D4B255A50D52} file:///D:/data/index/ses_ocx/sessearch.ocx
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish.com/SnapfishActivia.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155609754781
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155609798984
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default
FF user.js: detected! => C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: www.msn.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.2 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSWF32.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npViewpoint.dll ()
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-09-08]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2006-12-14]
FF Extension: Display TroubleShoot CPL Extension - C:\Documents and Settings\Gladys\Application Data\Mozilla\Firefox\Profiles\81dzzj4d.default\Extensions\{F92C3348-3C53-6700-6CF0-690A7D9FAACF} [2014-01-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ []
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox 3.1 Beta 1\firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.yahoo.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (AVG Safe Search) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-18]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-09-10]
CHR Extension: (AVG Do Not Track) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-06-06]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx [2012-04-20]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
R2 AOL TopSpeedMonitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [100016 2004-10-15] (America Online, Inc)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [327680 2005-05-04] (Apple Computer, Inc.)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2007-10-19] (Logitech Inc.)
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-10-19] (Logitech Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation )
R2 Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [40960 2005-07-12] ()
R2 TAPPSRV; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [35328 2005-12-20] (TOSHIBA Corp.)
R2 Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation)
==================== Drivers (Whitelisted) ====================
R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [21275 2006-08-12] (Meetinghouse Data Communications)
R2 ASCTRM; C:\windows\system32\Drivers\ASCTRM.sys [8552 2006-02-16] (Windows (R) 2000 DDK provider)
R3 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 DLABOIOM; C:\windows\System32\DLA\DLABOIOM.SYS [25628 2005-10-06] (Sonic Solutions)
R1 DLACDBHM; C:\windows\System32\Drivers\DLACDBHM.SYS [5628 2005-08-25] (Sonic Solutions)
R2 DLADResN; C:\windows\System32\DLA\DLADResN.SYS [2496 2005-10-06] (Sonic Solutions)
R2 DLAIFS_M; C:\windows\System32\DLA\DLAIFS_M.SYS [86524 2005-10-06] (Sonic Solutions)
R2 DLAOPIOM; C:\windows\System32\DLA\DLAOPIOM.SYS [14684 2005-10-06] (Sonic Solutions)
R2 DLAPoolM; C:\windows\System32\DLA\DLAPoolM.SYS [6364 2005-10-06] (Sonic Solutions)
R1 DLARTL_N; C:\windows\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions)
R2 DLAUDFAM; C:\windows\System32\DLA\DLAUDFAM.SYS [94332 2005-10-06] (Sonic Solutions)
R2 DLAUDF_M; C:\windows\System32\DLA\DLAUDF_M.SYS [87036 2005-10-06] (Sonic Solutions)
R2 DRVNDDM; C:\windows\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions)
S3 FilterService; C:\windows\System32\DRIVERS\lvuvcflt.sys [23832 2007-10-11] (Logitech Inc.)
R3 Iviaspi; C:\windows\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.)
S3 LVcKap; C:\windows\System32\DRIVERS\LVcKap.sys [2109976 2007-10-19] (Logitech Inc.)
S3 LVMVDrv; C:\windows\System32\DRIVERS\LVMVDrv.sys [2142488 2007-10-11] (Logitech Inc.)
R3 LVPr2Mon; C:\windows\System32\DRIVERS\LVPr2Mon.sys [25624 2007-10-11] ()
S3 LVUSBSta; C:\windows\System32\drivers\LVUSBSta.sys [41752 2007-10-11] (Logitech Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-08] (Malwarebytes Corporation)
R2 MCSTRM; C:\windows\system32\Drivers\MCSTRM.sys [8413 2006-12-11] (RealNetworks, Inc.)
R1 meiudf; C:\windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
R3 Pfc; C:\windows\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.)
R2 s24trans; C:\windows\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation)
R3 tbiosdrv; C:\windows\System32\DRIVERS\tbiosdrv.sys [9472 2005-08-24] ()
R3 TVALD; C:\windows\System32\DRIVERS\NBSMI.sys [6144 2005-10-20] (Toshiba Corporation)
R3 Tvs; C:\windows\System32\DRIVERS\Tvs.sys [43392 2005-11-30] (TOSHIBA Corporation)
R3 w39n51; C:\windows\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
S3 wanatw; C:\windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SymIM; system32\DRIVERS\SymIM.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
2014-04-08 00:39 - 2014-04-08 00:42 - 00027443 _____ () C:\Documents and Settings\Gladys\Desktop\FRST.txt
2014-04-08 00:37 - 2014-04-08 00:39 - 00000000 ____D () C:\FRST
2014-04-08 00:36 - 2014-04-08 00:35 - 01145856 _____ (Farbar) C:\Documents and Settings\Gladys\Desktop\FRST.exe
2014-04-07 23:25 - 2014-04-07 23:25 - 00000000 ____D () C:\windows\LastGood
2014-04-03 23:16 - 2014-04-03 23:16 - 00001290 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_SC_04032014_231645.txt
2014-04-03 23:11 - 2011-02-18 15:26 - 00001878 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-04-03 23:11 - 2011-02-13 00:47 - 00001583 _____ () C:\Documents and Settings\All Users\Desktop\AIM.lnk
2014-04-03 23:11 - 2010-09-24 12:02 - 00001975 _____ () C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
2014-04-03 23:11 - 2010-08-07 16:02 - 00000707 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
2014-04-03 23:11 - 2009-05-28 13:13 - 00000823 _____ () C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
2014-04-03 23:11 - 2008-11-23 18:33 - 00001716 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.1 Beta 1.lnk
2014-04-03 23:11 - 2008-09-06 22:26 - 00001574 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-04-03 23:11 - 2008-07-21 23:17 - 00001751 _____ () C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
2014-04-03 23:11 - 2008-04-14 14:08 - 00001792 _____ () C:\Documents and Settings\All Users\Desktop\Logitech QuickCam.lnk
2014-04-03 23:11 - 2008-01-03 00:20 - 00001625 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-04-03 23:11 - 2008-01-03 00:20 - 00000735 _____ () C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
2014-04-03 23:11 - 2007-11-29 21:12 - 00001598 _____ () C:\Documents and Settings\All Users\Desktop\Convert with deskPDF.lnk
2014-04-03 23:11 - 2007-11-11 23:53 - 00001975 _____ () C:\Documents and Settings\All Users\Desktop\Norton SystemWorks.lnk
2014-04-03 23:11 - 2007-08-25 14:39 - 00001868 _____ () C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
2014-04-03 23:11 - 2006-08-17 21:01 - 00001891 _____ () C:\Documents and Settings\All Users\Desktop\AIM Triton.lnk
2014-04-03 23:11 - 2006-06-05 20:37 - 00001668 _____ () C:\Documents and Settings\All Users\Desktop\InterVideo WinDVD.lnk
2014-04-03 23:11 - 2006-02-15 09:46 - 00001533 _____ () C:\Documents and Settings\All Users\Desktop\TOSHIBA Assist.lnk
2014-04-03 23:11 - 2006-02-15 08:39 - 00001515 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-04-03 23:11 - 2006-02-15 08:39 - 00000398 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
2014-04-03 23:11 - 2006-02-15 08:37 - 00000794 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2014-04-03 23:11 - 2006-02-15 08:35 - 00000609 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2014-04-03 23:11 - 2005-04-05 14:22 - 00000664 _____ () C:\Documents and Settings\All Users\Desktop\Recovery Disc Creator (Express Media Player).lnk
2014-04-03 23:11 - 2004-08-25 17:22 - 00007639 _____ () C:\Documents and Settings\All Users\Desktop\Bluetooth Stack Installation Guide.txt
2014-04-03 23:11 - 2002-10-29 14:11 - 00000405 _____ () C:\Documents and Settings\All Users\Desktop\User's Guide.lnk
2014-04-03 23:10 - 2005-04-05 14:22 - 00000664 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Recovery Disc Creator (Express Media Player).lnk
2014-04-03 23:09 - 2008-07-21 23:17 - 00001810 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
2014-04-03 23:09 - 2006-02-18 08:25 - 00001477 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Media Center.lnk
2014-04-03 23:09 - 2006-02-16 02:56 - 00000697 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\America Online 9.0.lnk
2014-04-03 23:08 - 2007-11-11 23:53 - 00001975 _____ () C:\Documents and Settings\All Users\Start Menu\Norton SystemWorks.lnk
2014-04-03 23:08 - 2006-08-14 19:43 - 00001577 _____ () C:\Documents and Settings\All Users\Start Menu\Microsoft Update.lnk
2014-04-03 23:00 - 2014-04-03 23:00 - 00001760 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_D_04032014_230039.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001713 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_193212.txt
2014-04-03 02:35 - 2014-04-03 02:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2014-04-03 02:34 - 2014-04-03 02:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-03 01:03 - 2014-04-03 19:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-04-03 00:57 - 2014-04-03 00:57 - 00000955 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_005730.txt
2014-04-02 22:42 - 2014-04-04 01:14 - 00000000 ____D () C:\Documents and Settings\Gladys\Desktop\RK_Quarantine
2014-04-02 00:07 - 2014-04-08 00:07 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 00:05 - 2014-04-08 00:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-02 00:04 - 2014-04-08 00:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-02 00:04 - 2014-04-03 09:51 - 00050648 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-03-27 01:30 - 2014-03-27 01:30 - 00000000 ____D () C:\Documents and Settings\Gladys\Local Settings\Application Data\SlimWare Utilities Inc
2014-03-27 00:41 - 2014-03-27 00:41 - 00001856 _____ () C:\Documents and Settings\All Users\Desktop\DriverUpdate.lnk
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DriverUpdate
2014-03-27 00:40 - 2014-03-27 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\Downloaded Installers
2014-03-12 01:21 - 2014-03-12 01:25 - 00013350 _____ () C:\windows\KB2925418-IE8.log
2014-03-12 01:20 - 2014-03-12 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB2929961$
2014-03-12 01:19 - 2014-03-12 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB2930275$
2014-03-11 23:42 - 2014-03-12 01:21 - 00012343 _____ () C:\windows\KB2929961.log
2014-03-11 23:41 - 2014-03-12 01:20 - 00013708 _____ () C:\windows\KB2930275.log
2014-03-09 19:02 - 2014-04-07 23:15 - 00000224 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-03-09 19:02 - 2014-03-10 20:12 - 00000218 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
==================== One Month Modified Files and Folders =======
2014-04-08 00:42 - 2014-04-08 00:39 - 00027443 _____ () C:\Documents and Settings\Gladys\Desktop\FRST.txt
2014-04-08 00:39 - 2014-04-08 00:37 - 00000000 ____D () C:\FRST
2014-04-08 00:35 - 2014-04-08 00:36 - 01145856 _____ (Farbar) C:\Documents and Settings\Gladys\Desktop\FRST.exe
2014-04-08 00:07 - 2014-04-02 00:07 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 00:04 - 2014-04-02 00:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-08 00:04 - 2014-04-02 00:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-07 23:53 - 2010-02-13 16:43 - 00000886 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 23:46 - 2010-02-13 18:21 - 00000982 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3633264511-1396050676-896409009-1006UA.job
2014-04-07 23:25 - 2014-04-07 23:25 - 00000000 ____D () C:\windows\LastGood
2014-04-07 23:25 - 2006-02-15 08:37 - 01734880 _____ () C:\windows\WindowsUpdate.log
2014-04-07 23:23 - 2011-03-14 20:48 - 00696848 _____ () C:\windows\setupapi.log
2014-04-07 23:23 - 2006-02-15 08:35 - 00000000 ____D () C:\windows\Registration
2014-04-07 23:18 - 2006-02-15 00:32 - 00000159 _____ () C:\windows\wiadebug.log
2014-04-07 23:17 - 2006-02-15 00:32 - 00000048 _____ () C:\windows\wiaservc.log
2014-04-07 23:15 - 2014-03-09 19:02 - 00000224 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-04-07 23:15 - 2010-02-13 16:43 - 00000882 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 23:15 - 2006-02-15 08:42 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-07 23:14 - 2006-02-16 03:18 - 00000000 ____D () C:\windows\system32\DLA
2014-04-07 23:08 - 2006-02-15 08:42 - 00032390 _____ () C:\windows\SchedLgU.Txt
2014-04-07 23:07 - 2006-08-14 19:23 - 00000278 ___SH () C:\Documents and Settings\Gladys\ntuser.ini
2014-04-07 18:46 - 2010-02-13 18:21 - 00000930 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3633264511-1396050676-896409009-1006Core.job
2014-04-07 18:02 - 2011-07-16 17:25 - 00000000 ____D () C:\windows\system32\Drivers\AVG
2014-04-05 23:27 - 2006-12-12 00:28 - 00000000 ____D () C:\Documents and Settings\Gladys\Application Data\Skype
2014-04-05 21:43 - 2011-07-10 13:58 - 00001908 _____ () C:\windows\diagwrn.xml
2014-04-05 21:43 - 2011-07-10 13:58 - 00001908 _____ () C:\windows\diagerr.xml
2014-04-05 21:43 - 2006-02-15 00:29 - 00000611 _____ () C:\windows\setupact.log
2014-04-05 21:36 - 2006-02-15 00:29 - 00000000 _____ () C:\windows\setuperr.log
2014-04-04 01:14 - 2014-04-02 22:42 - 00000000 ____D () C:\Documents and Settings\Gladys\Desktop\RK_Quarantine
2014-04-03 23:26 - 2006-09-19 14:10 - 00000000 ____D () C:\Gladys
2014-04-03 23:16 - 2014-04-03 23:16 - 00001290 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_SC_04032014_231645.txt
2014-04-03 23:11 - 2009-05-28 13:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Yahoo! Messenger
2014-04-03 23:11 - 2008-05-16 23:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Live
2014-04-03 23:10 - 2006-02-16 02:56 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-04-03 23:10 - 2006-02-16 02:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TOSHIBA Applications
2014-04-03 23:10 - 2006-02-15 08:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
2014-04-03 23:09 - 2008-08-23 23:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
2014-04-03 23:09 - 2008-04-14 14:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
2014-04-03 23:09 - 2008-01-03 00:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-04-03 23:09 - 2006-08-17 21:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AIM
2014-04-03 23:09 - 2006-08-12 16:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless
2014-04-03 23:09 - 2006-06-05 20:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\InterVideo WinDVD
2014-04-03 23:09 - 2006-02-16 03:40 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works
2014-04-03 23:09 - 2006-02-16 02:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\America Online
2014-04-03 23:09 - 2006-02-16 02:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\InterVideo WinDVD Creator 2
2014-04-03 23:09 - 2006-02-15 08:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
2014-04-03 23:09 - 2006-02-15 08:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-04-03 23:09 - 2006-02-15 08:33 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-04-03 23:00 - 2014-04-03 23:00 - 00001760 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_D_04032014_230039.txt
2014-04-03 19:32 - 2014-04-03 19:32 - 00001713 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_193212.txt
2014-04-03 19:19 - 2014-04-03 01:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-04-03 09:51 - 2014-04-02 00:04 - 00050648 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2010-08-07 16:02 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-03 02:37 - 2014-04-03 02:35 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2014-04-03 02:34 - 2014-04-03 02:34 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-03 00:57 - 2014-04-03 00:57 - 00000955 _____ () C:\Documents and Settings\Gladys\Desktop\RKreport[0]_S_04032014_005730.txt
2014-04-02 21:35 - 2006-02-15 08:59 - 00000000 __HDC () C:\windows\$NtUninstallKB905749$
2014-04-02 00:05 - 2010-08-07 16:03 - 00000000 ____D () C:\Documents and Settings\Gladys\Application Data\Malwarebytes
2014-04-02 00:05 - 2010-08-07 16:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-03-31 03:04 - 2006-08-14 19:23 - 00000000 ____D () C:\Documents and Settings\Gladys
2014-03-29 20:26 - 2006-08-14 19:23 - 00000000 ____D () C:\Documents and Settings\Gladys\Local Settings\Application Data\Google
2014-03-27 01:30 - 2014-03-27 01:30 - 00000000 ____D () C:\Documents and Settings\Gladys\Local Settings\Application Data\SlimWare Utilities Inc
2014-03-27 00:41 - 2014-03-27 00:41 - 00001856 _____ () C:\Documents and Settings\All Users\Desktop\DriverUpdate.lnk
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Program Files\DriverUpdate
2014-03-27 00:41 - 2014-03-27 00:41 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DriverUpdate
2014-03-27 00:40 - 2014-03-27 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Documents\Downloaded Installers
2014-03-22 23:49 - 2006-02-15 07:04 - 00001158 _____ () C:\windows\system32\wpa.dbl
2014-03-19 03:13 - 2013-07-17 22:20 - 00000000 ____D () C:\windows\system32\MRT
2014-03-19 02:51 - 2006-08-14 19:58 - 87350280 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-03-15 19:21 - 2010-04-21 22:40 - 00002304 _____ () C:\Documents and Settings\Gladys\Desktop\Google Chrome.lnk
2014-03-12 17:47 - 2006-02-15 00:29 - 00229592 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-12 01:25 - 2014-03-12 01:21 - 00013350 _____ () C:\windows\KB2925418-IE8.log
2014-03-12 01:25 - 2006-02-15 00:30 - 03382758 _____ () C:\windows\FaxSetup.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01683118 _____ () C:\windows\iis6.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01622419 _____ () C:\windows\ocgen.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01549021 _____ () C:\windows\tsoc.log
2014-03-12 01:25 - 2006-02-15 00:30 - 01041598 _____ () C:\windows\msmqinst.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00668748 _____ () C:\windows\ntdtcsetup.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00605606 _____ () C:\windows\netfxocm.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00384285 _____ () C:\windows\MedCtrOC.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00381287 _____ () C:\windows\plusoc.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00186103 _____ () C:\windows\ehOCGen.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00182369 _____ () C:\windows\ocmsn.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00170284 _____ () C:\windows\tabletoc.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00169072 _____ () C:\windows\msgsocm.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00055187 _____ () C:\windows\comsetup.log
2014-03-12 01:25 - 2006-02-15 00:30 - 00001374 _____ () C:\windows\imsins.log
2014-03-12 01:24 - 2006-02-15 08:59 - 00497154 _____ () C:\windows\updspapi.log
2014-03-12 01:23 - 2012-02-18 04:10 - 00000000 ____D () C:\windows\ie8updates
2014-03-12 01:21 - 2014-03-11 23:42 - 00012343 _____ () C:\windows\KB2929961.log
2014-03-12 01:21 - 2006-02-15 00:30 - 00001374 _____ () C:\windows\imsins.BAK
2014-03-12 01:20 - 2014-03-12 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB2929961$
2014-03-12 01:20 - 2014-03-11 23:41 - 00013708 _____ () C:\windows\KB2930275.log
2014-03-12 01:19 - 2014-03-12 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB2930275$
2014-03-10 20:12 - 2014-03-09 19:02 - 00000218 _____ () C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-09 19:11 - 2006-02-15 00:30 - 00528976 _____ () C:\windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Documents and Settings\Gladys\Local Settings\Temp\converter.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\msgup900_2162_us.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ntdll_dump.dll
C:\Documents and Settings\Gladys\Local Settings\Temp\quickcamenu.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\SkypeSetupFull(6.1.73.129)(Trackable457)trackable.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\svruninstall.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\SymLCSVC.EXE
C:\Documents and Settings\Gladys\Local Settings\Temp\yahoo_toolbar_install_helper.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ymsgr_inst.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ytb_7.2.5.15_1.6.6_ysp_1.2.8_mail_bts_pub_us_setup_.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\ywiseext.dll
C:\Documents and Settings\Gladys\Local Settings\Temp\_is30.exe
C:\Documents and Settings\Gladys\Local Settings\Temp\_is33.exe

==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================

 

[sophis]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Gladys at 2014-04-08 00:45:31
Running from C:\Documents and Settings\Gladys\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

==================== Installed Programs ======================
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.63 - Adobe Systems Incorporated)
Adobe Reader 7.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A71000000002}) (Version: 7.1.0 - Adobe Systems Incorporated)
AIM 7 (HKLM\...\AIM_7) (Version: - )
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - )
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2247 - AVG Technologies)
AVG 2012 (Version: 12.0.3722 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2247 - AVG Technologies) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.00.23(T) - )
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 1.00.008 - TOSHIBA)
Comcast High-Speed Internet Install Wizard (HKLM\...\ComcastHSI) (Version: - )
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
deskPDF 2.5 Standard Edition (HKLM\...\deskPDF 2.5 Standard_is1) (Version: - Docudesk)
Docudesk GPL Ghostscript 8.15 (HKLM\...\GPL Ghostscript_is1) (Version: - Docudesk)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
DriverUpdate (HKLM\...\{5B17F2E0-C34F-4C57-A2AE-749D3A638F7B}) (Version: 2.2.36929 - SlimWare Utilities, Inc.)
DVD-RAM Driver (HKLM\...\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}) (Version: 5.0.2.5 - )
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4436 - )
Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.01.0000 - Intel Corporation)
InterVideo WinDVD Creator 2 (HKLM\...\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}) (Version: 2.0.14.376 - InterVideo Inc.)
InterVideo WinDVD for TOSHIBA (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.533 - InterVideo Inc.)
iPod for Windows 2005-03-23 (HKLM\...\InstallShield_{44A537A5-859C-43A6-8285-C0668142A090}) (Version: 3.8.0 - Apple Computer, Inc.)
iPod for Windows 2005-03-23 (Version: 3.8.0 - Apple Computer, Inc.) Hidden
iTunes (HKLM\...\InstallShield_{523E6F2A-2D59-4D91-90E8-6C49931C9F50}) (Version: 4.8.0.31 - Apple Computer, Inc.)
iTunes (Version: 4.8.0.31 - Apple Computer, Inc.) Hidden
J2SE Runtime Environment 5.0 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150040}) (Version: 1.5.0.40 - Sun Microsystems, Inc.)
K-Lite Codec Pack 4.1.7 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 4.1.7 - )
Logitech QuickCam (HKLM\...\{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}) (Version: 11.50.1169 - Logitech Inc.)
Logitech QuickCam Driver Package (HKLM\...\lvdrivers_11.50) (Version: - )
Macromedia Flash Player 8 (HKLM\...\{6815FCDD-401D-481E-BA88-31B4754C2B46}) (Version: 8.0.22.0 - Macromedia)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
mCore (Version: 5.40.0000 - Intel Corporation) Hidden
mDrWiFi (Version: 5.40.0000 - Intel Corporation) Hidden
Metamail (Toshiba Registration Utility) (HKLM\...\{BE3F89C0-42D5-11D5-A40A-00105AC8331A}) (Version: 4.5 - )
mHelp (Version: 5.40.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
mIWA (Version: 5.40.0000 - Intel Corporation) Hidden
mLogView (Version: 5.40.0000 - Intel Corporation) Hidden
mMHouse (Version: 5.40.0000 - Intel Corporation) Hidden
Mozilla Firefox (3.6.11) (HKLM\...\Mozilla Firefox (3.6.11)) (Version: 3.6.11 (en-US) - Mozilla)
mPfMgr (Version: 5.40.0000 - Intel Corporation) Hidden
mPfWiz (Version: 5.40.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM\...\MSNINST) (Version: - )
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 5.40.0000 - Intel Corporation) Hidden
mZConfig (Version: 5.40.0000 - Intel Corporation) Hidden
Office 2003 Trial Assistant (Version: 1.0.0 - Microsoft) Hidden
QuickTime (HKLM\...\QuickTime) (Version: - )
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.02 - Realtek Semiconductor Corp.)
SD Secure Module (HKLM\...\{C45F4811-31D5-4786-801D-F79CD06EDD85}) (Version: 1.0.3 - TOSHIBA Corporation)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 5.2.0 - Sonic Solutions)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow! (HKLM\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 7.31 - Sonic Solutions)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.9.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}) (Version: 1.16.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.16.0000 - Texas Instruments Inc.) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 5.90.05 - )
TOSHIBA Controls (HKLM\...\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}) (Version: - )
TOSHIBA Hotkey Utility (HKLM\...\{64DD71BC-3109-4C88-9AD3-D5422644B722}) (Version: 1.00.01ST - )
TOSHIBA PC Diagnostic Tool (HKLM\...\PC Diagnostic Tool) (Version: - )
TOSHIBA Power Saver (HKLM\...\Power Saver) (Version: 7.03.07.I - )
TOSHIBA SD Memory Card Format (HKLM\...\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}) (Version: - )
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.62 (SM2162ALD04) - )
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: - )
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA TouchPad ON/Off Utility (HKLM\...\{69BE47C2-36FE-4397-8199-85D8EAE69982}) (Version: 1.00.01ST - )
TOSHIBA TV Tuner 4.0.12.73 (HKLM\...\TOSHIBA TV Tuner) (Version: 4.0.12.73 - AVerMedia TECHNOLOGIES, Inc.)
TOSHIBA Utilities (HKLM\...\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}) (Version: 1.00.07ST - )
TOSHIBA Virtual Sound (HKLM\...\{8B12BA86-ADAC-4BA6-B441-FFC591087252}) (Version: - )
TOSHIBA Zooming Utility (HKLM\...\{64212898-097F-4F3F-AECA-6D34A7EF82DF}) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows Internet Explorer 7 (KB980182) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows Media Player 10 (KB910393) (Version: - Microsoft Corporation) Hidden
Update for Windows Media Player 10 (KB913800) (Version: - Microsoft Corporation) Hidden
Update for Windows Media Player 10 (KB926251) (Version: - Microsoft Corporation) Hidden
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.08.0000 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version: - )
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.5.0530.0 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB888316 (HKLM\...\KB888316) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB894553 (HKLM\...\KB894553) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB895678 (HKLM\...\KB895678) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - )
Yahoo! Toolbar (HKLM\...\Yahoo! Toolbar) (Version: - )
==================== Restore Points =========================
25-06-2012 23:32:36 System Checkpoint
28-06-2012 03:08:57 System Checkpoint
01-07-2012 21:10:32 System Checkpoint
11-07-2012 07:30:42 System Checkpoint
11-07-2012 09:20:39 Software Distribution Service 3.0
14-07-2012 00:07:53 System Checkpoint
18-07-2012 01:33:04 System Checkpoint
22-07-2012 01:31:59 System Checkpoint
24-07-2012 08:32:18 System Checkpoint
27-07-2012 01:56:23 System Checkpoint
28-07-2012 02:32:27 System Checkpoint
30-07-2012 02:39:15 System Checkpoint
01-08-2012 01:55:02 System Checkpoint
02-08-2012 03:13:12 System Checkpoint
04-08-2012 22:15:22 System Checkpoint
14-08-2012 08:05:47 System Checkpoint
16-08-2012 01:19:00 Software Distribution Service 3.0
18-08-2012 07:54:18 System Checkpoint
21-08-2012 01:51:01 System Checkpoint
22-08-2012 02:33:07 System Checkpoint
24-08-2012 22:46:04 System Checkpoint
26-08-2012 01:53:54 System Checkpoint
27-08-2012 02:38:52 System Checkpoint
28-08-2012 19:26:09 System Checkpoint
31-08-2012 02:25:14 System Checkpoint
02-09-2012 20:04:48 System Checkpoint
03-09-2012 20:13:29 System Checkpoint
05-09-2012 01:09:33 System Checkpoint
06-09-2012 07:35:40 System Checkpoint
09-09-2012 02:29:11 System Checkpoint
10-09-2012 07:35:55 System Checkpoint
12-09-2012 02:34:55 System Checkpoint
13-09-2012 06:59:09 System Checkpoint
13-09-2012 23:40:15 Software Distribution Service 3.0
16-09-2012 05:10:27 System Checkpoint
18-09-2012 07:58:07 System Checkpoint
21-09-2012 02:03:37 System Checkpoint
22-09-2012 18:19:57 Software Distribution Service 3.0
26-09-2012 08:10:23 System Checkpoint
28-09-2012 03:56:28 System Checkpoint
29-09-2012 04:35:06 System Checkpoint
30-09-2012 05:03:55 System Checkpoint
03-10-2012 02:21:14 System Checkpoint
05-10-2012 02:23:22 System Checkpoint
07-10-2012 07:42:23 System Checkpoint
09-10-2012 02:30:03 System Checkpoint
10-10-2012 02:54:25 System Checkpoint
11-10-2012 08:37:40 System Checkpoint
11-10-2012 23:46:08 Software Distribution Service 3.0
15-10-2012 10:57:18 System Checkpoint
19-10-2012 05:41:31 System Checkpoint
25-10-2012 02:18:18 System Checkpoint
28-10-2012 19:06:38 System Checkpoint
01-11-2012 08:46:36 System Checkpoint
03-11-2012 03:11:08 System Checkpoint
05-11-2012 05:34:46 System Checkpoint
10-11-2012 06:18:32 System Checkpoint
11-11-2012 06:41:17 System Checkpoint
12-11-2012 20:47:51 System Checkpoint
14-11-2012 02:32:00 System Checkpoint
15-11-2012 04:07:27 System Checkpoint
17-11-2012 07:30:30 Software Distribution Service 3.0
19-11-2012 03:21:26 System Checkpoint
20-11-2012 08:18:54 System Checkpoint
25-11-2012 06:56:32 System Checkpoint
29-11-2012 04:22:41 System Checkpoint
02-12-2012 23:50:44 System Checkpoint
07-12-2012 02:42:13 System Checkpoint
08-12-2012 03:37:16 System Checkpoint
09-12-2012 10:04:23 System Checkpoint
11-12-2012 08:12:36 System Checkpoint
13-12-2012 01:45:10 Software Distribution Service 3.0
14-12-2012 08:44:57 System Checkpoint
15-12-2012 10:15:54 System Checkpoint
18-12-2012 04:53:44 System Checkpoint
19-12-2012 05:43:09 System Checkpoint
20-12-2012 08:14:31 System Checkpoint
22-12-2012 02:52:54 Software Distribution Service 3.0
24-12-2012 06:13:35 System Checkpoint
26-12-2012 03:41:39 System Checkpoint
27-12-2012 07:13:33 System Checkpoint
29-12-2012 04:45:00 System Checkpoint
30-12-2012 06:39:34 System Checkpoint
31-12-2012 06:53:56 System Checkpoint
05-01-2013 06:45:58 System Checkpoint
05-01-2013 19:35:26 Software Distribution Service 3.0
07-01-2013 06:19:08 System Checkpoint
09-01-2013 06:27:01 System Checkpoint
09-01-2013 18:57:09 Software Distribution Service 3.0
11-01-2013 02:12:37 Software Distribution Service 3.0
12-01-2013 03:09:25 System Checkpoint
13-01-2013 04:17:31 System Checkpoint
14-01-2013 09:25:58 System Checkpoint
16-01-2013 18:12:18 Software Distribution Service 3.0
28-01-2013 06:21:37 System Checkpoint
30-01-2013 06:12:37 System Checkpoint
01-02-2013 06:10:02 System Checkpoint
02-02-2013 08:01:10 System Checkpoint
03-02-2013 08:08:22 System Checkpoint
05-02-2013 03:35:21 System Checkpoint
06-02-2013 06:02:35 System Checkpoint
07-02-2013 06:43:22 System Checkpoint
08-02-2013 07:11:35 System Checkpoint
10-02-2013 08:22:15 System Checkpoint
13-02-2013 07:55:48 System Checkpoint
14-02-2013 23:47:32 Software Distribution Service 3.0
16-02-2013 06:54:59 System Checkpoint
17-02-2013 07:01:07 System Checkpoint
18-02-2013 08:58:25 System Checkpoint
20-02-2013 21:22:24 System Checkpoint
22-02-2013 06:48:01 System Checkpoint
23-02-2013 21:40:08 System Checkpoint
25-02-2013 03:24:00 System Checkpoint
26-02-2013 04:09:26 System Checkpoint
04-03-2013 06:44:41 System Checkpoint
06-03-2013 06:37:13 System Checkpoint
08-03-2013 06:54:14 System Checkpoint
09-03-2013 09:13:18 System Checkpoint
11-03-2013 07:04:09 System Checkpoint
13-03-2013 06:22:05 System Checkpoint
16-03-2013 06:01:46 System Checkpoint
16-03-2013 10:02:32 Software Distribution Service 3.0
18-03-2013 03:01:21 System Checkpoint
20-03-2013 04:44:30 System Checkpoint
21-03-2013 06:40:58 System Checkpoint
24-03-2013 05:08:33 Software Distribution Service 3.0
25-03-2013 22:19:08 System Checkpoint
27-03-2013 22:21:53 System Checkpoint
29-03-2013 05:05:11 System Checkpoint
02-04-2013 05:38:50 System Checkpoint
10-04-2013 17:20:49 Software Distribution Service 3.0
14-04-2013 00:46:11 System Checkpoint
15-04-2013 00:55:16 System Checkpoint
16-04-2013 03:39:58 System Checkpoint
17-04-2013 04:24:27 System Checkpoint
18-04-2013 19:36:39 System Checkpoint
19-04-2013 20:44:30 System Checkpoint
22-04-2013 06:15:56 System Checkpoint
23-04-2013 06:55:38 System Checkpoint
24-04-2013 19:21:07 System Checkpoint
25-04-2013 19:54:15 System Checkpoint
29-04-2013 07:30:33 System Checkpoint
02-05-2013 19:51:12 System Checkpoint
07-05-2013 03:03:16 System Checkpoint
08-05-2013 20:58:14 System Checkpoint
09-05-2013 21:28:51 System Checkpoint
12-05-2013 08:20:15 System Checkpoint
15-05-2013 07:19:28 System Checkpoint
15-05-2013 18:43:16 Software Distribution Service 3.0
17-05-2013 20:39:08 System Checkpoint
21-05-2013 02:03:49 System Checkpoint
23-05-2013 19:56:28 System Checkpoint
24-05-2013 19:59:37 System Checkpoint
27-05-2013 06:54:06 System Checkpoint
29-05-2013 01:32:54 System Checkpoint
01-06-2013 04:59:26 System Checkpoint
03-06-2013 00:50:09 System Checkpoint
04-06-2013 05:24:46 System Checkpoint
05-06-2013 08:07:00 System Checkpoint
07-06-2013 08:56:34 System Checkpoint
09-06-2013 10:07:19 System Checkpoint
11-06-2013 07:48:35 System Checkpoint
12-06-2013 18:45:58 Software Distribution Service 3.0
14-06-2013 07:24:26 System Checkpoint
15-06-2013 23:15:40 System Checkpoint
16-06-2013 23:50:39 System Checkpoint
18-06-2013 01:58:03 System Checkpoint
19-06-2013 06:11:23 System Checkpoint
20-06-2013 08:53:53 System Checkpoint
21-06-2013 20:02:42 System Checkpoint
23-06-2013 23:03:23 System Checkpoint
25-06-2013 06:51:58 System Checkpoint
26-06-2013 09:37:19 System Checkpoint
28-06-2013 15:31:44 System Checkpoint
30-06-2013 05:12:41 System Checkpoint
02-07-2013 03:51:18 System Checkpoint
03-07-2013 20:35:46 System Checkpoint
05-07-2013 04:37:09 System Checkpoint
08-07-2013 07:20:47 System Checkpoint
09-07-2013 07:24:16 System Checkpoint
10-07-2013 15:22:49 System Checkpoint
11-07-2013 19:21:42 Software Distribution Service 3.0
15-07-2013 00:37:55 System Checkpoint
17-07-2013 04:14:06 System Checkpoint
18-07-2013 04:39:59 Software Distribution Service 3.0
22-07-2013 04:22:12 System Checkpoint
24-07-2013 01:04:20 System Checkpoint
25-07-2013 05:29:33 System Checkpoint
26-07-2013 07:18:19 System Checkpoint
28-07-2013 05:08:33 System Checkpoint
30-07-2013 21:27:25 System Checkpoint
01-08-2013 07:17:08 System Checkpoint
03-08-2013 03:49:47 System Checkpoint
04-08-2013 05:48:58 System Checkpoint
05-08-2013 09:07:25 System Checkpoint
09-08-2013 03:28:33 System Checkpoint
13-08-2013 21:19:21 Software Distribution Service 3.0
16-08-2013 03:20:19 System Checkpoint
19-08-2013 05:57:00 System Checkpoint
22-08-2013 02:57:35 System Checkpoint
23-08-2013 05:29:54 System Checkpoint
24-08-2013 19:56:40 System Checkpoint
27-08-2013 03:24:30 System Checkpoint
28-08-2013 07:28:51 System Checkpoint
28-08-2013 08:55:49 Software Distribution Service 3.0
29-08-2013 09:51:19 System Checkpoint
31-08-2013 02:31:10 System Checkpoint
01-09-2013 04:00:08 System Checkpoint
02-09-2013 07:43:20 System Checkpoint
03-09-2013 22:38:55 System Checkpoint
12-09-2013 19:22:55 Software Distribution Service 3.0
13-09-2013 19:20:30 Software Distribution Service 3.0
15-09-2013 01:36:52 System Checkpoint
16-09-2013 22:08:01 System Checkpoint
18-09-2013 06:54:53 System Checkpoint
20-09-2013 03:17:11 System Checkpoint
21-09-2013 15:32:43 System Checkpoint
22-09-2013 22:59:00 System Checkpoint
24-09-2013 05:25:11 System Checkpoint
25-09-2013 09:58:54 System Checkpoint
26-09-2013 22:27:00 System Checkpoint
28-09-2013 09:33:22 System Checkpoint
29-09-2013 09:56:19 System Checkpoint
01-10-2013 03:34:44 System Checkpoint
02-10-2013 08:38:04 System Checkpoint
04-10-2013 03:11:30 System Checkpoint
05-10-2013 06:05:14 System Checkpoint
06-10-2013 08:33:44 System Checkpoint
08-10-2013 02:38:08 System Checkpoint
09-10-2013 03:29:47 System Checkpoint
10-10-2013 09:16:18 System Checkpoint
10-10-2013 10:07:34 Software Distribution Service 3.0
12-10-2013 08:35:07 System Checkpoint
13-10-2013 22:50:32 Software Distribution Service 3.0
15-10-2013 04:24:22 System Checkpoint
16-10-2013 20:29:29 System Checkpoint
18-10-2013 04:55:15 System Checkpoint
20-10-2013 00:16:04 System Checkpoint
21-10-2013 00:51:23 System Checkpoint
22-10-2013 01:31:56 System Checkpoint
23-10-2013 02:42:04 System Checkpoint
24-10-2013 08:17:21 System Checkpoint
26-10-2013 02:38:31 System Checkpoint
27-10-2013 04:58:18 System Checkpoint
28-10-2013 06:39:21 System Checkpoint
29-10-2013 21:31:44 System Checkpoint
31-10-2013 01:22:35 System Checkpoint
01-11-2013 06:02:55 System Checkpoint
02-11-2013 08:10:51 System Checkpoint
04-11-2013 04:37:59 System Checkpoint
11-11-2013 02:28:23 System Checkpoint
12-11-2013 06:27:52 System Checkpoint
13-11-2013 08:45:52 System Checkpoint
14-11-2013 08:26:47 Software Distribution Service 3.0
16-11-2013 08:30:11 System Checkpoint
17-11-2013 08:36:37 System Checkpoint
18-11-2013 22:02:45 System Checkpoint
11-12-2013 02:10:39 System Checkpoint
11-12-2013 11:04:43 Software Distribution Service 3.0
12-12-2013 22:14:08 System Checkpoint
14-12-2013 06:45:42 System Checkpoint
16-12-2013 01:25:30 Software Distribution Service 3.0
17-12-2013 02:23:17 System Checkpoint
18-12-2013 03:24:34 System Checkpoint
19-12-2013 03:32:01 System Checkpoint
20-12-2013 07:08:33 System Checkpoint
22-12-2013 06:20:00 System Checkpoint
24-12-2013 07:54:00 System Checkpoint
25-12-2013 09:06:37 System Checkpoint
01-01-2014 09:40:07 System Checkpoint
02-01-2014 21:26:23 System Checkpoint
03-01-2014 21:47:00 System Checkpoint
05-01-2014 22:02:06 System Checkpoint
07-01-2014 07:46:28 System Checkpoint
08-01-2014 08:19:09 System Checkpoint
10-01-2014 08:09:05 System Checkpoint
11-01-2014 09:56:04 System Checkpoint
13-01-2014 01:13:30 System Checkpoint
14-01-2014 02:53:51 System Checkpoint
15-01-2014 05:30:59 System Checkpoint
15-01-2014 09:29:28 Software Distribution Service 3.0
16-01-2014 23:30:12 System Checkpoint
18-01-2014 00:54:27 System Checkpoint
19-01-2014 02:47:44 System Checkpoint
20-02-2014 03:51:20 System Checkpoint
21-02-2014 09:46:44 System Checkpoint
22-01-2014 02:42:09 System Checkpoint
23-01-2014 07:21:48 System Checkpoint
24-01-2014 07:55:04 System Checkpoint
25-01-2014 09:37:42 System Checkpoint
27-01-2014 01:43:10 System Checkpoint
01-02-2014 08:11:03 System Checkpoint
04-02-2014 03:03:07 System Checkpoint
05-02-2014 03:18:35 System Checkpoint
06-02-2014 03:53:13 System Checkpoint
07-02-2014 09:53:43 System Checkpoint
08-02-2014 10:03:06 System Checkpoint
10-02-2014 04:09:53 System Checkpoint
11-02-2014 08:04:57 System Checkpoint
12-02-2014 08:48:01 System Checkpoint
12-02-2014 09:45:29 Software Distribution Service 3.0
14-02-2014 06:51:11 System Checkpoint
16-02-2014 05:09:13 System Checkpoint
17-02-2014 20:43:00 System Checkpoint
19-02-2014 03:28:46 System Checkpoint
20-02-2014 06:58:23 System Checkpoint
22-02-2014 09:30:45 System Checkpoint
23-02-2014 10:50:35 System Checkpoint
25-02-2014 06:15:58 System Checkpoint
26-02-2014 08:17:59 System Checkpoint
27-02-2014 09:03:42 System Checkpoint
02-03-2014 00:55:24 System Checkpoint
03-03-2014 01:58:11 System Checkpoint
04-03-2014 09:47:14 System Checkpoint
06-03-2014 11:01:14 Software Distribution Service 3.0
09-03-2014 09:29:22 System Checkpoint
10-03-2014 09:51:49 System Checkpoint
11-03-2014 22:37:38 System Checkpoint
12-03-2014 08:15:04 Software Distribution Service 3.0
14-03-2014 03:06:54 System Checkpoint
15-03-2014 03:31:19 System Checkpoint
16-03-2014 08:12:55 System Checkpoint
17-03-2014 23:05:08 System Checkpoint
19-03-2014 00:59:22 System Checkpoint
19-03-2014 09:48:49 Software Distribution Service 3.0
20-03-2014 20:08:38 System Checkpoint
24-03-2014 09:28:02 System Checkpoint
26-03-2014 02:32:55 System Checkpoint
27-03-2014 06:23:36 System Checkpoint
28-03-2014 07:38:00 System Checkpoint
29-03-2014 08:13:09 System Checkpoint
31-03-2014 01:36:02 System Checkpoint
01-04-2014 02:34:28 System Checkpoint
02-04-2014 06:11:03 System Checkpoint
03-04-2014 08:17:33 System Checkpoint
05-04-2014 10:47:28 System Checkpoint
==================== Hosts content: ==========================
2006-02-15 07:02 - 2004-08-10 05:00 - 00000734 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3633264511-1396050676-896409009-1006Core.job => C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3633264511-1396050676-896409009-1006UA.job => C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\windows\system32\xp_eos.exe
Task: C:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\windows\system32\xp_eos.exe
Task: C:\windows\Tasks\Registration reminder 1.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
Task: C:\windows\Tasks\Registration reminder 3.job => C:\WINDOWS\system32\OOBE\oobebaln.exe
==================== Loaded Modules (whitelisted) =============
2005-11-28 11:59 - 2005-11-28 11:59 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-11-28 11:59 - 2005-11-28 11:59 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-11-28 11:59 - 2005-11-28 11:59 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2009-12-24 14:50 - 2009-11-05 09:39 - 00087552 _____ () C:\windows\system32\cpwmon2k.dll
2007-11-29 21:13 - 2007-02-18 18:00 - 00018764 _____ () C:\WINDOWS\system32\ddmon.dll
2004-07-20 18:04 - 2004-07-20 18:04 - 00094208 _____ () C:\windows\system32\TosBtHcrpAPI.dll
2006-02-24 21:28 - 2002-03-03 05:40 - 00045056 _____ () C:\windows\system32\TDispVol.dll
2006-02-16 10:03 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2006-02-15 07:03 - 2013-01-01 23:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2006-02-15 07:02 - 2008-04-13 17:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-02-15 07:03 - 2008-04-13 17:11 - 00014336 _____ () C:\windows\system32\msdmo.dll
2007-10-19 13:17 - 2007-10-19 13:17 - 00068120 _____ () C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
2006-02-16 02:19 - 2005-07-12 18:14 - 00040960 _____ () c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
2006-02-15 09:25 - 2006-01-04 19:14 - 00049152 _____ () C:\Program Files\Toshiba\Toshiba Applet\TouchPad_OnOff.dll
2006-02-15 09:25 - 2005-11-23 15:55 - 00118784 _____ () C:\windows\system32\TCtrlIO.DLL
2007-10-25 16:37 - 2007-10-25 16:37 - 02178832 _____ () C:\Program Files\Logitech\QuickCam\Quickcam.exe
2007-10-25 16:44 - 2007-10-25 16:44 - 00103184 _____ () C:\Program Files\Logitech\QuickCam\LAppRes.dll
2007-10-25 16:33 - 2007-10-25 16:33 - 00344336 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
2007-10-25 16:33 - 2007-10-25 16:33 - 00167184 _____ () C:\Program Files\Logitech\QuickCam\EFVal.dll
2007-10-25 16:33 - 2007-10-25 16:33 - 00563984 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
2007-10-25 16:34 - 2007-10-25 16:34 - 00138000 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
2007-10-25 16:34 - 2007-10-25 16:34 - 00165136 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
2007-10-25 16:35 - 2007-10-25 16:35 - 00149264 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
2005-11-28 11:59 - 2005-11-28 11:59 - 00876544 _____ () C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll
2005-11-28 11:59 - 2005-11-28 11:59 - 00053322 _____ () C:\Program Files\Intel\Wireless\bin\IntStngs.dll
2005-11-03 11:37 - 2005-11-03 11:37 - 00970862 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2005-11-28 11:59 - 2005-11-28 11:59 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
2005-11-28 11:59 - 2005-11-28 11:59 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
2009-05-28 13:13 - 2009-05-26 21:06 - 00102400 _____ () C:\Program Files\Yahoo!\Messenger\clientmanager.dll
2009-05-28 13:13 - 2009-05-26 21:06 - 00913408 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: AGRSMMSG => AGRSMMSG.exe
MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: fcpAGIkUebLRiD => C:\Documents and Settings\All Users\Application Data\fcpAGIkUebLRiD.exe
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Gladys\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: NSWosCheck => "C:\Program Files\Norton SystemWorks Basic Edition\osCheck.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: UserFaultCheck => %systemroot%\system32\dumprep 0 -u
==================== Faulty Device Manager Devices =============
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================
Application errors:
==================
Error: (04/05/2014 11:28:36 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.11.0.102, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x0000984e.
Processing media-specific event for [skype.exe!ws!]
Error: (04/01/2014 02:33:47 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80010108 from line 62 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Error: (03/27/2014 08:13:15 PM) (Source: ESENT) (User: )
Description: wuauclt (3760) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:12:56 PM) (Source: ESENT) (User: )
Description: wuauclt (516) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:12:32 PM) (Source: ESENT) (User: )
Description: wuauclt (2124) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:12:14 PM) (Source: ESENT) (User: )
Description: wuauclt (2252) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:11:49 PM) (Source: ESENT) (User: )
Description: wuauclt (2316) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:11:28 PM) (Source: ESENT) (User: )
Description: wuauclt (3076) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:11:09 PM) (Source: ESENT) (User: )
Description: wuauclt (3180) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/27/2014 08:10:38 PM) (Source: ESENT) (User: )
Description: wuauclt (3852) An attempt to open the file "C:\windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

System errors:
=============
Error: (04/08/2014 00:43:38 AM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
Error: (04/07/2014 11:18:09 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
Error: (04/07/2014 04:36:31 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
Error: (04/07/2014 04:36:31 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
Error: (04/07/2014 04:36:31 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
Error: (04/07/2014 04:20:50 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
Error: (04/07/2014 04:20:00 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D
Error: (04/07/2014 00:53:47 PM) (Source: DCOM) (User: TOSHIBA-USER)
Description: DCOM got error "%%1053" attempting to start the service iPodService with arguments "-Service"
in order to run the server:
{7A7FB085-6068-4898-8CCA-480A9187277C}
Error: (04/07/2014 00:53:45 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the iPodService service.
Error: (04/07/2014 00:53:15 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Microsoft Office Sessions:
=========================
Error: (04/05/2014 11:28:36 PM) (Source: Application Error)(User: )
Description: skype.exe6.11.0.102kernel32.dll5.1.2600.62930000984e
Error: (04/01/2014 02:33:47 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp6280010108
Error: (03/27/2014 08:13:15 PM) (Source: ESENT)(User: )
Description: wuauclt3760C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:12:56 PM) (Source: ESENT)(User: )
Description: wuauclt516C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:12:32 PM) (Source: ESENT)(User: )
Description: wuauclt2124C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:12:14 PM) (Source: ESENT)(User: )
Description: wuauclt2252C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:11:49 PM) (Source: ESENT)(User: )
Description: wuauclt2316C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:11:28 PM) (Source: ESENT)(User: )
Description: wuauclt3076C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:11:09 PM) (Source: ESENT)(User: )
Description: wuauclt3180C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
Error: (03/27/2014 08:10:38 PM) (Source: ESENT)(User: )
Description: wuauclt3852C:\windows\SoftwareDistribution\DataStore\DataStore.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

==================== Memory info ===========================
Percentage of memory in use: 86%
Total physical RAM: 1013.98 MB
Available physical RAM: 135.39 MB
Total Pagefile: 1676.84 MB
Available Pagefile: 380.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.23 MB
==================== Drives ================================
Drive c: (SQ004126P01) (Fixed) (Total:111.54 GB) (Free:55.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 112 GB) (Disk ID: 12DF12DE)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=251 MB) - (Type=88)
==================== End Of Log ============================

 

[TwinHeadedEagle]

FRST version you used to run is highly outdated. Please download fresh one and do the process again. And do not copy reports, but attach them using Upload a File option.

 

[sophis]

With the link you sent me there's only 2 options: 1 in 32-bit and the other in 64 bit. I downloaded both and only the 32-bit would run. I tried to re-download again but they're the same version. Is there another link with this program that I could download securely? Thanks!

 

[sophis]

Yes I have and that's the outdated version that produced these reports.

 

[TwinHeadedEagle]

This report look clean


> Re-run zoek with the script below and attach here fresh zoek log results.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

autoclean;
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b
shortcutfix;

 

[sophis]

Sorry I don't understand what Zoek is. And what's my next step now that the report is clean?

 

[TwinHeadedEagle]

Zoek is alternative to FRST and will do some other tasks, regarding shortcuts you mentioned.

 

[sophis]

You mentioned "re-run" but I've never used that program. Please send me link to download it. Thanks.

 

[TwinHeadedEagle]

I am sorry



Please download zoek.zip or zoek.rar by smeenk (

) from here or here and save it to your Desktop.
Unpack the archive...

• Close any open browsers
• Temporarily disable your AntiVirus program. (If necessary)
  If you are unsure how to do this please read this or this Instruction.
  
• Double click on zoek.exe to run the tool .
  Please wait while the tool does not start...
  
• Copy the text present inside the code box below and paste it into the large window in the zoek tool:
  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
  
  

  autoclean;
  emptyclsid;
  emptyalltemp;
  ipconfig /flushdns;b
  shortcutfix;

• Click on
  
  button.
  Please wait until a logreport will open (this can be after reboot)
  
• Save notepad to your Desktop and attach here zoek-results.log
  Note: It will also create a log in the C:\ directory named "zoek-results.log"

 

[sophis]

Hi, I just ran Zoek and followed your instructions above and now I have another problem--I have an older version of Yahoo Messenger and now the shortcut is missing! I worried my program got deleted with the script that's being run along with my saved conversations in YM. Please let me know why this would happen and how I could salvage it. Thanks

I've also attached the Zoek log.

 

[sophis]

Everytime I click on the Yahoo Messenger shortcut it says Windows is searching for YahooMessenger.exe. The Zoek program doesn't say it'll delete my actual programs. Please help!

 

[sophis]

My Yahoo Messenger folder now only contains the file named "ypagerps2.DLL"

 

[TwinHeadedEagle]

You see why I always make a warning not to use programs on yourself, because I do not want to be responsible for damage you make. Can you try to reinstall it.

 

[sophis]

I'm confused --why would Zoek picked out Yahoo Messenger and deleted that?? I thought it's only used to remove any additional Malware that Frst wasn't able to remove. Could you please read my log and see how that happened?

BTW, the file names of the folder that I originally wanted to restore are still missing. Sadly, Zoek made it worse =(

 

[TwinHeadedEagle]

Yahoo tries to promote himself by using some adware techniques. Zoek delete it, probably because his author think it is good. You can always reinstall your Yahoo or perform system restore.