AnthonyBoladeres

Members

View Profile See their activity

Posts
10
Joined
December 22, 2013
Last visited
December 23, 2013

Reputation

0 Neutral

Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

Yeah? It was that bad, huh? Maaaan, that's what happens when your sisters 5-yo get's a hold of it for a few hours a day. Problems just creep up on you in the worst of times. Look at the mess on the Desktop. That's my sister, I'm not flipping you off. lol. Results of screen317's Security Check version 0.99.77 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 JavaFX 2.1.1 Java 6 Update 22 Java 7 Update 45 Java 6 Update 5 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 10.2.152.32 Flash Player out of Date! Adobe Reader 8 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! Google Chrome 29.0.1547.76 Google Chrome 30.0.1599.69 Google Chrome Extensions... ````````Process Check: objlist.exe by Laurent```````` Comodo Firewall cmdagent.exe Windows Firewall Control wfcs.exe iolo Common Lib ioloServiceManager.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log`````````````````````` Man, i just got kicked offline 4 times before i got this post out! <---I can't live like this!
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

# AdwCleaner v3.015 - Report created 22/12/2013 at 14:05:48 # Updated 10/12/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (32 bits) # Username : Anthony - JDMCIVIC-PC # Running from : C:\Users\Anthony\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : BackupStack Service Deleted : CltMngSvc ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeze.com Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Folder Deleted : C:\Program Files\1ClickDownload Folder Deleted : C:\Program Files\BabylonToolbar Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\Fast Free Converter Folder Deleted : C:\Program Files\File Type Helper Folder Deleted : C:\Program Files\Free Offers from Freeze.com Folder Deleted : C:\Program Files\Freeze.com Folder Deleted : C:\Program Files\internethelper3.1 Folder Deleted : C:\Program Files\MyPC Backup Folder Deleted : C:\Program Files\Searchprotect Folder Deleted : C:\Program Files\SearchFlyBar2 Folder Deleted : C:\Program Files\uTorrentControl2 Folder Deleted : C:\Users\jdmcivic\AppData\Local\OpenCandy Folder Deleted : C:\Users\jdmcivic\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\jdmcivic\AppData\LocalLow\Conduit Folder Deleted : C:\Users\jdmcivic\AppData\LocalLow\Fast Free Converter Folder Deleted : C:\Users\jdmcivic\AppData\LocalLow\FunWebProducts Folder Deleted : C:\Users\jdmcivic\AppData\LocalLow\MyWebSearch Folder Deleted : C:\Users\jdmcivic\AppData\LocalLow\uTorrentControl2 Folder Deleted : C:\Users\jdmcivic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freeze.com Folder Deleted : C:\Users\Anthony\AppData\Local\Conduit Folder Deleted : C:\Users\Anthony\AppData\Local\NativeMessaging Folder Deleted : C:\Users\Anthony\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Anthony\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Anthony\AppData\LocalLow\Fast Free Converter Folder Deleted : C:\Users\Anthony\AppData\LocalLow\internethelper3.1 Folder Deleted : C:\Users\Anthony\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Anthony\AppData\LocalLow\SearchFlyBar2 Folder Deleted : C:\Users\Anthony\AppData\LocalLow\uTorrentControl2 Folder Deleted : C:\Users\Anthony\AppData\Roaming\BabylonToolbar Folder Deleted : C:\Users\Anthony\AppData\Roaming\Complitly Folder Deleted : C:\Users\Anthony\AppData\Roaming\Media Finder Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Folder Deleted : C:\Users\Anthony\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\ConduitCommon Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\CT3289663 Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\CT3072253 Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\CT3292715 Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Folder Deleted : C:\Users\jdmcivic\AppData\Roaming\Mozilla\Firefox\Profiles\i5rernfj.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} Folder Deleted : C:\Users\jdmcivic\AppData\Roaming\Mozilla\Firefox\Profiles\i5rernfj.default\Extensions\{AA994882-F391-4D2E-806F-8908DA4814ED} Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\ffxtlbr@babylon.com Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\ffxtlbr@incredibar.com Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\OneClickDownload@OneClickDownload.com Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3} Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} Folder Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{efc335aa-59ec-45b0-b287-739521153d5b} File Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\addon@defaulttab.com.xpi File Deleted : C:\Users\Anthony\AppData\Roaming\BabMaint.exe File Deleted : C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk File Deleted : C:\Users\Anthony\Desktop\MyPC Backup.lnk File Deleted : C:\Program Files\Mozilla Firefox\.autoreg File Deleted : C:\Program Files\Mozilla Firefox\nsprotector.js File Deleted : C:\Users\jdmcivic\AppData\Roaming\Mozilla\Firefox\Profiles\i5rernfj.default\searchplugins\Askcom.xml File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml File Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\searchplugins\Conduit.xml File Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\searchplugins\MyStart Search.xml File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\safesearch.xml File Deleted : C:\Users\jdmcivic\AppData\Roaming\Mozilla\Firefox\Profiles\i5rernfj.default\user.js File Deleted : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\user.js File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage File Deleted : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Key Deleted : HKCU\Software\Google\Chrome\Extensions\hgiifhjbblnglipdbpdgagphlcbililb Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hgiifhjbblnglipdbpdgagphlcbililb Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icmijdhkcgeclpfjmibnginbbkfcbpep Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{999A567B-DA9A-4682-9137-54C39F9577B6} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Deleted : HKLM\SOFTWARE\Classes\MF Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3292715 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EFC335AA-59EC-45B0-B287-739521153D5B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B660A209-68A4-4CCF-B8B7-950A8F9B18E2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFC335AA-59EC-45B0-B287-739521153D5B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFC335AA-59EC-45B0-B287-739521153D5B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B660A209-68A4-4CCF-B8B7-950A8F9B18E2} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EFC335AA-59EC-45B0-B287-739521153D5B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B660A209-68A4-4CCF-B8B7-950A8F9B18E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25AF9769-5E62-4B17-A0D0-6EB403BFFF08} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4AB1E24B-618B-4A40-8472-9E35768101C3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B624FA6D-9ABC-4A41-8E09-89E828009479} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2A1A27E-09C5-420F-B255-6374D1EDED78} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EFC335AA-59EC-45B0-B287-739521153D5B}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EFC335AA-59EC-45B0-B287-739521153D5B}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EFC335AA-59EC-45B0-B287-739521153D5B}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EFC335AA-59EC-45B0-B287-739521153D5B}] Key Deleted : HKCU\Software\Complitly Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Default Tab Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\MediaFinder Key Deleted : HKCU\Software\SearchProtect Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\alot Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\SearchFlyBar2 Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2 Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\SimplyGen Key Deleted : HKLM\Software\Uniblue Key Deleted : HKLM\Software\SearchFlyBar2 Key Deleted : HKLM\Software\uTorrentControl2 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16506 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v12.0 (en-GB) [ File : C:\Users\jdmcivic\AppData\Roaming\Mozilla\Firefox\Profiles\i5rernfj.default\prefs.js ] Line Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com"); Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("extensions.asktb.cbid", "FM"); Line Deleted : user_pref("extensions.asktb.config-updated", false); Line Deleted : user_pref("extensions.asktb.crumb", "2010.11.25+09.27.06-toolbar004iad-US-TG9zIEFuZ2VsZXMsQ0EsVW5pdGVkIFN0YXRlcw%3D%3D"); Line Deleted : user_pref("extensions.asktb.dtid", "TES002A6US"); Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true); Line Deleted : user_pref("extensions.asktb.l", "dis"); Line Deleted : user_pref("extensions.asktb.last-config-req", "1334581887336"); Line Deleted : user_pref("extensions.asktb.locale", "en_US"); Line Deleted : user_pref("extensions.asktb.o", "14193"); Line Deleted : user_pref("extensions.asktb.qsrc", "2871"); Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true); Line Deleted : user_pref("extensions.asktb.silent-upgrade", true); Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true); Line Deleted : user_pref("extensions.enabledAddons", "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,toolbar@ask.com:3.14.1.20007,{972ce4c6-7e08-4474-a285-3208198ce6fd}:12.0"); Line Deleted : user_pref("extensions.enabledItems", "{52EF0988-5232-4465-86E7-6434B5891030}:1.0,{635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313,{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{CAFEEFAC-0016[...] [ File : C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\prefs.js ] Line Deleted : user_pref("CT3072253..clientLogIsEnabled", false); Line Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Line Deleted : user_pref("CT3072253.AppTrackingLastCheckTime", "Fri Apr 27 2012 07:36:24 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true); Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445530228833", true); Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true); Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true); Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_130067979083742856", true); Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_1359634299000", true); Line Deleted : user_pref("CT3072253.CTID", "CT3072253"); Line Deleted : user_pref("CT3072253.CurrentServerDate", "29-9-2013"); Line Deleted : user_pref("CT3072253.DSInstall", false); Line Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR"); Line Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Sat Sep 28 2013 15:36:08 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.DownloadReferralCookieData", ""); Line Deleted : user_pref("CT3072253.FirstServerDate", "31-3-2012"); Line Deleted : user_pref("CT3072253.FirstTime", true); Line Deleted : user_pref("CT3072253.FirstTimeFF3", true); Line Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true); Line Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440); Line Deleted : user_pref("CT3072253.HPInstall", false); Line Deleted : user_pref("CT3072253.HasUserGlobalKeys", true); Line Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false); Line Deleted : user_pref("CT3072253.Initialize", true); Line Deleted : user_pref("CT3072253.InitializeCommonPrefs", true); Line Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3); Line Deleted : user_pref("CT3072253.InstallationId", "ConduitXPEIntegration"); Line Deleted : user_pref("CT3072253.InstallationType", "ConduitXPEIntegration"); Line Deleted : user_pref("CT3072253.InstalledDate", "Sat Mar 31 2012 09:53:13 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.IsAlertDBUpdated", true); Line Deleted : user_pref("CT3072253.IsGrouping", false); Line Deleted : user_pref("CT3072253.IsInitSetupIni", true); Line Deleted : user_pref("CT3072253.IsMulticommunity", false); Line Deleted : user_pref("CT3072253.IsOpenThankYouPage", true); Line Deleted : user_pref("CT3072253.IsOpenUninstallPage", false); Line Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Sat Sep 28 2013 15:36:08 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440); Line Deleted : user_pref("CT3072253.LastLogin_3.10.0.1", "Sun Apr 29 2012 10:26:29 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Wed Jun 20 2012 02:22:17 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Sat Jul 28 2012 14:07:29 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Sat Sep 28 2013 15:36:08 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.LatestVersion", "3.20.0.4"); Line Deleted : user_pref("CT3072253.Locale", "en"); Line Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83"); Line Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295"); Line Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true); Line Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.10.0.1"); Line Deleted : user_pref("CT3072253.SHRINK_TOOLBAR", 1); Line Deleted : user_pref("CT3072253.SearchBoxWidth", 100); Line Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search"); Line Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "Search the web (Babylon)"); Line Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true); Line Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true); Line Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440); Line Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Sat Sep 28 2013 15:36:07 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.SearchProtectorEnabled", false); Line Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false); Line Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true); Line Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Sat Sep 28 2013 15:36:07 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Sat Sep 28 2013 15:36:06 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.SettingsLastUpdate", "1380355962"); Line Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504); Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Sat Sep 28 2013 15:36:06 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997"); Line Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", false); Line Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...] Line Deleted : user_pref("CT3072253.UserID", "UN34214875215389041"); Line Deleted : user_pref("CT3072253.ValidationData_Search", 2); Line Deleted : user_pref("CT3072253.ValidationData_Toolbar", 2); Line Deleted : user_pref("CT3072253.alertChannelId", "1463702"); Line Deleted : user_pref("CT3072253.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426D6265523B544243464959505B637D737B6E55217578654E675[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426D62455E69543D56444643465B525D66716C216E6B587D73675[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F395047525C4173686B6965677B796F6D7B6E552175785926766[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e.:2z527", "247E70716B71773C37276F2979757475772F26312323234F484B4C552E53493D263F302B30352F453C4739383C3D64605C5B5F716571704974696C4D7A675C455E4F4A4F4E4D645B665[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F564654524C474A595A4851505E51523964595C49324B393C3B3E5047525D6C6A6B6F786D68506A6F7171742256227679664F6[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C4343534E2D585B3C253E2C302E34433A45515862695E675A416C6164513A5341454348584F5A666D7B7C7174726E702174745B2[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e06cg5el8:", "6E6D69726F746E6F6F71"); Line Deleted : user_pref("CT3072253.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74736F78757A74757577242F4B49474F42357D5D5C3D"); Line Deleted : user_pref("CT3072253.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E41295547484D515A4E5A59325D5255422B443237303749404B585E685E706E6E6674626E696B4D786D705D465F4D524B51645B66732[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473E454745482F5A4F523F2841302D2F33463D48566265685C6B675F6D70604873686B58415A4946484B5F56616F7C217D74747[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D3229344356554E472E594E51325E4F412A4335373231483F4A59655F5F626C5B717369756975744D786D70517E6B60496252505451675[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352C37474B59574B4A4858584E5E3762573A535E49324B3A3D3F3B504752626C625D75786D766A7C517C7174614A63525557526[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426D6265523B544346494A59505B6C697A7E21702370765925797[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D49564A50592E594E314A55402942322E332F473E495B5D595A6A5E58707262674974696C59425B4B474B51605762747C2473737[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B364953545259585A5A50524E36615659462F4838353D3C4D444F626C6D6B72716A77614D786D705D465F4F4C5451645B66797[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347513F445559424C5A315C5154412A4333323037483F4A5E68565B5970606E6C666164734C776C6F5C455E4E4D4B51635A6579247[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E782332293449565540472E594E513E274030323533453C475C5558636A656E625E6C616B7068734B766B6E5B445D4D4F524F6259647927767[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4F44504C4754585C5048345F5457442D46373135344B424D636B5D5F5F73696B4A756A6D5A435C4D474B4961586379226F742[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A30273249485545442C574C4F3C253E2F2A2D2D433A455C67555B5E3F6A5F624F3851423D403F564D586F7A68786C717154207477644D66575[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354D462C574C4F3C253E2F2B2B31433A455D6356575C5C5A416C6164513A5344404045584F5A7273717A786D2256227679664F6[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352C37504C4757514B4F47345F5457442D4637343A3A4B424D665E705B646571634A756A6D5A435C4D4A504F6158637C7179207[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B36505459574C554F515B345F5457442D46373637384B424D676B706E606F61666B63664D786D705D465F504F5050645B66212[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A35504F5346482F5A4F523F28413233342F463D48635C5D66626A436E6366533C55464748425A515C77707773202371215925797[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3652504C5249555256525C35605558452E47383B38364C434E6A706F5F65635D736F677578684C65706B54207477644D66575[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2A554A2D46513C253E302B332C433A45626756516259655F5F436E63465F6A553E5749444C445C535E7B21747C7821745A267[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4B524B4445494B49485450585952535F513863585B48314A3C3B363D4F46516F6B6E6D63776D687666507B707360496254534E54675[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); Line Deleted : user_pref("CT3072253.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352C37565949484E4F51525C4E4C55535B54605A5A3E695E614E37503B3D41544B567575656D7367796D6D7C55217578654E675[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E3128335351565551575A4F584C5E335E5356432C4534383649404B6B59566C686B46716669563F58474B485C535E7E6C6956227679664F6[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C484A2C574C2F48533E27403233433A45665B68505C5E406B6E4F38514343544B56776C79616D6F517C71547873634C6557566[...] Line Deleted : user_pref("CT3072253.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C32293423524C5457474A4E50565D4A61515F5D575255643D685D604D364F3D3E3E3D544B5645486A736D696F527D7275624B645253535[...] Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3g>d", "3C6E696E736F706E7A764773782079787C4F254E2253202A5357245658575C5B2E2C292F"); Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3g@6:5;", ""); Line Deleted : user_pref("CT3072253.backendstorage./9b-0?3gfa7ef", "2B2E2C3D"); Line Deleted : user_pref("CT3072253.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D686365533C70766C66755E"); Line Deleted : user_pref("CT3072253.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576"); Line Deleted : user_pref("CT3072253.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F"); Line Deleted : user_pref("CT3072253.backendstorage./9b5ba==9cjag", "3C6E3E696B4172757A4473784573497879204F507C"); Line Deleted : user_pref("CT3072253.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D69726F746E6E7778707778"); Line Deleted : user_pref("CT3072253.backendstorage./9b90e@.3c;7b=?ofb>>rhiqs", "393F352F3E"); Line Deleted : user_pref("CT3072253.backendstorage./9b9643g3/9e", "6A"); Line Deleted : user_pref("CT3072253.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D"); Line Deleted : user_pref("CT3072253.backendstorage./9b<:222h64<", "393F352F3E"); Line Deleted : user_pref("CT3072253.backendstorage./9b<:222h64<l8daj", "6D70706F76746C7975702A7879727A78757E7A"); Line Deleted : user_pref("CT3072253.backendstorage./9b=+03eh8h8j?:", "4443"); Line Deleted : user_pref("CT3072253.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); Line Deleted : user_pref("CT3072253.backendstorage./9b?b0d:8aj62<h", "6D"); Line Deleted : user_pref("CT3072253.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C"); Line Deleted : user_pref("CT3072253.backendstorage.acp_personal.appstate", "656E61626C65"); Line Deleted : user_pref("CT3072253.backendstorage.bt_stats", "7B226C6173745F6C6F67223A313338303430373737392C2275756964223A3639393531353434363038393137362C227365715F6964223A312C22737362223A313338303430373737397D"); Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "5553"); Line Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "536174204D617220333120323031322030393A35333A343220474D542D30373030202850616369666963204461796C696768742054696D6529"); Line Deleted : user_pref("CT3072253.backendstorage.facebbok_user_cuid_100001893110698", "64336161303030312D383135302D356166332D303030302D303030303030303030303030"); Line Deleted : user_pref("CT3072253.backendstorage.facebbok_user_id", "313030303031383933313130363938"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_conduit_social_sskey_100001893110698", "337955435F2D72446B71424B474C304E34465264644436586554382E51324B4F314B366153364569"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_ctid_connect_send_n", "73656E646564"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_first_visit", "6E6F744669727374"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_last_message_choice", "616C6C"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_loggedin", "796573"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_login_refresh", "302E38353339313038383531373330373734"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_login_status", "33"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_lust_recieve", "31313531313137342C31313530383637312C"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_lust_recievegadet", "31313531313137342C31313530383637312C"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_mode", "32"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_toolbar_not_numer", "32"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_user_locale", "656E"); Line Deleted : user_pref("CT3072253.backendstorage.facebook_user_name", "3078303034312C3078303036452C3078303037342C3078303036382C3078303036462C3078303036452C3078303037392C3078303032302C3078303034322C3078303036462C30[...] Line Deleted : user_pref("CT3072253.backendstorage.facebook_user_token", "41414141414D4E753949536742414C626B53425261574A73444942423045466856755A437266645A4365514250575A416B355A4261395243734F6B4D70794F49466E3072714E7[...] Line Deleted : user_pref("CT3072253.backendstorage.facebooknotifications", "31"); Line Deleted : user_pref("CT3072253.backendstorage.last_client_stats_submit_2", "31333830343037373832"); Line Deleted : user_pref("CT3072253.backendstorage.local_cookie_stats_last_submit_6", "31333830343037373936"); Line Deleted : user_pref("CT3072253.backendstorage.local_cookie_stats_stats_site_irrelevant", "31"); Line Deleted : user_pref("CT3072253.backendstorage.local_cookie_throttle_baseadd_stats|0|local_cookie_stats_stats_site_irrelevant", "31333830343037373936"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appsdata", "7B2261707073223A5B7B226964223A225072696365476F6E67222C2275726C223A22687474703A2F2F7072696365676F6E672E636F6E64756974617070732E636F6D2F4D414D2F763[...] Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appsdefaultenabled", "74727565"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_acplus", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_couponbuddy", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_easytobook", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_find-a-pro", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_pricegong", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstate_windowshopper", "6F6E"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_appstatereporttime", "31333830343037373739333730"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_calledsetupservice", "31"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A224143706C7573222C22637269746572696173223A5B7B2263726974657269614964223A2232353939653539352D[...] Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_currentversion", "312E31302E342E30"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_existingusersrecoverydone", "31"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_first_time", "31"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_lastlogintime", "31333830343037373736373831"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_localization", "7B22676164676574436F6E74656E74506F6C696379223A7B2254657874223A22436F6E74656E7420506F6C696379227D2C226761646765744465736372697074696F6E5072696[...] Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_mamenabled", "74727565"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_new_welcome_experience", "31"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A3234302C227374616D70223A2238335F30222C22697354657374223[...] Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_showwelcomegadget", "66616C7365"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_user_approval_interacted", "31"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_userid", "63663236346231632D356661382D343862322D613737372D653961626165303965326534"); Line Deleted : user_pref("CT3072253.backendstorage.mam_gk_welcomedialogmode", "31"); Line Deleted : user_pref("CT3072253.backendstorage.pg_enable", "74727565"); Line Deleted : user_pref("CT3072253.backendstorage.searchappstate", "32"); Line Deleted : user_pref("CT3072253.backendstorage.searchapptracking", "73656E74"); Line Deleted : user_pref("CT3072253.backendstorage.sf_just_installed", "46414C5345"); Line Deleted : user_pref("CT3072253.backendstorage.sf_status", "454E41424C4544"); Line Deleted : user_pref("CT3072253.backendstorage.sf_user_id", "6369645F3238393230313331353336323137343537393638"); Line Deleted : user_pref("CT3072253.backendstorage.url_history0001", "687474703A2F2F7468657069726174656261792E73652F7365617263682F66727569742532306E696E6A612F302F372F303A3A3A636C69636B68616E646C65723A3A3A31333336333[...] Line Deleted : user_pref("CT3072253.components.129573915102477663", false); Line Deleted : user_pref("CT3072253.components.129749445881800338", false); Line Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Sat Sep 28 2013 15:36:10 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true); Line Deleted : user_pref("CT3072253.initDone", true); Line Deleted : user_pref("CT3072253.isAppTrackingManagerOn", false); Line Deleted : user_pref("CT3072253.myStuffEnabled", true); Line Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400); Line Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440); Line Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false); Line Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129805375651312503,129749445881800338,129573915102477663,1000080,1000515,1000,1001,1002,1003,1004,1005,[...] Line Deleted : user_pref("CT3072253.revertSettingsEnabled", false); Line Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10); Line Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true); Line Deleted : user_pref("CT3072253.testingCtid", ""); Line Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Sat Sep 28 2013 15:36:08 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Sat Sep 28 2013 15:36:08 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CT3072253.usagesFlag", 2); Line Deleted : user_pref("CT3292715.FF19Solved", "true"); Line Deleted : user_pref("CT3292715.UserID", "UN31068481962023119"); Line Deleted : user_pref("CT3292715.browser.search.defaultthis.engineName", "true"); Line Deleted : user_pref("CT3292715.fullUserID", "UN31068481962023119.IN.20131222082255"); Line Deleted : user_pref("CT3292715.installDate", "22/12/2013 08:23:17"); Line Deleted : user_pref("CT3292715.installSessionId", "{F8EBE406-8E86-4E7C-8627-5F73C6F79281}"); Line Deleted : user_pref("CT3292715.installSp", "TRUE"); Line Deleted : user_pref("CT3292715.installerVersion", "1.8.1.4"); Line Deleted : user_pref("CT3292715.keyword", "true"); Line Deleted : user_pref("CT3292715.originalSearchEngine", "Ask.com"); Line Deleted : user_pref("CT3292715.originalSearchEngineName", "Ask.com"); Line Deleted : user_pref("CT3292715.searchRevert", "true"); Line Deleted : user_pref("CT3292715.searchUninstallUserMode", "2"); Line Deleted : user_pref("CT3292715.searchUserMode", "2"); Line Deleted : user_pref("CT3292715.smartbar.homepage", "true"); Line Deleted : user_pref("CT3292715.toolbarInstallDate", "22-12-2013 08:22:59"); Line Deleted : user_pref("CT3292715.versionFromInstaller", "10.23.0.722"); Line Deleted : user_pref("CT3292715.xpeMode", "0"); Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.14.1.0"); Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3072253"); Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3072253"); Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253"); Line Deleted : user_pref("CommunityToolbar.globalUserId", "ffb45019-76a7-478b-b789-8586c8ed5c0b"); Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253"); Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Sep 28 2013 15:36:11 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Sep 28 2013 15:36:18 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Sep 28 2013 15:36:10 GMT-0700 (Pacific Daylight Time)"); Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Line Deleted : user_pref("CommunityToolbar.notifications.userId", "0d02c0ee-e521-4358-abe0-634f0b072926"); Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)"); Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Line Deleted : user_pref("browser.search.defaultengine", "Ask.com"); Line Deleted : user_pref("browser.search.defaultenginename", "SearchFlyBar2 Customized Web Search"); Line Deleted : user_pref("browser.search.defaultthis.engineName", "SearchFlyBar2 Customized Web Search"); Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("browser.search.selectedEngine", "SearchFlyBar2 Customized Web Search"); Line Deleted : user_pref("extensions.BabylonToolbar.admin", false); Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Line Deleted : user_pref("extensions.BabylonToolbar.babExt", ""); Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=114066&tt=010812_906_cln_3112_1"); Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 2); Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "US"); Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true); Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false); Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "782FE553E36EF175255FB6C11D2B13C7"); Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", true); Line Deleted : user_pref("extensions.BabylonToolbar.id", "a230e07b000000000000000c55f8df91"); Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15555"); Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 2); Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.29.119:51:02"); Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "12.0"); Line Deleted : user_pref("extensions.BabylonToolbar.newTab", false); Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 82524065); Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1); Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true); Line Deleted : user_pref("extensions.BabylonToolbar.sg", "azb"); Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1"); Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.29.119:51:02"); Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1"); Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114066&tt=010812_906_cln_3112_1"); Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "a230e07b000000000000001cdfa12a8a"); Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "a230e07b000000000000001cdfa12a8a"); Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15428"); Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false); Line Deleted : user_pref("extensions.BabylonToolbar_i.ovrDmn", "isearch.babylon.com"); Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.119:51:02"); Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Line Deleted : user_pref("extensions.enabledAddons", "{33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1,OneClickDownload@OneClickDownload.com:1.0,plugin@searchgby.com:0.9.60,{687578b9-7132-4a7a-80e4-30ee31099e03}:3.14.1.0,[...] Line Deleted : user_pref("extensions.enabledItems", "{52EF0988-5232-4465-86E7-6434B5891030}:1.0,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{CAFEEFAC-0016-0000-0022-AB[...] Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl"); Line Deleted : user_pref("extensions.incredibar_i.dfltLng", ""); Line Deleted : user_pref("extensions.incredibar_i.did", "10643"); Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false); Line Deleted : user_pref("extensions.incredibar_i.id", "a230e07b000000000000001cdf0e69d5"); Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26"); Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15460"); Line Deleted : user_pref("extensions.incredibar_i.instlRef", ""); Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", ""); Line Deleted : user_pref("extensions.incredibar_i.newTab", false); Line Deleted : user_pref("extensions.incredibar_i.ppd", "453"); Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar"); Line Deleted : user_pref("extensions.incredibar_i.productid", "26"); Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none"); Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base"); Line Deleted : user_pref("extensions.incredibar_i.upn2", "6R8rrNIR91"); Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92824276867108883"); Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1420:05:25"); Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3292715"); Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3292715"); Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3292715"); Line Deleted : user_pref("smartbar.machineId", "3FOXLBTY90TPGGNXEIZF+N9RBYC1L38PVM6ZVI3O0QNOXPIZV4QTDWZJJNEF59PV2CZ9UZ++0RCFPJHVVC/FJW"); -\\ Google Chrome v [ File : C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [63088 octets] - [22/12/2013 14:01:03] AdwCleaner[s0].txt - [63111 octets] - [22/12/2013 14:05:48] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [63172 octets] ########## Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.22.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Anthony :: JDMCIVIC-PC [administrator] Protection: Disabled 12/22/2013 2:25:43 PM mbam-log-2013-12-22 (14-25-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 286640 Time elapsed: 11 minute(s), 50 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) PC is noticeably faster and freezes up way less often. But it is still slow, and sometimes it doesn't want to start up. (i have to mess with it and press "Ctrl+Alt+Del" and start the task manager. That usually get's things going.) Internet work's off and on, and i know it's not the modem, i get perfect connectivity with my other devices. Let me see...., speaking of devices. My HTC One S (t-mobile) used to work with my comp, but now the computer doesn't even know i've plugged anything into it. There are a bunch of programs on my Desktop that i never downloaded. haha, I would love to get a good workday out of this Computer one of these days. lol. I appreciate your help.
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

ComboFix 13-12-21.01 - Anthony 12/22/2013 12:21:57.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1607 [GMT -8:00] Running from: c:\users\Anthony\Desktop\ComboFix.exe AV: System Shield *Enabled/Updated* {C132074B-BF68-2E15-D4FD-E242EED15F18} SP: System Shield *Enabled/Updated* {7A53E6AF-9952-219B-EE4D-D930955615A5} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END c:\program files\Complitly c:\program files\Complitly\chrome\ComplitlyChrome.crx c:\program files\Complitly\FireFoxExtension.exe c:\program files\Complitly\InstTracker.exe c:\program files\Complitly\support@Complitly.com\chrome.manifest c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files\Complitly\support@Complitly.com\chrome\content\options.js c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files\Complitly\support@Complitly.com\install.rdf c:\program files\Complitly\unins000.dat c:\program files\Complitly\unins000.exe c:\program files\FunWebProducts c:\program files\HeadlineAlley_29EI c:\program files\HeadlineAlley_29EI\Installr\1.bin\29EIPlug.dll c:\program files\HeadlineAlley_29EI\Installr\1.bin\29EZSETP.dll c:\program files\HeadlineAlley_29EI\Installr\1.bin\NP29EISb.dll c:\program files\kikin c:\program files\kikin\default_settings.xml c:\program files\kikin\file_list.txt c:\program files\kikin\ie_kikin.dll c:\program files\kikin\KikinBroker.exe c:\program files\kikin\KikinCrashReporter.exe c:\program files\kikin\uninst.exe c:\program files\My.Freeze.com Toolbar\NeTAssistant.dll c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\users\Anthony\AppData\Local\ArcadeFrontier\ArCAdefrontier.dll c:\users\Anthony\AppData\Roaming\alot c:\users\Anthony\AppData\Roaming\kikin c:\users\Anthony\AppData\Roaming\kikin\ie_configuration.xml c:\users\Anthony\AppData\Roaming\kikin\ie_kkes.xml c:\users\Anthony\AppData\Roaming\kikin\ie_settings.xml c:\users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\searchplugins\search.xml c:\users\Anthony\AppData\Roaming\SearchProtect c:\users\Anthony\AppData\Roaming\SearchProtect\bin\ChromeModule.dll c:\users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe c:\users\Anthony\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe c:\users\Anthony\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll c:\users\Anthony\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll c:\users\Anthony\AppData\Roaming\SearchProtect\bin\rep.dat c:\users\Anthony\AppData\Roaming\SearchProtect\bin\SPHook32.dll c:\users\Anthony\AppData\Roaming\SearchProtect\bin\SPHook64.dll c:\users\Anthony\AppData\Roaming\SearchProtect\bin\SPRunner.exe c:\users\Anthony\AppData\Roaming\SearchProtect\bin\SPTool64.exe c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css c:\users\Anthony\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\abstraction.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\application.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\dialogsApi.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib\json2.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.css c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\bubble.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\information.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\main.html c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\main.html c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\settings.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\popupTransparent.xul c:\users\Anthony\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN c:\users\Anthony\AppData\Roaming\vso_ts_preview.xml c:\users\Anthony\Desktop\Setup.exe c:\users\jdmcivic\AppData\Local\._Revolution_ c:\users\jdmcivic\AppData\Roaming\kikin c:\users\jdmcivic\AppData\Roaming\kikin\cr_kkes.xml c:\users\jdmcivic\AppData\Roaming\kikin\ff_configuration.xml c:\users\jdmcivic\AppData\Roaming\kikin\ff_kkes.xml c:\users\jdmcivic\AppData\Roaming\kikin\ff_settings.xml c:\users\jdmcivic\AppData\Roaming\kikin\ie_configuration.xml c:\users\jdmcivic\AppData\Roaming\kikin\ie_kkes.xml c:\users\jdmcivic\AppData\Roaming\kikin\ie_settings.xml c:\users\jdmcivic\Desktop\Setup.exe c:\windows\PFRO.log c:\windows\system32\SET2789.tmp c:\windows\system32\winservice.exe c:\windows\Update.bat c:\windows\wininit.ini . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_SCM_Service . . ((((((((((((((((((((((((( Files Created from 2013-11-22 to 2013-12-22 ))))))))))))))))))))))))))))))) . . 2013-12-22 20:59 . 2013-12-22 20:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-12-22 20:59 . 2013-12-22 20:59 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp 2013-12-22 20:59 . 2013-12-22 20:59 -------- d-----w- c:\users\jdmcivic\AppData\Local\temp 2013-12-22 20:59 . 2013-12-22 20:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-12-22 19:02 . 2013-12-22 19:49 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-12-22 19:02 . 2013-12-22 19:04 104664 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2013-12-22 19:02 . 2013-12-22 19:02 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-12-22 18:11 . 2013-12-22 18:57 -------- d-----w- C:\FRST 2013-12-22 17:31 . 2013-12-22 17:31 -------- d-----w- c:\programdata\Oracle 2013-12-22 17:30 . 2013-12-22 17:30 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-12-22 17:28 . 2013-12-22 17:28 -------- d-----w- c:\programdata\McAfee 2013-12-22 16:25 . 2013-12-22 16:25 -------- d-----w- c:\program files\SearchFlyBar2 2013-12-22 16:25 . 2013-12-22 16:25 -------- d-----w- c:\users\Anthony\AppData\Local\NativeMessaging 2013-12-22 16:24 . 2013-12-22 18:54 -------- d-----w- c:\program files\MyPC Backup 2013-12-22 16:24 . 2013-12-22 16:24 -------- d-----w- c:\users\Anthony\AppData\Roaming\Oberon Media 2013-12-22 16:24 . 2013-12-22 16:24 -------- d-----w- c:\program files\Oberon Media SIDR 2013-12-22 16:24 . 2013-12-22 16:24 -------- d-----w- c:\program files\SearchProtect 2013-12-22 16:24 . 2013-12-22 16:24 -------- d-----w- c:\program files\Common Files\Oberon Media 2013-12-22 16:23 . 2013-12-22 16:24 -------- d-----w- c:\programdata\Oberon Media 2013-12-22 16:22 . 2013-12-22 16:22 -------- d-----w- c:\program files\The Weather Channel 2013-12-22 16:22 . 2013-12-22 16:22 -------- d-----w- c:\program files\OutfoxTV 2013-12-22 16:22 . 2013-12-22 16:22 -------- d-----w- c:\users\Anthony\AppData\Local\The Weather Channel 2013-12-22 16:22 . 2013-12-22 16:22 -------- d-----w- c:\users\Anthony\AppData\Roaming\OpenCandy 2013-12-22 16:21 . 2013-12-22 20:58 -------- d-----w- c:\users\Anthony\AppData\Local\ArcadeFrontier 2013-12-22 14:06 . 2013-12-22 14:06 -------- d-----w- c:\users\Anthony\AppData\Roaming\MPC-HC 2013-12-22 09:42 . 2013-12-01 13:10 218200 ----a-w- c:\windows\system32\unrar.dll 2013-12-22 09:42 . 2013-12-22 09:42 -------- d-----w- c:\program files\K-Lite Codec Pack 2013-12-22 06:21 . 2013-12-22 06:21 -------- d-----w- C:\fastboot 2013-12-22 06:19 . 2013-12-22 06:19 -------- d-----w- c:\program files\DIFX 2013-12-22 05:55 . 2013-12-22 06:01 -------- d-----w- c:\program files\HTC 2013-12-22 05:55 . 2013-12-22 05:55 -------- d-----w- c:\program files\Spirent Communications . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-22 20:01 . 2013-12-22 17:58 31744 ----a-w- c:\windows\system32\drivers\ZDPSp50a64.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 17664 ----a-w- c:\windows\system32\drivers\ZDPSp50.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 15872 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 17976 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 34944 ----a-w- c:\windows\system32\drivers\winusb.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 288768 ----a-w- c:\windows\system32\drivers\wg111v2.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 22072 ----a-w- c:\windows\system32\drivers\wd.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 62464 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 47744 ----a-w- c:\windows\system32\drivers\vserial.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 20608 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 130616 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 15264 ----a-w- c:\windows\system32\drivers\vsb.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 55664 ----a-w- c:\windows\system32\drivers\vmx86.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 52792 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 31280 ----a-w- c:\windows\system32\drivers\vmusb.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 36464 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 25712 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 25584 ----a-w- c:\windows\system32\drivers\VMkbd.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 19568 ----a-w- c:\windows\system32\drivers\vmnet.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 16624 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 98928 ----a-w- c:\windows\system32\drivers\vmci.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 20024 ----a-w- c:\windows\system32\drivers\viaide.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 110080 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 41472 ----a-w- c:\windows\system32\drivers\viac7.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 65536 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak 2013-12-22 20:01 . 2013-12-22 17:58 56888 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak 2013-12-22 20:01 . 2013-12-22 17:58 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 18944 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 226304 ----a-w- c:\windows\system32\drivers\usbport.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 5888 ----a-w- c:\windows\system32\drivers\usbd.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 68608 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak 2013-12-22 20:01 . 2013-12-22 17:58 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 7680 ----a-w- c:\windows\system32\drivers\umpass.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 34816 ----a-w- c:\windows\system32\drivers\umbus.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 115816 ----a-w- c:\windows\system32\drivers\ulsata2.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 98408 ----a-w- c:\windows\system32\drivers\ulsata.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 60984 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak 2013-12-22 20:00 . 2013-12-22 17:58 238648 ----a-w- c:\windows\system32\drivers\uliahci.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 59448 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak 2013-12-22 20:00 . 2013-12-22 17:58 226816 ----a-w- c:\windows\system32\drivers\udfs.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS.bak 2013-12-22 20:00 . 2013-12-22 17:58 72192 ----a-w- c:\windows\system32\drivers\tdx.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 53224 ----a-w- c:\windows\system32\drivers\termdd.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 29184 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 17920 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 20992 ----a-w- c:\windows\system32\drivers\tdi.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 35944 ----a-w- c:\windows\system32\drivers\symc8xx.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 34920 ----a-w- c:\windows\system32\drivers\sym_u3.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 31848 ----a-w- c:\windows\system32\drivers\sym_hi.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 15288 ----a-w- c:\windows\system32\drivers\swenum.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 52992 ----a-w- c:\windows\system32\drivers\stream.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 180672 ----a-w- c:\windows\system32\drivers\ssudmdm.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 122344 ----a-w- c:\windows\system32\drivers\Storport.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 66112 ----a-w- c:\windows\system32\drivers\ssudbus.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 110280 ----a-w- c:\windows\system32\drivers\sscdserd.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 136680 ----a-w- c:\windows\system32\drivers\ssadmdm.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 114152 ----a-w- c:\windows\system32\drivers\ssadserd.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 10344 ----a-w- c:\windows\system32\drivers\ssadwh.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 30312 ----a-w- c:\windows\system32\drivers\ssadadb.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 121192 ----a-w- c:\windows\system32\drivers\ssadbus.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 10472 ----a-w- c:\windows\system32\drivers\ssadcm.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 305152 ----a-w- c:\windows\system32\drivers\srv.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 146432 ----a-w- c:\windows\system32\drivers\srv2.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 684032 ----a-w- c:\windows\system32\drivers\spsys.sys.bak 2013-12-22 20:00 . 2013-12-22 17:58 66560 ----a-w- c:\windows\system32\drivers\smb.sys.bak 2012-05-04 19:03 . 2012-04-28 11:20 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936] "{efc335aa-59ec-45b0-b287-739521153d5b}"= "c:\program files\SearchFlyBar2\prxtbSear.dll" [2013-11-06 226592] . [HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}] . [HKEY_CLASSES_ROOT\clsid\{efc335aa-59ec-45b0-b287-739521153d5b}] . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}] 2011-05-09 08:49 176936 ----a-w- c:\program files\uTorrentControl2\prxtbuTor.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{efc335aa-59ec-45b0-b287-739521153d5b}] 2013-11-06 16:53 226592 ----a-w- c:\program files\SearchFlyBar2\prxtbSear.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936] "{efc335aa-59ec-45b0-b287-739521153d5b}"= "c:\program files\SearchFlyBar2\prxtbSear.dll" [2013-11-06 226592] . [HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}] . [HKEY_CLASSES_ROOT\clsid\{efc335aa-59ec-45b0-b287-739521153d5b}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{687578B9-7132-4A7A-80E4-30EE31099E03}"= "c:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936] "{EFC335AA-59EC-45B0-B287-739521153D5B}"= "c:\program files\SearchFlyBar2\prxtbSear.dll" [2013-11-06 226592] . [HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}] . [HKEY_CLASSES_ROOT\clsid\{efc335aa-59ec-45b0-b287-739521153d5b}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager"="c:\windows\system32\wltray.exe" [2007-06-14 1282048] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2012-06-08 63048] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-03-12 6749512] "tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2013-10-11 2327248] "SearchProtectAll"="c:\program files\SearchProtect\bin\cltmng.exe" [2013-09-22 3470624] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . c:\users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MyPC Backup.lnk - c:\program files\MyPC Backup\MyPC Backup.exe [2013-9-19 1953320] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-10-11 49360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v2 Smart Wizard.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard.lnk backup=c:\windows\pss\NETGEAR WG111v2 Smart Wizard.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1100 Smart Wizard.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk backup=c:\windows\pss\NETGEAR WNA1100 Smart Wizard.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNDA4100 Genie.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA4100 Genie.lnk backup=c:\windows\pss\NETGEAR WNDA4100 Genie.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Anthony^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EarthLink Installer] /C [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-08-31 01:57 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2012-04-17 15:19 3671872 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu] 2008-06-14 02:11 210216 ------w- c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2008-07-23 18:25 6183456 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2008-07-23 18:29 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2013-07-02 17:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2012-05-07 10:04 890224 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] 2007-05-31 16:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiSpywareOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache bthsvcs REG_MULTI_SZ BthServ . Contents of the 'Scheduled Tasks' folder . 2013-12-22 c:\windows\Tasks\ArcadeFrontier.job - c:\users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe [2013-12-11 13:33] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyServer = http=;ftp=;https=; IE: Download with &Media Finder - c:\program files\Media Finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 FF - ProfilePath - c:\users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\ FF - prefs.js: browser.search.selectedEngine - SearchFlyBar2 Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.outfox.tv?referid=180|http://search.conduit.com/?ctid=CT3292715&octid=CT3292715&SearchSource=61&CUI=UN31068481962023119&UM=2&UP=SPF862BDCD-778E-4262-B58A-88D44A632490&SSPV= FF - ExtSQL: !HIDDEN! 2009-09-01 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: extensions.BabylonToolbar_i.id - a230e07b000000000000001cdfa12a8a FF - user.js: extensions.BabylonToolbar_i.hardId - a230e07b000000000000001cdfa12a8a FF - user.js: extensions.BabylonToolbar_i.instlDay - 15428 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.id - a230e07b000000000000001cdf0e69d5 FF - user.js: extensions.incredibar_i.instlDay - 15460 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:05 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8rrNIR91 FF - user.js: extensions.incredibar_i.upn2n - 92824276867108883 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10643 FF - user.js: extensions.incredibar_i.ppd - 453 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=114066&tt=010812_906_cln_3112_1 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.ovrDmn - isearch.babylon.com FF - user.js: extensions.BabylonToolbar.id - a230e07b000000000000000c55f8df91 FF - user.js: extensions.BabylonToolbar.instlDay - 15555 FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1 FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.119:51 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . - - - - ORPHANS REMOVED - - - - . BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll HKCU-Run-SearchProtect - c:\users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe HKLM-Run-eRecoveryService - (no file) SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-Media Finder - c:\program files\Media Finder\MF.exe MSConfigStartUp-Overwolf - c:\program files\Overwolf\Overwolf.exe AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files\kikin\uninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-12-22 13:19 Windows 6.0.6002 Service Pack 2 NTFS . detected NTDLL code modification: ZwClose . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrueSight] "ImagePath"="\??\" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'lsass.exe'(784) c:\windows\system32\guard32.dll . - - - - - - - > 'Explorer.exe'(5852) c:\windows\system32\guard32.dll c:\windows\system32\OneX.DLL . ------------------------ Other Running Processes ------------------------ . c:\program files\Common Files\COMODO\launcher_service.exe c:\windows\system32\nvvsvc.exe c:\program files\COMODO\COMODO Internet Security\cmdagent.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\windows\System32\wltrysvc.exe c:\windows\System32\bcmwltry.exe c:\windows\system32\WLANExt.exe c:\windows\system32\agrsmsvc.exe c:\program files\MyPC Backup\BackupStack.exe c:\program files\SearchProtect\bin\CltMngSvc.exe c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe c:\program files\iolo\Common\Lib\ioloServiceManager.exe c:\program files\LogMeIn\x86\LMIGuardianSvc.exe c:\program files\LogMeIn\x86\RaMaint.exe c:\program files\LogMeIn\x86\LogMeIn.exe c:\program files\OutfoxTV\OutfoxTvService.exe c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe c:\program files\NETGEAR\WNDA4100\Service\RaRegistry.exe c:\program files\RosettaStoneLtdServices\RosettaStoneDaemon.exe c:\program files\VMware\VMware Player\vmware-authd.exe c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe c:\windows\system32\vmnat.exe c:\program files\Windows Firewall Control\wfcs.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\NETGEAR\WNA1100\WifiSvc.exe c:\windows\system32\vmnetdhcp.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\System32\WUDFHost.exe c:\program files\NVIDIA Corporation\Display\nvtray.exe c:\windows\servicing\TrustedInstaller.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2013-12-22 13:27:38 - machine was rebooted ComboFix-quarantined-files.txt 2013-12-22 21:27 . Pre-Run: 166,163,599,360 bytes free Post-Run: 166,790,090,752 bytes free . - - End Of File - - D227CBCD64883A9DED41A25BC013B094 8C9F9E03865C35F0F3829A23CDA42F5D ComboFix.txt
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Anthony [Admin rights] Mode : Scan -- Date : 12/22/2013 12:01:16 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] cltmng.exe -- C:\Users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 4 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : SearchProtect (C:\Users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe [7]) -> FOUND [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=;ftp=;hxxps=; [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 3 ¤¤¤ [V1][sUSP PATH] ArcadeFrontier.job : C:\Users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe [7] -> FOUND [V2][sUSP PATH] ArcadeFrontier : C:\Users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe [7] -> FOUND [V2][sUSP PATH] OpenCandyHelperRunOnce : RunDll32.exe - "C:\Users\Anthony\AppData\Roaming\OpenCandy\FDC9EF2A0B16472BA1AA1976C6D224E5\OCBrowserHelper_1.0.3.85.dll",_OCRestartDll@16 [x][x][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0xc0000033] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST332081 3AS SCSI Disk Device +++++ --- User --- [MBR] 7c62f2a288d62a2c5dfe4f7edaf6f17c [bSP] d89474759e1c94dcaf25da340284b493 : Acer MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 295003 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Incorrect function. ) +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic Flash Disk USB Device +++++ --- User --- [MBR] 3e9e26911753fb661aa60015311871f8 [bSP] 190fcf2c94255f75694d1d95d48624a3 : Empty MBR Code Partition table: 0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 64 | Size: 3839 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x32] The request is not supported. ) Finished : << RKreport[0]_S_12222013_120116.txt >> RKreport[0]_S_12222013_095915.txt
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-12-2013 01 Ran by Anthony at 2013-12-22 10:50:11 Run:1 Running from C:\Users\Anthony\Desktop\farbar recovery Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [Google Update*] - [x] U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\ \...\???\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" C:\Users\Anthony\AppData\Local\Google\Desktop\Install C:\Program Files\Google\Desktop\Install DeleteJunctionsIndirectory: C:\Program Files\Windows Defender ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully. *etadpug => Service deleted successfully. "C:\Users\Anthony\AppData\Local\Google\Desktop\Install" directory move: Could not move "C:\Users\Anthony\AppData\Local\Google\Desktop\Install" directory. => Scheduled to move on reboot. "C:\Program Files\Google\Desktop\Install" directory move: Could not move "C:\Program Files\Google\Desktop\Install" directory. => Scheduled to move on reboot. "C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started. "C:\Program Files\Windows Defender\en-US" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpRtMon.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpRtPlug.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpSigDwn.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpSoftEx.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done. "C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed. => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-22 10:57:43)<= C:\Users\Anthony\AppData\Local\Google\Desktop\Install => Is moved successfully. C:\Program Files\Google\Desktop\Install => Is moved successfully. ==== End of Fixlog ==== mbar-log-2013-12-22 (11-04-18).txt system-log.txt
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

C:\Windows\system32\Drivers\secdrv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020024 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00019568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnet.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017664 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\ZDPSp50.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00016624 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetadapter.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015264 _____ C:\Windows\system32\Drivers\vsb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00014920 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdfl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00013408 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\radpms.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012776 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012616 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcmnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012616 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012488 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwhnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012488 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwh.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010472 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010472 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010344 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010344 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00638328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00491816 _____ (COMODO) C:\Windows\system32\Drivers\cmdGuard.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00386616 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00342584 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00242240 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00235064 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00118784 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00094776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00089656 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00082400 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00071272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\djsvs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00061496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00049720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00041576 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00040504 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00039272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00038616 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteraid.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteatapi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035064 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\CFRMD.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00033384 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\Mraid35x.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00032496 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00031288 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00030264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00028728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00026248 _____ (EldoS Corporation) C:\Windows\system32\Drivers\ElRawDsk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00024832 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbmodem.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00024632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00023040 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\htcnprot.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020384 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\jswpslwf.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019968 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbgps.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019968 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbdiag.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019600 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019000 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00017952 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15_64.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015464 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015400 _____ C:\Windows\system32\Drivers\hmd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015392 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00013056 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbbus.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak 2013-12-22 09:57 - 2013-12-22 09:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 01384448 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athur.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 01204128 _____ (Agere Systems) C:\Windows\system32\Drivers\AGRSM.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00508416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00422968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00300600 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00238072 _____ C:\Windows\system32\Drivers\bcmusbdhdlh.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00149560 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00101432 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00079928 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00079416 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00071808 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00062336 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00056376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00053376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00053248 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerIf.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00033664 _____ (CACE Technologies) C:\Windows\system32\Drivers\bcmwlnpf.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00029184 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\BRGSp50a64.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00020608 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\BRGSp50.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017992 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017464 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00013568 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00012160 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00011904 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00005248 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak 2013-12-22 09:53 - 2013-12-22 09:53 - 03770368 _____ C:\Users\Anthony\Desktop\RogueKiller.exe 2013-12-22 09:34 - 2012-05-07 03:55 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-627868057-3445255397-3797218724-1001UA.job 2013-12-22 09:31 - 2013-12-22 09:31 - 00000000 ____D C:\ProgramData\Oracle 2013-12-22 09:31 - 2008-10-29 18:34 - 00000000 ____D C:\Program Files\Common Files\Java 2013-12-22 09:30 - 2013-12-22 09:31 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-12-22 09:30 - 2013-12-22 09:30 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-12-22 09:30 - 2013-12-22 09:30 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-12-22 09:30 - 2013-12-22 09:30 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2013-12-22 09:30 - 2008-10-29 18:34 - 00000000 ____D C:\Program Files\Java 2013-12-22 09:28 - 2013-12-22 09:28 - 00915368 _____ (Oracle Corporation) C:\Users\Anthony\Desktop\chromeinstall-7u45.exe 2013-12-22 09:28 - 2013-12-22 09:28 - 00000000 ____D C:\ProgramData\McAfee 2013-12-22 08:50 - 2013-12-22 08:25 - 00000000 ____D C:\Users\Anthony\Documents\Deer Drive 2013-12-22 08:33 - 2006-11-02 04:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-22 08:33 - 2006-11-02 04:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-22 08:29 - 2013-09-20 00:36 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\SearchProtect 2013-12-22 08:26 - 2013-09-20 00:34 - 00000009 _____ C:\END 2013-12-22 08:25 - 2013-12-22 08:25 - 00000000 ____D C:\Users\Anthony\AppData\Local\NativeMessaging 2013-12-22 08:25 - 2013-12-22 08:25 - 00000000 ____D C:\Program Files\SearchFlyBar2 2013-12-22 08:25 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\MyPC Backup 2013-12-22 08:25 - 2013-09-20 00:38 - 00000000 ____D C:\ProgramData\Conduit 2013-12-22 08:25 - 2013-09-20 00:37 - 00000000 ____D C:\Users\Anthony\AppData\Local\CRE 2013-12-22 08:25 - 2012-03-28 23:09 - 00000000 ____D C:\Users\Anthony\AppData\Local\Conduit 2013-12-22 08:25 - 2012-03-28 23:09 - 00000000 ____D C:\Program Files\Conduit 2013-12-22 08:24 - 2013-12-22 08:24 - 00002177 _____ C:\Users\Anthony\Desktop\Deer Drive.lnk 2013-12-22 08:24 - 2013-12-22 08:24 - 00001172 _____ C:\Users\Anthony\Desktop\Games of the Month.lnk 2013-12-22 08:24 - 2013-12-22 08:24 - 00000886 _____ C:\Users\Anthony\Desktop\MyPC Backup.lnk 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Oberon Media 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\SearchProtect 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\Oberon Media SIDR 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\Common Files\Oberon Media 2013-12-22 08:24 - 2013-12-22 08:23 - 00000000 ____D C:\ProgramData\Oberon Media 2013-12-22 08:24 - 2009-11-18 13:44 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-12-22 08:22 - 2013-12-22 08:22 - 00001103 _____ C:\Users\Public\Desktop\The Weather Channel App.lnk 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\OpenCandy 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutfoxTV 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Users\Anthony\AppData\Local\The Weather Channel 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Program Files\The Weather Channel 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Program Files\OutfoxTV 2013-12-22 08:21 - 2013-12-22 08:21 - 01204160 _____ (ArcadeFrontier) C:\Users\Anthony\Desktop\ArcadeFrontierGames (1).exe 2013-12-22 08:21 - 2013-12-22 08:21 - 00000276 _____ C:\Windows\Tasks\ArcadeFrontier.job 2013-12-22 08:21 - 2013-12-22 08:21 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeFrontier 2013-12-22 08:21 - 2013-12-22 08:21 - 00000000 ____D C:\Users\Anthony\AppData\Local\ArcadeFrontier 2013-12-22 08:20 - 2013-12-22 08:20 - 01204160 _____ (ArcadeFrontier) C:\Users\Anthony\Desktop\ArcadeFrontierGames.exe 2013-12-22 06:21 - 2013-12-22 05:11 - 00408576 _____ C:\Users\Anthony\Desktop\Homeless Vet's testomonial's and footage.MSWMM 2013-12-22 06:13 - 2013-12-22 06:13 - 01210295 _____ C:\Users\Anthony\Desktop\pro_vpa.wmv 2013-12-22 06:06 - 2013-12-22 06:06 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\MPC-HC 2013-12-22 05:35 - 2013-12-22 05:35 - 118031598 _____ C:\Users\Anthony\Desktop\pro vpa.mp4 2013-12-22 05:09 - 2012-04-07 13:45 - 00000000 ____D C:\Users\Anthony\Desktop\Download 2013-12-22 03:32 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\tracing 2013-12-22 02:22 - 2013-12-22 02:17 - 157072998 _____ C:\Users\Anthony\Desktop\wheels.mp4 2013-12-22 01:46 - 2013-12-22 01:44 - 69412446 _____ C:\Users\Anthony\Desktop\vet 3.mp4 2013-12-22 01:43 - 2013-12-22 01:26 - 90970232 _____ C:\Users\Anthony\Desktop\vet 2.mp4 2013-12-22 01:43 - 2013-12-22 01:26 - 331754551 _____ C:\Users\Anthony\Desktop\vet 1.mp4 2013-12-22 01:42 - 2013-12-22 01:42 - 00000000 ____D C:\Program Files\K-Lite Codec Pack 2013-12-22 01:38 - 2013-12-22 01:38 - 27145161 _____ ( ) C:\Users\Anthony\Desktop\K-Lite_Codec_Pack_1020_Full.exe 2013-12-22 00:40 - 2006-11-02 02:33 - 00761008 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-22 00:33 - 2012-03-31 13:53 - 00000000 ____D C:\ProgramData\VMware 2013-12-22 00:33 - 2009-02-16 10:12 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml 2013-12-22 00:33 - 2006-11-02 05:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-22 00:32 - 2012-07-28 13:17 - 00000000 ____D C:\ProgramData\LogMeIn 2013-12-22 00:32 - 2012-07-16 09:10 - 00000012 _____ C:\Windows\bthservsdp.dat 2013-12-22 00:32 - 2012-03-28 23:07 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\uTorrent 2013-12-22 00:32 - 2006-11-02 05:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-22 00:16 - 2013-12-22 00:16 - 00008962 _____ C:\Users\Anthony\Desktop\attach.txt 2013-12-22 00:14 - 2013-12-22 00:16 - 00023039 _____ C:\Users\Anthony\Desktop\dds.txt 2013-12-22 00:10 - 2013-12-22 00:10 - 00688992 ____R (Swearware) C:\Users\Anthony\Desktop\dds.com 2013-12-21 22:47 - 2013-09-12 09:37 - 00092796 _____ C:\Windows\DPINST.LOG 2013-12-21 22:47 - 2012-03-28 20:28 - 00000000 ____D C:\Users\Anthony 2013-12-21 22:36 - 2013-10-09 10:56 - 00002650 _____ C:\Windows\setupact.log 2013-12-21 22:19 - 2013-12-21 22:19 - 00000000 ____D C:\Program Files\DIFX 2013-12-21 22:19 - 2013-09-13 16:52 - 00000000 ____D C:\Users\Anthony\Desktop\New Folder (2) 2013-12-21 22:01 - 2013-12-21 21:55 - 00000000 ____D C:\Program Files\HTC 2013-12-21 21:55 - 2013-12-21 21:55 - 00000000 ____D C:\Program Files\Spirent Communications 2013-12-21 19:34 - 2012-05-07 03:55 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-627868057-3445255397-3797218724-1001Core.job 2013-12-21 19:12 - 2013-09-12 09:59 - 00000000 ____D C:\Users\Anthony\.android 2013-12-21 19:06 - 2013-12-21 19:06 - 00000000 _____ C:\Users\Anthony\adb 2013-12-21 08:46 - 2012-03-28 21:53 - 00033280 _____ C:\Users\Anthony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-12-21 03:49 - 2013-12-21 03:49 - 00084992 _____ C:\Users\Anthony\Desktop\vpa movie.MSWMM 2013-12-17 17:56 - 2008-01-20 18:47 - 00465414 _____ C:\Windows\PFRO.log 2013-12-16 19:52 - 2012-03-31 14:06 - 00000000 ____D C:\Users\Anthony\AppData\Local\VMware 2013-12-16 19:37 - 2012-03-31 14:06 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\VMware 2013-12-13 20:53 - 2012-07-28 13:17 - 00000000 ____D C:\Program Files\LogMeIn 2013-12-13 20:51 - 2012-07-28 13:18 - 00086888 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll 2013-12-13 20:51 - 2012-07-28 13:18 - 00031560 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll 2013-12-13 20:51 - 2012-07-28 13:17 - 00085832 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll 2013-12-12 15:30 - 2013-12-12 15:30 - 00000000 ____D C:\Users\Anthony\AppData\Local\{4969D70B-F934-49E2-84EF-6B4C6BE20E29} 2013-12-12 15:30 - 2013-12-12 15:30 - 00000000 ____D C:\Users\Anthony\AppData\Local\{25C20B72-48A9-4727-94FB-DAA36F8E1A57} 2013-12-09 20:47 - 2013-12-09 20:47 - 00160048 _____ C:\Windows\Minidump\Mini120913-01.dmp 2013-12-09 20:47 - 2009-03-31 11:13 - 00000000 ____D C:\Windows\Minidump 2013-12-09 20:46 - 2013-10-08 14:12 - 248843134 _____ C:\Windows\MEMORY.DMP 2013-12-01 05:10 - 2013-12-22 01:42 - 00218200 _____ C:\Windows\system32\unrar.dll ZeroAccess: C:\Users\Anthony\AppData\Local\Google\Desktop\Install ZeroAccess: C:\Program Files\Google\Desktop\Install Files to move or delete: ==================== C:\ProgramData\C__Users_Anthony_AppData_Local_Temp_wz640f_SuperHideIP.exe Some content of TEMP: ==================== C:\Users\Anthony\AppData\Local\Temp\BackupSetup.exe C:\Users\Anthony\AppData\Local\Temp\deerdrive-111448437-setup.s111448437.c110268333.len.u.dl.exe C:\Users\Anthony\AppData\Local\Temp\InstallFlashPlayer.exe C:\Users\Anthony\AppData\Local\Temp\mconduitinstaller.exe C:\Users\Anthony\AppData\Local\Temp\nse4F91.exe C:\Users\Anthony\AppData\Local\Temp\nskCB65.exe C:\Users\Anthony\AppData\Local\Temp\nsoCF3E.exe C:\Users\Anthony\AppData\Local\Temp\nsp6833.exe C:\Users\Anthony\AppData\Local\Temp\nst1CCE.exe C:\Users\Anthony\AppData\Local\Temp\nszE0CB.exe C:\Users\Anthony\AppData\Local\Temp\ntdll_dump.dll C:\Users\Anthony\AppData\Local\Temp\SPStub.exe C:\Users\Anthony\AppData\Local\Temp\The_Weather_Channel_Application.exe C:\Users\Anthony\AppData\Local\Temp\utt4AF5.tmp.exe C:\Users\Anthony\AppData\Local\Temp\vcredist_x86.exe C:\Users\jdmcivic\AppData\Local\Temp\atl80.dll C:\Users\jdmcivic\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\jdmcivic\AppData\Local\Temp\FlashPlayerUpdate01.exe C:\Users\jdmcivic\AppData\Local\Temp\FlashPlayerUpdate02.exe C:\Users\jdmcivic\AppData\Local\Temp\fr_tbuhh.dll C:\Users\jdmcivic\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe C:\Users\jdmcivic\AppData\Local\Temp\jre-6u19-windows-i586-iftw-rv.exe C:\Users\jdmcivic\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe C:\Users\jdmcivic\AppData\Local\Temp\libexpat.dll C:\Users\jdmcivic\AppData\Local\Temp\mfc80.dll C:\Users\jdmcivic\AppData\Local\Temp\mfc80u.dll C:\Users\jdmcivic\AppData\Local\Temp\mfcm80.dll C:\Users\jdmcivic\AppData\Local\Temp\mfcm80u.dll C:\Users\jdmcivic\AppData\Local\Temp\msvcm80.dll C:\Users\jdmcivic\AppData\Local\Temp\msvcp80.dll C:\Users\jdmcivic\AppData\Local\Temp\msvcr80.dll C:\Users\jdmcivic\AppData\Local\Temp\nlsdl.dll C:\Users\jdmcivic\AppData\Local\Temp\setup.exe C:\Users\jdmcivic\AppData\Local\Temp\tmdbg32.dll C:\Users\jdmcivic\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender LastRegBack: 2013-12-22 00:39 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-12-2013 01 Ran by Anthony at 2013-12-22 10:13:40 Running from C:\Users\Anthony\Desktop\farbar recovery Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: System Shield (Enabled - Up to date) {C132074B-BF68-2E15-D4FD-E242EED15F18} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: System Shield (Enabled - Up to date) {7A53E6AF-9952-219B-EE4D-D930955615A5} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) µTorrent (HKCU Version: 3.4.0.30331) µTorrent (Version: 3.1.3) 1ClickDownloader (Version: 2.7 Build 26473) <==== ATTENTION Adobe AIR (Version: 2.5.1.17730) Adobe Flash Player 10 Plugin (Version: 10.2.152.32) Adobe Flash Player 11 ActiveX (Version: 11.8.800.175) Adobe Reader 8.3.1 (Version: 8.3.1) ArcadeFrontier AVI to DVD Converter (Version: 3.0.26.0314) Belkin 54Mbps Wireless Network Adapter (Version: 1.00.01) Cheat Engine 6.1 Cisco EAP-FAST Module (Version: 2.2.14) Cisco LEAP Module (Version: 1.0.19) Cisco PEAP Module (Version: 1.1.6) Comodo Dragon (Version: 15.0) COMODO Internet Security (Version: 5.10.31649.2253) Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000) Complitly ConvertXtoDVD 4.1.10.348 (Version: 4.1.10.348) CyberLink LabelPrint (Version: 2.0.3111) CyberLink Power2Go (Version: 6.0.2115) D3DX10 (Version: 15.4.2368.0902) DAEMON Tools Lite (Version: 4.45.4.0315) Deer Drive Diablo II Digital Media Reader (Version: 2.01.03.01) DirectCOM (Version: 1.1.5) Dynex Enhanced Wireless G USB Network Adapter Setup (Version: 2.20) Dynex Wireless G USB Network Adapter Setup (Version: 2.20) eMachines Games (Version: 1.0.0.71) eMachines Recovery Management (Version: 3.1.3003) Expert PDF 7 Reader (Version: 7.0.1370.0) FlvPlayer (Version: ${VERSION}) FrostWire 4.21.3 (Version: 4.21.3.0) Fruit Ninja 2 ìîçùá áòáøéú - www.Fruit-Ninja.co.cc - àìîåâ äìì version 2 (Version: 2) GearDrvs (Version: 1.00.0000) GearDrvs (Version: 5.0.0.2) GeekBuddy (Version: 4.9.73) Google Chrome (HKCU Version: 30.0.1599.69) HTC BMP USB Driver (Version: 1.0.5375) HTC Driver Installer (Version: 4.2.0.001) Hunting Unlimited 2010 iolo technologies' System Mechanic Professional (Version: 11.7.0) IPTInstaller (Version: 4.0.8) Java 7 Update 45 (Version: 7.0.450) Java Auto Updater (Version: 2.1.9.8) Java 6 Update 22 (Version: 6.0.220) Java 6 Update 5 (Version: 1.6.0.50) JavaFX 2.1.1 (Version: 2.1.1) Junk Mail filter update (Version: 15.4.3502.0922) kikin plugin 2.8 (Version: 2.8) K-Lite Codec Pack 10.2.0 Full (Version: 10.2.0) LG USB Modem driver LogMeIn (Version: 4.1.2504) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Mesh Runtime (Version: 15.4.5722.2) Messenger Companion (Version: 15.4.3502.0922) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Suite Activation Assistant (Version: 2.9) Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Works (Version: 9.7.0621) Mozilla Firefox 12.0 (x86 en-GB) (Version: 12.0) Mozilla Maintenance Service (Version: 12.0) MSVCRT (Version: 15.4.2862.0708) My.Freeze.com Toolbar (Version: 3.6.0) MyPC Backup (Version: ) <==== ATTENTION NETGEAR WNA1100 wireless USB 2.0 adapter (Version: 1.0.0.133) NETGEAR WNDA4100 (Version: 1.2.0.10) NETGEAR WNDA4100 Genie (Version: 1.2.0.10) NVIDIA Control Panel 307.83 (Version: 307.83) NVIDIA Display Control Panel (Version: 6.14.11.9675) NVIDIA Drivers (Version: 1.10.57.35) NVIDIA Graphics Driver 307.83 (Version: 307.83) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA Update 1.10.8 (Version: 1.10.8) NVIDIA Update Components (Version: 1.10.8) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0) OutfoxTV PowerISO (Version: 4.7) PVSonyDll (Version: 1.00.0001) QPST RarZilla Free Unrar (Version: 4.80) Realtek High Definition Audio Driver (Version: 6.0.1.5643) Rosetta Stone Ltd Services (Version: 3.2.17) Rosetta Stone TOTALe (Version: 4.1.1) Rosetta Stone TOTALe (Version: 4.1.15.1) SAMSUNG USB Driver for Mobile Phones (Version: 1.3.1900.0) Search Protect by conduit (Version: 1.7.0.72) <==== ATTENTION SearchFlyBar2 Toolbar for IE (Version: 6.17.2.8) Segoe UI (Version: 15.4.2271.0615) Skype Toolbars (Version: 1.0.4051) Skype™ 5.10 (Version: 5.10.116) Super Hide IP (Version: 3.1.7.6) System Requirements Lab CYRI (Version: 4.5.1.0) The Weather Channel App tools-linux (Version: 8.8.2.591240) Unity Web Player (Version: 2.5.5b4_50) UnRAR for Windows Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) uTorrent Turbo Accelerator (Version: 2.2.0.0) uTorrentControl2 Toolbar (Version: 6.8.5.1) <==== ATTENTION Ventrilo Client (Version: 3.0.5) Video Strip Poker VideoLAN VLC media player 0.8.6d (Version: 0.8.6d) VmciSockets (Version: 9.1.54.1) VMware Player (Version: 4.0.2.28060) Windows Driver Package - HTC, Corporation (HTCAND32) USB (11/01/2013 2.0.0007.00023) (Version: 11/01/2013 2.0.0007.00023) Windows Live Communications Platform (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3502.0922) Windows Live Essentials (Version: 15.4.3508.1109) Windows Live Family Safety (Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (Version: 15.4.3502.0922) Windows Live Mail (Version: 15.4.3502.0922) Windows Live Mesh (Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2) Windows Live Messenger (Version: 15.4.3502.0922) Windows Live Messenger Companion Core (Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (Version: 15.4.3502.0922) Windows Live Photo Common (Version: 15.4.3502.0922) Windows Live Photo Gallery (Version: 15.4.3502.0922) Windows Live PIMT Platform (Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (Version: 15.4.3502.0922) Windows Live SOXE Definitions (Version: 15.4.3502.0922) Windows Live UX Platform (Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (Version: 15.4.3508.1109) Windows Live Writer (Version: 15.4.3502.0922) Windows Live Writer Resources (Version: 15.4.3502.0922) Windows Mobile Device Center (Version: 6.1.6965.0) WinZip 15.0 (Version: 15.0.9302) ==================== Restore Points ========================= 30-11-2013 08:00:01 Scheduled Checkpoint 01-12-2013 15:33:03 Scheduled Checkpoint 03-12-2013 15:56:54 Scheduled Checkpoint 04-12-2013 07:35:28 Scheduled Checkpoint 05-12-2013 08:03:29 Scheduled Checkpoint 06-12-2013 07:17:53 Scheduled Checkpoint 07-12-2013 09:21:16 Scheduled Checkpoint 08-12-2013 23:28:25 Scheduled Checkpoint 11-12-2013 04:35:48 Scheduled Checkpoint 12-12-2013 13:09:22 Scheduled Checkpoint 13-12-2013 08:00:35 Scheduled Checkpoint 14-12-2013 08:00:04 Scheduled Checkpoint 15-12-2013 08:26:21 Scheduled Checkpoint 18-12-2013 05:08:06 Scheduled Checkpoint 19-12-2013 08:00:03 Scheduled Checkpoint 20-12-2013 08:29:02 Scheduled Checkpoint 21-12-2013 19:57:18 Scheduled Checkpoint 22-12-2013 05:54:02 Installed HTC Driver Installer. 22-12-2013 05:56:55 Device Driver Package Install: HTC Network Protocol 22-12-2013 05:57:02 Device Driver Package Install: HTC Corporation Network adapters 22-12-2013 05:59:27 Device Driver Package Install: HTC Corporation Portable Devices 22-12-2013 06:01:08 Installed HTC BMP USB Driver. 22-12-2013 06:08:13 Device Driver Package Install: HTC, Corporation 22-12-2013 06:08:42 Device Driver Package Install: HTC Corporation Network adapters 22-12-2013 06:09:47 Device Driver Package Install: HTC Corporation Portable Devices 22-12-2013 06:19:17 Device Driver Package Install: HTC, Corporation 22-12-2013 06:40:43 Device Driver Package Install: HTC, Corporation Android USB Devices 22-12-2013 06:44:58 Device Driver Package Install: HTC, Corporation 22-12-2013 06:45:14 Device Driver Package Install: HTC Corporation Network adapters 22-12-2013 06:46:12 Device Driver Package Install: HTC Corporation Portable Devices 22-12-2013 17:29:11 Installed Java 7 Update 45 22-12-2013 17:59:55 before virus removal ==================== Hosts content: ========================== 2006-11-02 02:23 - 2006-09-18 13:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {2BAD4037-7FF9-4529-963F-F357D9A13469} - System32\Tasks\RunOW => C:\Program Files\Overwolf\Overwolf.exe Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {34DBEADF-6DEC-4BF2-B1CE-1C75709CC271} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-627868057-3445255397-3797218724-1001Core => C:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-20] (Microsoft Corporation) Task: {6D7ECD59-D332-4E02-AB14-120FB93248AE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-627868057-3445255397-3797218724-1001UA => C:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe Task: {8A27259B-E6AD-4129-A4E2-66B6A2DE6D62} - System32\Tasks\{8D95B456-7D52-42A0-B8BE-6DA6ACD1C40E} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.) Task: {963FFB9A-1E47-41DA-94DD-E67650AD092D} - System32\Tasks\ArcadeFrontier => C:\Users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe [2013-12-11] () Task: {999A567B-DA9A-4682-9137-54C39F9577B6} - System32\Tasks\OpenCandyHelperRunOnce => Rundll32.exe "C:\Users\Anthony\AppData\Roaming\OpenCandy\FDC9EF2A0B16472BA1AA1976C6D224E5\OCBrowserHelper_1.0.3.85.dll",_OCRestartDll@16 Task: {D658D8D7-B874-4C46-B16C-8CB49241C3FD} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-20] () Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-20] () Task: C:\Windows\Tasks\ArcadeFrontier.job => C:\Users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-627868057-3445255397-3797218724-1001Core.job => C:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-627868057-3445255397-3797218724-1001UA.job => C:\Users\Anthony\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-03 14:43 - 2013-10-02 22:03 - 04055504 _____ () C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll 2013-10-03 14:43 - 2013-10-02 22:03 - 00415184 _____ () C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll 2013-10-03 14:43 - 2013-10-02 22:02 - 01604560 _____ () C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll 2013-10-03 14:43 - 2013-10-02 22:02 - 00698832 _____ () C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll 2013-10-03 14:43 - 2013-10-02 22:02 - 00099792 _____ () C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll 2012-05-04 18:29 - 2012-05-04 18:29 - 00015760 _____ () C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:F2721624 AlternateDataStreams: C:\Users\Anthony\Desktop\One Direction- Red Nose (Charity Song) - Emotional Tribute.mp3:TOC.WMV AlternateDataStreams: C:\Users\Anthony\Desktop\vet 1.mp4:TOC.WMV AlternateDataStreams: C:\Users\Anthony\Desktop\vet 2.mp4:TOC.WMV AlternateDataStreams: C:\Users\Anthony\Desktop\vet 3.mp4:TOC.WMV AlternateDataStreams: C:\Users\Anthony\Desktop\wheels.mp4:TOC.WMV ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/22/2013 09:09:55 AM) (Source: Application Hang) (User: ) Description: The program TWCApp.exe version 7.6.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 16b0 Start Time: 01ceff3219680c56 Termination Time: 67 Error: (12/22/2013 08:25:47 AM) (Source: CltMngSvc) (User: ) Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056) Error: (12/22/2013 08:25:14 AM) (Source: CltMngSvc) (User: ) Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056) Error: (12/22/2013 02:54:49 AM) (Source: Application Error) (User: ) Description: Faulting application MOVIEMK.exe, version 6.0.6002.18273, time stamp 0x4c1a4a61, faulting module ffmpeg.dll, version 0.0.0.0, time stamp 0x52af79f0, exception code 0x40000015, fault offset 0x00027d0f, process id 0x958, application start time 0xMOVIEMK.exe0. Error: (12/22/2013 02:22:49 AM) (Source: Application Error) (User: ) Description: Faulting application MOVIEMK.exe, version 6.0.6002.18273, time stamp 0x4c1a4a61, faulting module ffmpeg.dll, version 0.0.0.0, time stamp 0x52af79f0, exception code 0x40000015, fault offset 0x00027d0f, process id 0x13c0, application start time 0xMOVIEMK.exe0. Error: (12/22/2013 00:35:30 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/22/2013 00:35:29 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/22/2013 00:35:29 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/22/2013 00:35:29 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/22/2013 00:35:27 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (12/22/2013 08:23:08 AM) (Source: Service Control Manager) (User: ) Description: OutfoxTvService Error: (12/22/2013 08:22:43 AM) (Source: Service Control Manager) (User: ) Description: OutfoxTvService Error: (12/22/2013 00:36:27 AM) (Source: WMPNetworkSvc) (User: ) Description: WMPNetworkSvc0x80070424 Error: (12/22/2013 00:36:27 AM) (Source: Service Control Manager) (User: ) Description: NVIDIA Update Service Daemon%%1069 Error: (12/22/2013 00:36:27 AM) (Source: Service Control Manager) (User: ) Description: nvUpdatusService.\UpdatusUser%%1330 Error: (12/22/2013 00:36:15 AM) (Source: DCOM) (User: ) Description: {28DD3979-0566-4ED3-9B14-1548B3187491} Error: (12/22/2013 00:35:08 AM) (Source: Service Control Manager) (User: ) Description: Windows Firewall Control1 Error: (12/22/2013 00:35:08 AM) (Source: Service Control Manager) (User: ) Description: 30000wfcs Error: (12/22/2013 00:35:08 AM) (Source: Service Control Manager) (User: ) Description: i8042prt Error: (12/22/2013 00:35:08 AM) (Source: Service Control Manager) (User: ) Description: IKE and AuthIP IPsec Keying ModulesBFE Microsoft Office Sessions: ========================= Error: (09/22/2010 07:24:21 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 55 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2013-11-28 04:48:23.228 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:22.766 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:22.281 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:21.810 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:21.335 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:20.869 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:20.329 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:19.865 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:19.376 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2013-11-28 04:48:18.913 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 55% Total physical RAM: 2941.76 MB Available physical RAM: 1305.3 MB Total Pagefile: 6099.98 MB Available Pagefile: 3999.78 MB Total Virtual: 2047.88 MB Available Virtual: 1934.08 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:288.09 GB) (Free:138.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Removable) (Total:3.74 GB) (Free:0.86 GB) FAT32 Drive k: (es-419_L3) (CDROM) (Total:0.4 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: 5C4455CC) Partition 1: (Not Active) - (Size=10 GB) - (Type=27) Partition 2: (Active) - (Size=288 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 4 GB) (Disk ID: 00198ED8) Partition 1: (Active) - (Size=4 GB) - (Type=0B) ==================== End Of Log ============================
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

==================== One Month Created Files and Folders ======== 2013-12-22 10:11 - 2013-12-22 10:11 - 00000000 ____D C:\FRST 2013-12-22 10:10 - 2013-12-22 10:11 - 00000000 ____D C:\Users\Anthony\Desktop\farbar recovery 2013-12-22 09:59 - 2013-12-22 09:59 - 00006363 _____ C:\Users\Anthony\Desktop\RKreport[0]_S_12222013_095915.txt 2013-12-22 09:58 - 2013-12-22 09:59 - 00031744 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\ZDPSp50a64.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 10919200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 02152344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01206560 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01122360 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01052704 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmfdx32.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00464384 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr73.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00429056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvm60x32.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00288768 _____ (NETGEAR Inc.) C:\Windows\system32\Drivers\wg111v2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00238648 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00180672 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00167528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00145952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor32.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00136680 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00132424 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00130616 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00121192 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00114152 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00110280 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdserd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00109112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00106088 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00104648 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00102968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00098928 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00098408 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00076392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00074808 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00068464 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00066112 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00062080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00060984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00059448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00059388 _____ (PowerISO Computing, Inc.) C:\Windows\system32\Drivers\scdemu.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00056888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00055864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00055664 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00051200 _____ (Prolific Technology Inc.) C:\Windows\system32\Drivers\ser2pl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00047744 _____ C:\Windows\system32\Drivers\vserial.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00045160 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00045112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00041016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sisraid2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00036464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetbridge.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00035944 _____ (LSI Logic) C:\Windows\system32\Drivers\symc8xx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00034944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00034920 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_u3.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031848 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_hi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031280 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmusb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00030312 _____ (Google Inc) C:\Windows\system32\Drivers\ssadadb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025712 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025584 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00022784 _____ (Research In Motion Limited) C:\Windows\system32\Drivers\RimUsb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00022072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00021728 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020608 _____ (N-trig Innovative Technologies) C:\Windows\system32\Drivers\ntrigdigi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020024 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00019568 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnet.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017664 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\ZDPSp50.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00016624 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetadapter.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00015264 _____ C:\Windows\system32\Drivers\vsb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00014920 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdfl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00013408 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\radpms.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012776 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdfl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012616 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcmnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012616 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdcm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012488 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwhnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012488 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdwh.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010472 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcmnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010472 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadcm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010344 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwhnt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00010344 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadwh.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00638328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00491816 _____ (COMODO) C:\Windows\system32\Drivers\cmdGuard.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00386616 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00342584 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00242240 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00235064 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00118784 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00096312 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00094776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00089656 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00082400 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00071272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\djsvs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00061496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00049720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00041576 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00040504 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00039272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00038616 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteraid.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteatapi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00035064 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\CFRMD.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00033384 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\Mraid35x.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00032496 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00031288 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00030264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00028728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00026248 _____ (EldoS Corporation) C:\Windows\system32\Drivers\ElRawDsk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00024832 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbmodem.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00024632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00023040 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\htcnprot.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00020384 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\jswpslwf.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019968 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbgps.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019968 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbdiag.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019600 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00019000 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00017952 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15_64.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015464 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015400 _____ C:\Windows\system32\Drivers\hmd.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00015392 _____ (Acer, Inc.) C:\Windows\system32\Drivers\int15.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00013056 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgusbbus.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak 2013-12-22 09:57 - 2013-12-22 09:57 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak 2013-12-22 09:56 - 2013-12-22 09:57 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 01384448 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athur.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 01204128 _____ (Agere Systems) C:\Windows\system32\Drivers\AGRSM.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00508416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00422968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00300600 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00238072 _____ C:\Windows\system32\Drivers\bcmusbdhdlh.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00149560 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00101432 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00079928 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00079416 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00071808 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00062336 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00056376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00053376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00053248 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerIf.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00033664 _____ (CACE Technologies) C:\Windows\system32\Drivers\bcmwlnpf.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00029184 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\BRGSp50a64.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00020608 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\BRGSp50.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017992 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017464 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00013568 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00012160 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00011904 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak 2013-12-22 09:56 - 2013-12-22 09:56 - 00005248 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak 2013-12-22 09:53 - 2013-12-22 10:01 - 00000000 ____D C:\Users\Anthony\Desktop\RK_Quarantine 2013-12-22 09:53 - 2013-12-22 09:53 - 03770368 _____ C:\Users\Anthony\Desktop\RogueKiller.exe 2013-12-22 09:31 - 2013-12-22 09:31 - 00000000 ____D C:\ProgramData\Oracle 2013-12-22 09:31 - 2013-12-22 09:30 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-12-22 09:30 - 2013-12-22 09:30 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-12-22 09:30 - 2013-12-22 09:30 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-12-22 09:30 - 2013-12-22 09:30 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2013-12-22 09:28 - 2013-12-22 09:28 - 00915368 _____ (Oracle Corporation) C:\Users\Anthony\Desktop\chromeinstall-7u45.exe 2013-12-22 09:28 - 2013-12-22 09:28 - 00000000 ____D C:\ProgramData\McAfee 2013-12-22 08:25 - 2013-12-22 08:50 - 00000000 ____D C:\Users\Anthony\Documents\Deer Drive 2013-12-22 08:25 - 2013-12-22 08:25 - 00000000 ____D C:\Users\Anthony\AppData\Local\NativeMessaging 2013-12-22 08:25 - 2013-12-22 08:25 - 00000000 ____D C:\Program Files\SearchFlyBar2 2013-12-22 08:24 - 2013-12-22 08:25 - 00000000 ____D C:\Program Files\MyPC Backup 2013-12-22 08:24 - 2013-12-22 08:24 - 00002177 _____ C:\Users\Anthony\Desktop\Deer Drive.lnk 2013-12-22 08:24 - 2013-12-22 08:24 - 00001172 _____ C:\Users\Anthony\Desktop\Games of the Month.lnk 2013-12-22 08:24 - 2013-12-22 08:24 - 00000886 _____ C:\Users\Anthony\Desktop\MyPC Backup.lnk 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Oberon Media 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\SearchProtect 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\Oberon Media SIDR 2013-12-22 08:24 - 2013-12-22 08:24 - 00000000 ____D C:\Program Files\Common Files\Oberon Media 2013-12-22 08:23 - 2013-12-22 08:24 - 00000000 ____D C:\ProgramData\Oberon Media 2013-12-22 08:22 - 2013-12-22 08:22 - 00001103 _____ C:\Users\Public\Desktop\The Weather Channel App.lnk 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\OpenCandy 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OutfoxTV 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Users\Anthony\AppData\Local\The Weather Channel 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Program Files\The Weather Channel 2013-12-22 08:22 - 2013-12-22 08:22 - 00000000 ____D C:\Program Files\OutfoxTV 2013-12-22 08:21 - 2013-12-22 08:21 - 01204160 _____ (ArcadeFrontier) C:\Users\Anthony\Desktop\ArcadeFrontierGames (1).exe 2013-12-22 08:21 - 2013-12-22 08:21 - 00000276 _____ C:\Windows\Tasks\ArcadeFrontier.job 2013-12-22 08:21 - 2013-12-22 08:21 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeFrontier 2013-12-22 08:21 - 2013-12-22 08:21 - 00000000 ____D C:\Users\Anthony\AppData\Local\ArcadeFrontier 2013-12-22 08:20 - 2013-12-22 08:20 - 01204160 _____ (ArcadeFrontier) C:\Users\Anthony\Desktop\ArcadeFrontierGames.exe 2013-12-22 06:13 - 2013-12-22 06:13 - 01210295 _____ C:\Users\Anthony\Desktop\pro_vpa.wmv 2013-12-22 06:06 - 2013-12-22 06:06 - 00000000 ____D C:\Users\Anthony\AppData\Roaming\MPC-HC 2013-12-22 05:35 - 2013-12-22 05:35 - 118031598 _____ C:\Users\Anthony\Desktop\pro vpa.mp4 2013-12-22 05:11 - 2013-12-22 06:21 - 00408576 _____ C:\Users\Anthony\Desktop\Homeless Vet's testomonial's and footage.MSWMM 2013-12-22 02:17 - 2013-12-22 02:22 - 157072998 _____ C:\Users\Anthony\Desktop\wheels.mp4 2013-12-22 01:44 - 2013-12-22 01:46 - 69412446 _____ C:\Users\Anthony\Desktop\vet 3.mp4 2013-12-22 01:42 - 2013-12-22 01:42 - 00000000 ____D C:\Program Files\K-Lite Codec Pack 2013-12-22 01:42 - 2013-12-01 05:10 - 00218200 _____ C:\Windows\system32\unrar.dll 2013-12-22 01:38 - 2013-12-22 01:38 - 27145161 _____ ( ) C:\Users\Anthony\Desktop\K-Lite_Codec_Pack_1020_Full.exe 2013-12-22 01:26 - 2013-12-22 01:43 - 90970232 _____ C:\Users\Anthony\Desktop\vet 2.mp4 2013-12-22 01:26 - 2013-12-22 01:43 - 331754551 _____ C:\Users\Anthony\Desktop\vet 1.mp4 2013-12-22 00:16 - 2013-12-22 00:16 - 00008962 _____ C:\Users\Anthony\Desktop\attach.txt 2013-12-22 00:16 - 2013-12-22 00:14 - 00023039 _____ C:\Users\Anthony\Desktop\dds.txt 2013-12-22 00:10 - 2013-12-22 00:10 - 00688992 ____R (Swearware) C:\Users\Anthony\Desktop\dds.com 2013-12-21 22:19 - 2013-12-21 22:19 - 00000000 ____D C:\Program Files\DIFX 2013-12-21 21:55 - 2013-12-21 22:01 - 00000000 ____D C:\Program Files\HTC 2013-12-21 21:55 - 2013-12-21 21:55 - 00000000 ____D C:\Program Files\Spirent Communications 2013-12-21 19:06 - 2013-12-21 19:06 - 00000000 _____ C:\Users\Anthony\adb 2013-12-21 03:49 - 2013-12-21 03:49 - 00084992 _____ C:\Users\Anthony\Desktop\vpa movie.MSWMM 2013-12-12 15:30 - 2013-12-12 15:30 - 00000000 ____D C:\Users\Anthony\AppData\Local\{4969D70B-F934-49E2-84EF-6B4C6BE20E29} 2013-12-12 15:30 - 2013-12-12 15:30 - 00000000 ____D C:\Users\Anthony\AppData\Local\{25C20B72-48A9-4727-94FB-DAA36F8E1A57} 2013-12-09 20:47 - 2013-12-09 20:47 - 00160048 _____ C:\Windows\Minidump\Mini120913-01.dmp ==================== One Month Modified Files and Folders ======= 2013-12-22 10:11 - 2013-12-22 10:11 - 00000000 ____D C:\FRST 2013-12-22 10:11 - 2013-12-22 10:10 - 00000000 ____D C:\Users\Anthony\Desktop\farbar recovery 2013-12-22 10:01 - 2013-12-22 09:53 - 00000000 ____D C:\Users\Anthony\Desktop\RK_Quarantine 2013-12-22 10:00 - 2009-02-16 10:05 - 02164549 _____ C:\Windows\WindowsUpdate.log 2013-12-22 09:59 - 2013-12-22 09:59 - 00006363 _____ C:\Users\Anthony\Desktop\RKreport[0]_S_12222013_095915.txt 2013-12-22 09:59 - 2013-12-22 09:58 - 00031744 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\ZDPSp50a64.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 10919200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 02152344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01206560 _____ (Ralink Technology Corp.) C:\Windows\system32\Drivers\netr28u.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01122360 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 01052704 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmfdx32.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00464384 _____ (Ralink Technology, Corp.) C:\Windows\system32\Drivers\netr73.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00429056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvm60x32.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00288768 _____ (NETGEAR Inc.) C:\Windows\system32\Drivers\wg111v2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00238648 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00180672 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00167528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00145952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor32.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00136680 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00132424 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdmdm.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00130616 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00121192 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00114152 _____ (MCCI Corporation) C:\Windows\system32\Drivers\ssadserd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00110280 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdserd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00109112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00106088 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00104648 _____ (MCCI Corporation) C:\Windows\system32\Drivers\sscdbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00102968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00098928 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00098408 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00076392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00074808 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00068464 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00066112 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00062080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00060984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00059448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00059388 _____ (PowerISO Computing, Inc.) C:\Windows\system32\Drivers\scdemu.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00056888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00055864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00055664 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00051200 _____ (Prolific Technology Inc.) C:\Windows\system32\Drivers\ser2pl.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00047744 _____ C:\Windows\system32\Drivers\vserial.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00045160 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00045112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00041016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sisraid2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00036464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetbridge.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00035944 _____ (LSI Logic) C:\Windows\system32\Drivers\symc8xx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00034944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00034920 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_u3.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031848 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_hi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031280 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmusb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00030312 _____ (Google Inc) C:\Windows\system32\Drivers\ssadadb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025712 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025584 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00022784 _____ (Research In Motion Limited) C:\Windows\system32\Drivers\RimUsb.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00022072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00021728 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020608 _____ (N-trig Innovative Technologies) C:\Windows\system32\Drivers\ntrigdigi.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak 2013-12-22 09:58 - 2013-12-22 09:58 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2013 01 Ran by Anthony (administrator) on JDMCIVIC-PC on 22-12-2013 10:11:49 Running from C:\Users\Anthony\Desktop\farbar recovery Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Windows\System32\wltrysvc.exe (Broadcom Corporation) C:\Windows\System32\bcmwltry.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Agere Systems) C:\Windows\System32\agrsmsvc.exe () C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe (Comodo Security Solutions, Inc.) C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe (iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe (Ralink Technology, Corp.) C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe (Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe () C:\Windows\System32\WinService.exe (VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.) C:\Windows\System32\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) C:\Windows\System32\vmnetdhcp.exe (Broadcom Corporation) C:\Windows\System32\wltray.exe (Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.) C:\Program Files\Comodo\GeekBuddy\unit.exe (Outfox Tv Productions Pty Ltd) C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe (Outfox Tv Productions Pty Ltd) C:\Program Files\OutfoxTV\OutfoxTvService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Conduit) C:\Program Files\SearchProtect\bin\CltMngSvc.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2launcher.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\java.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [eRecoveryService] - [x] HKLM\...\Run: [broadcom Wireless Manager] - C:\Windows\System32\wltray.exe [1282048 2007-06-14] (Broadcom Corporation) HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2012-06-08] (LogMeIn, Inc.) HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\Comodo\COMODO Internet Security\cfp.exe [6749512 2012-03-11] (COMODO) HKLM\...\Run: [tvncontrol] - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.) HKLM\...\Run: [searchProtectAll] - C:\Program Files\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd) HKCU\...\Run: [OutfoxTV] - C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe [325120 2013-12-11] (Outfox Tv Productions Pty Ltd) HKCU\...\Run: [DW7] - C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe [13209088 2013-12-22] (The Weather Channel) HKCU\...\Run: [searchProtect] - C:\Users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe [3470624 2013-09-22] (Conduit) HKCU\...\Run: [ConduitFloatingPlugin_hgiifhjbblnglipdbpdgagphlcbililb] - "C:\Windows\system32\Rundll32.exe" "C:\Users\Anthony\AppData\Local\Temp\CT3292715\plugins\TBVerifier.dll",RunConduitFloatingPlugin hgiifhjbblnglipdbpdgagphlcbililb <===== ATTENTION MountPoints2: L - L:\HTC_Sync_Manager_PC.exe MountPoints2: M - M:\HTC_Sync_Manager_PC.exe MountPoints2: {80418ebe-22dc-11e3-acd8-002197d5c81e} - M:\HTC_Sync_Manager_PC.exe MountPoints2: {bac1b131-0354-11e2-bd8c-005056c00008} - D:\TL-Bootstrap.exe MountPoints2: {bac1b141-0354-11e2-bd8c-005056c00008} - D:\TL-Bootstrap.exe MountPoints2: {cf043197-cc8f-11e2-bf2e-002197d5c81e} - L:\ToolLauncher-Bootstrap.exe HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\jdmcivic\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [ 2008-01-20] (Microsoft Corporation) HKU\jdmcivic\...\Run: [Weather] - C:\Program Files\AWS\WeatherBug\Weather.exe 1 HKU\jdmcivic\...\Run: [CollaborationHost] - C:\Windows\System32\p2phost.exe [ 2008-01-20] (Microsoft Corporation) HKU\jdmcivic\...\Run: [skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2012-07-13] (Skype Technologies S.A.) HKU\jdmcivic\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-20] (Microsoft Corporation) HKU\LogMeInRemoteUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter AppInit_DLLs: C:\Windows\System32\guard32.dll [ 2012-03-11] (COMODO) Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) Startup: C:\Users\jdmcivic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () Startup: C:\Users\jdmcivic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== ProxyServer: http=;ftp=;https=; HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3292715&octid=CT3292715&SearchSource=61&CUI=UN36456541041811312&UM=2&UP=SPF862BDCD-778E-4262-B58A-88D44A632490 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0209&m=et1161-07 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://isearch.babylon.com/?babsrc=HP_ss&mntrId=a230e07b000000000000000c55f8df91 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://uk.search.yahoo.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://uk.search.yahoo.com URLSearchHook: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) URLSearchHook: HKLM - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files\SearchFlyBar2\prxtbSear.dll (Conduit Ltd.) URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} URLSearchHook: HKCU - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) URLSearchHook: HKCU - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files\SearchFlyBar2\prxtbSear.dll (Conduit Ltd.) SearchScopes: HKLM - DefaultScope {1E0D27D0-FC84-490F-8931-10129C3A2356} URL = SearchScopes: HKLM - {9a2d7aa7-c5a9-4eb1-9e08-c6aaa7538b55} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z5xdm002YYus&ptnrS=Z5xdm002YYus&si=CIzJg_LE6K8CFXQeQgodITL22A&ptb=90DE38A9-ED79-49B0-A94C-9A4874809314&ind=2012050502&n=77ed7446&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKLM - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - DefaultScope {1E0D27D0-FC84-490F-8931-10129C3A2356} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3292715&CUI=UN36456541041811312&UM=2 SearchScopes: HKCU - {025BB60C-2114-48A7-A422-9BA5D5BF744A} URL = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=FM&apn_dtid=TES002A6US&apn_uid=58C611C2-76B6-445B-B9ED-E9821A3E56CA&apn_sauid=8B52DB34-E95A-4D68-A67C-8C4843025E5E SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/web/{searchTerms}?babsrc=browsersearch&babsrc=SP_ss&mntrId=a230e07b000000000000000c55f8df91 SearchScopes: HKCU - {1E0D27D0-FC84-490F-8931-10129C3A2356} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3292715&CUI=UN36456541041811312&UM=2 SearchScopes: HKCU - {62E52C12-1549-4C51-A0CD-F73E9C628E8D} URL = http://search.yahoo.com/?ourmark=4&p={searchTerms} SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {9a2d7aa7-c5a9-4eb1-9e08-c6aaa7538b55} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z5xdm002YYus&ptnrS=Z5xdm002YYus&si=CIzJg_LE6K8CFXQeQgodITL22A&ptb=90DE38A9-ED79-49B0-A94C-9A4874809314&ind=2012050502&n=77ed7446&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb133/?search={searchTerms}&loc=IB_DS&a=6R8rrNIR91&i=26 BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Anthony\AppData\Roaming\Complitly\Complitly.dll (SimplyGen) BHO: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) BHO: ArcadeFrontier Addon - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\Anthony\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll () BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll No File BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll (kikin) BHO: SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files\SearchFlyBar2\prxtbSear.dll (Conduit Ltd.) Toolbar: HKLM - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKLM - SearchFlyBar2 Toolbar - {efc335aa-59ec-45b0-b287-739521153d5b} - C:\Program Files\SearchFlyBar2\prxtbSear.dll (Conduit Ltd.) Toolbar: HKCU - uTorrentControl2 Toolbar - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - SearchFlyBar2 Toolbar - {EFC335AA-59EC-45B0-B287-739521153D5B} - C:\Program Files\SearchFlyBar2\prxtbSear.dll (Conduit Ltd.) DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll" Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll" Winsock: Catalog9 11 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.) Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.) Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 FireFox: ======== FF ProfilePath: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default FF user.js: detected! => C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\user.js FF DefaultSearchEngine: SearchFlyBar2 Customized Web Search FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: SearchFlyBar2 Customized Web Search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @oberon-media.com/ONCAdapter - C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media ) FF Plugin: @unity3d.com/UnityPlayer - C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Anthony\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Anthony\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\searchplugins\MyStart Search.xml FF SearchPlugin: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\searchplugins\search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\kwinzy157.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\kwinzy159.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\kwinzy163.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SafeSearch.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml FF Extension: General Crawler - C:\Users\Anthony\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com FF Extension: LyricsParty-1 - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\2182c59b-52a6-4361-8582-ea68a9f74e27@30056f63-cd7d-4a99-a8d3-607bf2f1ac42.com FF Extension: Babylon - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\ffxtlbr@babylon.com FF Extension: incredibar.com - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\ffxtlbr@incredibar.com FF Extension: OneClickDownloader - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\OneClickDownload@OneClickDownload.com FF Extension: SearchGBY - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\plugin@searchgby.com FF Extension: No Name - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\staged FF Extension: InternetHelper3.1 - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3} FF Extension: ArcadeFrontier - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{1a68cbde-3e4c-4fae-bf49-af5ab9868e53} FF Extension: Microsoft .NET Framework Assistant - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} FF Extension: Complitly - Speed up your search with your personal search suggestions tool - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} FF Extension: uTorrentControl2 Community Toolbar - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} FF Extension: SearchFlyBar2 - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\{efc335aa-59ec-45b0-b287-739521153d5b} FF Extension: Default Tab - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\ick1ubuu.default\Extensions\addon@defaulttab.com.xpi FF Extension: Kwinzy - C:\Program Files\Mozilla Firefox\extensions\{52EF0988-5232-4465-86E7-6434B5891030} FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF HKLM\...\Firefox\Extensions: [{6E19037A-12E3-4295-8915-ED48BC341614}] - C:\Program Files\RelevantKnowledge FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ Chrome: ======= CHR DefaultSearchKeyword: google.com CHR DefaultSearchProvider: Google CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR Plugin: (Shockwave Flash) - C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Anthony\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files\HeadlineAlley_29\bar\1.bin\NP29Stub.dll No File CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Unity Player) - C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Windows Live\\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\Anthony\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll () CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\system32\npDeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (Bejeweled) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0 CHR Extension: (iron Man 3 D) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomdaglpgkkignaeelhbngdjkjglionl\1.2_0 CHR Extension: (YouTube) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Classic Games) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc\1.0_0 CHR Extension: (Street Racers) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohkjfondhjjfehnehlpmjpljpihfhfc\1_0 CHR Extension: (Google Search) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Sniper Team) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgbbaloijjnkpigapgmocdpoblnlec\1.0.2_0 CHR Extension: (Cargo Bridge: Armor Games Edition) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpiaibleklmjieibbnmkignbggodmmj\2.1.1_0 CHR Extension: (Google Voice (by Google)) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.4.4_0 CHR Extension: (Cargo Bridge) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn\1.5.7_0 CHR Extension: (Little Alchemy) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.15.7_0 CHR Extension: (Need for Speed World) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk\1.0.0.4_0 CHR Extension: (Cargo Bridge: Xmas level pack) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdcclndkdgngndhjfccoabooegcgamk\1.0.1_0 CHR Extension: (Google Wallet) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Band Stars) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pheefoolfafhhpdkpdkjpganobgachop\1.0.0.3_0 CHR Extension: (Gmail) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Anthony\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx CHR HKLM\...\Chrome\Extension: [hgiifhjbblnglipdbpdgagphlcbililb] - C:\Users\Anthony\AppData\Local\CRE\hgiifhjbblnglipdbpdgagphlcbililb.crx CHR HKLM\...\Chrome\Extension: [icmijdhkcgeclpfjmibnginbbkfcbpep] - C:\Program Files\SearchGBY\Extensions\Chrome\searchgby.chrome.v0.9.55.crx CHR HKLM\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\Anthony\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Anthony\AppData\Local\Temp\ccex.crx CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader10.crx CHR StartMenuInternet: Google Chrome - C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It) R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70352 2013-10-11] (Comodo Security Solutions, Inc.) R2 CltMngSvc; C:\Program Files\SearchProtect\bin\CltMngSvc.exe [220960 2013-09-22] (Conduit) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1983232 2012-03-11] (COMODO) R2 ETService; C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [24576 2008-06-11] () S3 GameConsoleService; C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [165416 2008-05-05] (WildTangent, Inc.) R2 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2013-10-11] (Comodo Security Solutions, Inc.) R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1070080 2013-03-17] (iolo technologies, LLC) S3 jswpsapi; C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe [954368 2009-11-05] (Atheros Communications, Inc.) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [310672 2013-12-21] (Outfox Tv Productions Pty Ltd) R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 RalinkRegistryWriter; C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe [377088 2012-09-04] (Ralink Technology, Corp.) R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646056 2011-03-31] (Rosetta Stone Ltd.) R2 SCM_Service; C:\Windows\System32\WinService.exe [186848 2010-05-10] () R2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [79872 2012-01-18] (VMware, Inc.) R2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [354416 2012-01-18] (VMware, Inc.) R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [665200 2011-08-29] (VMware, Inc.) R2 VMware NAT Service; C:\Windows\system32\vmnat.exe [433264 2012-01-18] (VMware, Inc.) S2 wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [75264 2013-10-12] (BiniSoft.org) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1134592 2007-06-14] (Broadcom Corporation) R2 WSWNA1100; C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe [278528 2009-11-27] () U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\ \...\???\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) ==================== Drivers (Whitelisted) ==================== S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1384448 2009-11-27] (Atheros Communications, Inc.) R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2013-05-06] (Windows ® Win 7 DDK provider) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [491816 2012-03-11] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38616 2012-03-11] (COMODO) S3 dhdusb.NTx86; C:\Windows\System32\DRIVERS\bcmusbdhdlh.sys [238072 2008-01-08] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-07-10] (DT Soft Ltd) R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-17] (EldoS Corporation) R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [32496 2011-08-29] (VMware, Inc.) R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [15400 2013-10-06] () R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [82400 2012-03-11] (COMODO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1206560 2012-11-12] (Ralink Technology Corp.) R2 PDFsFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-03-17] (Raxco Software, Inc.) R3 radpms; C:\Windows\System32\DRIVERS\radpms.sys [13408 2012-06-08] (LogMeIn, Inc.) S3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [288768 2007-12-26] (NETGEAR Inc.) R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider) S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.) S3 UsbGps; C:\Windows\System32\DRIVERS\lgusbgps.sys [19968 2008-11-11] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.) R3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25584 2012-01-18] (VMware, Inc.) S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16624 2012-01-18] (VMware, Inc.) R2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [36464 2012-01-18] (VMware, Inc.) R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25712 2012-01-18] (VMware, Inc.) S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2011-08-29] (VMware, Inc.) R2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [55664 2012-01-18] (VMware, Inc.) R3 vsbus; C:\Windows\System32\DRIVERS\vsb.sys [15264 2004-09-07] () S3 vserial; C:\Windows\System32\DRIVERS\vserial.sys [47744 2004-09-07] () S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S4 LMIRfsClientNP; No ImagePath S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] U3 TrueSight; \??\ [x] S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x] ==================== NetSvcs (Whitelisted) ===================
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres replied to AnthonyBoladeres's topic in Resolved Malware Removal Logs

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Anthony [Admin rights] Mode : Scan -- Date : 12/22/2013 09:59:15 | ARK || FAK || MBR | ¤¤¤ Bad processes : 2 ¤¤¤ [sUSP PATH] cltmng.exe -- C:\Users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe [7] -> KILLED [TermProc] [ZeroAccess][sERVICE] ???etadpug -- "C:\Program Files\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\ \...\???ﯹ๛\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" < [x] -> STOPPED ¤¤¤ Registry Entries : 9 ¤¤¤ [RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Anthony\AppData\Local\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\?��?��?��\?��?��?��\???ﯹ๛\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" >) -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : SearchProtect (C:\Users\Anthony\AppData\Roaming\SearchProtect\bin\cltmng.exe [7]) -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : ConduitFloatingPlugin_hgiifhjbblnglipdbpdgagphlcbililb ("C:\Windows\system32\Rundll32.exe" "C:\Users\Anthony\AppData\Local\Temp\CT3292715\plugins\TBVerifier.dll",RunConduitFloatingPlugin hgiifhjbblnglipdbpdgagphlcbililb [7][7][x][x]) -> FOUND [sERVICE][ZeroAccess] HKLM\[...]\CCSet\[...]\Services : ???etadpug ("C:\Program Files\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\ \...\???ﯹ๛\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" < [x]) -> FOUND [sERVICE][ZeroAccess] HKLM\[...]\CS001\[...]\Services : ???etadpug ("C:\Program Files\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\ \...\???ﯹ๛\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" < [x]) -> FOUND [sERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files\Google\Desktop\Install\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\ \...\???ﯹ๛\{0fe012a7-5b9a-258f-298f-d41e79b29c85}\GoogleUpdate.exe" < [x]) -> FOUND [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=;ftp=;hxxps=; [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 3 ¤¤¤ [V1][sUSP PATH] ArcadeFrontier.job : C:\Users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe [7] -> FOUND [V2][sUSP PATH] ArcadeFrontier : C:\Users\Anthony\AppData\Local\ArcadeFrontier\veragent.exe [7] -> FOUND [V2][sUSP PATH] OpenCandyHelperRunOnce : RunDll32.exe - "C:\Users\Anthony\AppData\Roaming\OpenCandy\FDC9EF2A0B16472BA1AA1976C6D224E5\OCBrowserHelper_1.0.3.85.dll",_OCRestartDll@16 [x][x][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpRtMon.dll : C:\Program Files\Windows Defender\MpRtMon.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpRtPlug.dll : C:\Program Files\Windows Defender\MpRtPlug.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpSigDwn.dll : C:\Program Files\Windows Defender\MpSigDwn.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpSoftEx.dll : C:\Program Files\Windows Defender\MpSoftEx.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND [ZeroAccess][Folder] Install : C:\Users\Anthony\AppData\Local\Google\Desktop\Install [-] --> FOUND [ZeroAccess][Folder] Install : C:\Program Files\Google\Desktop\Install [-] --> FOUND ¤¤¤ Driver : [NOT LOADED 0xc0000033] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST332081 3AS SCSI Disk Device +++++ --- User --- [MBR] 7c62f2a288d62a2c5dfe4f7edaf6f17c [bSP] d89474759e1c94dcaf25da340284b493 : Acer MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 295003 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x1] Incorrect function. ) +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Generic Flash Disk USB Device +++++ --- User --- [MBR] 3e9e26911753fb661aa60015311871f8 [bSP] 190fcf2c94255f75694d1d95d48624a3 : Empty MBR Code Partition table: 0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 64 | Size: 3839 Mo User = LL1 ... OK! Error reading LL2 MBR! ([0x32] The request is not supported. ) Finished : << RKreport[0]_S_12222013_095915.txt >>
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week
Help me, my computer is dying.

AnthonyBoladeres posted a topic in Resolved Malware Removal Logs

DDS.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16506 BrowserJavaVersion: 10.5.1 Run by Anthony at 0:12:50 on 2013-12-22 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2942.1408 [GMT -8:00] . AV: System Shield *Enabled/Updated* {C132074B-BF68-2E15-D4FD-E242EED15F18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: System Shield *Enabled/Updated* {7A53E6AF-9952-219B-EE4D-D930955615A5} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\Common Files\COMODO\launcher_service.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\wltrysvc.exe C:\Windows\System32\bcmwltry.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\agrsmsvc.exe C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe C:\Windows\System32\WinService.exe C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe C:\Windows\system32\vmnat.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\VMware\VMware Player\vmware-authd.exe C:\Windows\system32\vmnetdhcp.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\wltray.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Comodo\GeekBuddy\unit_manager.exe C:\Program Files\Comodo\GeekBuddy\unit.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Anthony\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k apphost C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k iissvcs C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k WindowsMobile . ============== Pseudo HJT Report =============== . mSearch Page = hxxp://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://uk.search.yahoo.com mDefault_Search_URL = hxxp://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://uk.search.yahoo.com uProxyServer = hxxp=;ftp=;https=; uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll uURLSearchHooks: <No Name>: - LocalServer32 - <no file> mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - c:\users\anthony\appdata\roaming\complitly\Complitly.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: NetAssistantBHO Class: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - c:\program files\my.freeze.com toolbar\NetAssistant.dll BHO: kikin Plugin: {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun mRun: [eRecoveryService] <no file> StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download with &Media Finder - c:\program files\media finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: %SystemRoot%\system32\vsocklib.dll TCP: NameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{8B1C9BFB-5076-4DAA-AA32-90D4B68D9BF3} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{8B3404CE-E38F-4FDC-8DDB-7BF145B51022} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{95511A8C-90F4-4DA8-9CA9-7E428C4A5B2A} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{ACC02384-319F-4A76-BE1B-46BD2D69F176} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{B70758A4-0B36-4F5A-B566-99A44F7F379B} : DHCPNameServer = 192.168.42.129 TCP: Interfaces\{CBE1E88A-72D9-4D42-B0B0-3FD8CAD9F154} : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{D7908665-8F08-47CC-8457-9B9BE4283B17} : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{E1657C98-10F5-4668-9E98-AB3CFE7FD1FB} : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{F8D40673-B680-4C56-9996-5038FECCCFA5} : DHCPNameServer = 192.168.42.129 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= c:\windows\system32\guard32.dll LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg . ================= FIREFOX =================== . FF - ProfilePath - c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - component: c:\program files\relevantknowledge\components\rlxg.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko10.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko11.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko19.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko5.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko6.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko7.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko8.dll FF - component: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\components\RadioWMPCoreGecko9.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\anthony\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\users\anthony\appdata\roaming\mozilla\firefox\profiles\ick1ubuu.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - ExtSQL: !HIDDEN! 2009-09-01 03:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.id - a230e07b000000000000001cdfa12a8a FF - user.js: extensions.BabylonToolbar_i.hardId - a230e07b000000000000001cdfa12a8a FF - user.js: extensions.BabylonToolbar_i.instlDay - 15428 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.id - a230e07b000000000000001cdf0e69d5 FF - user.js: extensions.incredibar_i.instlDay - 15460 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:05:25 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8rrNIR91 FF - user.js: extensions.incredibar_i.upn2n - 92824276867108883 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10643 FF - user.js: extensions.incredibar_i.ppd - 453 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=114066&tt=010812_906_cln_3112_1 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.ovrDmn - isearch.babylon.com FF - user.js: extensions.BabylonToolbar.id - a230e07b000000000000000c55f8df91 FF - user.js: extensions.BabylonToolbar.instlDay - 15555 FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1 FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.119:51:02 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . ============= SERVICES / DRIVERS =============== . R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2012-4-16 21728] R0 vmci;VMware VMCI Bus Driver;c:\windows\system32\drivers\vmci.sys [2011-8-8 98928] R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2013-5-6 35064] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 491816] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 38616] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-7-10 242240] R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2013-10-8 26248] R1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\drivers\hmd.sys [2013-10-6 15400] R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2013-10-3 20384] R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2013-10-11 70352] R2 ETService;Empowering Technology Service;c:\program files\emachines\emachines recovery management\service\ETService.exe [2009-2-16 24576] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\common files\comodo\GeekBuddyRSP.exe [2013-10-11 2327248] R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2013-10-8 1070080] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-7-5 375120] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-6-8 13624] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-7-28 47640] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-10-8 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-10-8 701512] R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2013-12-21 167424] R2 PDFsFilter;PDFsFilter;c:\windows\system32\drivers\PDFsFilter.sys [2013-10-8 68464] R2 RalinkRegistryWriter;RalinkRegistryWriter;c:\program files\netgear\wnda4100\service\RaRegistry.exe [2012-9-4 377088] R2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files\rosettastoneltdservices\RosettaStoneDaemon.exe [2011-3-31 1646056] R2 SCM_Service;SCM_Service;c:\windows\system32\WinService.exe [2012-4-16 186848] R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2011-8-29 665200] R2 WSWNA1100;WSWNA1100;c:\program files\netgear\wna1100\WifiSvc.exe [2013-10-3 278528] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-8 22856] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2012-11-12 1206560] R3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [2012-6-8 13408] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S2 wfcs;Windows Firewall Control;c:\program files\windows firewall control\wfcs.exe [2013-10-12 75264] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2012-6-20 30312] S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2013-10-3 1384448] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-6-20 66112] S3 dhdusb.NTx86;Dynex Wireless G USB Network Adapter Service;c:\windows\system32\drivers\bcmusbdhdlh.sys [2012-4-19 238072] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-3-20 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2012-12-7 23040] S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\netgear\wna1100\jswpsapi.exe [2013-10-3 954368] S3 netr73;Belkin Wireless 54G USB Network Adapter Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-3-20 464384] S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v2.sys [2012-4-16 288768] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-6-20 121192] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-6-20 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-6-20 136680] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2012-6-20 114152] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-6-20 180672] S3 UsbGps;LGE CDMA USB GPS NMEA Port;c:\windows\system32\drivers\lgusbgps.sys [2012-6-26 19968] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2013-12-22 06:21:04 -------- d-----w- C:\fastboot 2013-12-22 05:55:15 -------- d-----w- c:\program files\Spirent Communications 2013-12-22 05:55:15 -------- d-----w- c:\program files\HTC 2013-12-12 23:30:31 -------- d-----w- c:\users\anthony\appdata\local\{25C20B72-48A9-4727-94FB-DAA36F8E1A57} 2013-12-12 23:30:30 -------- d-----w- c:\users\anthony\appdata\local\{4969D70B-F934-49E2-84EF-6B4C6BE20E29} . ==================== Find3M ==================== . 2013-12-14 04:51:55 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2013-12-14 04:51:55 53064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll 2013-12-14 04:51:55 31560 ----a-w- c:\windows\system32\LMIport.dll 2013-12-14 04:51:54 85832 ----a-w- c:\windows\system32\LMIinit.dll 2013-11-02 23:49:17 86888 ----a-w- c:\windows\system32\LMIRfsClientNP(248).dll 2013-10-20 16:35:32 85832 ----a-w- c:\windows\system32\LMIinit.dll.000.bak 2013-10-12 10:12:02 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2013-10-08 08:46:16 74703 ----a-w- c:\windows\system32\mfc45.dat 2013-10-08 08:46:09 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-10-08 08:46:09 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-10-08 07:40:28 74703 ----a-w- c:\windows\system32\mfc45.dll 2013-10-07 05:17:38 15400 ----a-w- c:\windows\system32\drivers\hmd.sys 2013-10-07 05:17:38 15400 ----a-w- c:\windows\inf\hmd\hmd.sys . ============= FINISH: 0:14:22.78 =============== Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/16/2009 10:06:42 AM System Uptime: 12/21/2013 10:55:47 PM (2 hours ago) . Motherboard: eMachines | | MCP61PM-GM Processor: AMD Athlon Dual Core Processor 4050e | Socket AM2 | 2100/201mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 288 GiB total, 140.695 GiB free. D: is Removable E: is Removable F: is Removable G: is Removable H: is CDROM () I: is Removable K: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent 1ClickDownloader Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader 8.3.1 AVI to DVD Converter Belkin 54Mbps Wireless Network Adapter Cheat Engine 6.1 Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Comodo Dragon COMODO Internet Security Compatibility Pack for the 2007 Office system Complitly ConvertXtoDVD 4.1.10.348 CyberLink LabelPrint CyberLink Power2Go D3DX10 DAEMON Tools Lite Diablo II Digital Media Reader DirectCOM Dynex Enhanced Wireless G USB Network Adapter Setup Dynex Wireless G USB Network Adapter Setup eMachines Games eMachines Recovery Management Expert PDF 7 Reader FlvPlayer FrostWire 4.21.3 Fruit Ninja 2 ìîçùá áòáøéú - www.Fruit-Ninja.co.cc - àìîåâ äìì version 2 GearDrvs GeekBuddy Google Chrome Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HTC BMP USB Driver HTC Driver Installer Hunting Unlimited 2010 iolo technologies' System Mechanic Professional IPTInstaller Java Auto Updater Java 6 Update 22 Java 6 Update 5 Java 7 Update 5 JavaFX 2.1.1 Junk Mail filter update kikin plugin 2.8 LG USB Modem driver LogMeIn Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Messenger Companion Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Mozilla Firefox 12.0 (x86 en-GB) Mozilla Maintenance Service MSVCRT My.Freeze.com Toolbar NETGEAR WNA1100 wireless USB 2.0 adapter NETGEAR WNDA4100 NETGEAR WNDA4100 Genie NVIDIA Control Panel 307.83 NVIDIA Display Control Panel NVIDIA Drivers NVIDIA Graphics Driver 307.83 NVIDIA Install Application NVIDIA Update 1.10.8 NVIDIA Update Components OGA Notifier 2.0.0048.0 PowerISO PVSonyDll QPST RarZilla Free Unrar Realtek High Definition Audio Driver Rosetta Stone Ltd Services Rosetta Stone TOTALe SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition Segoe UI Skype Toolbars Skype™ 5.10 Super Hide IP System Requirements Lab CYRI tools-linux Unity Web Player UnRAR for Windows Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) uTorrent Turbo Accelerator uTorrentControl2 Toolbar Ventrilo Client Video Strip Poker VideoLAN VLC media player 0.8.6d VmciSockets VMware Player Windows Driver Package - HTC, Corporation (HTCAND32) USB (11/01/2013 2.0.0007.00023) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Center WinZip 15.0 . ==== End Of File =========================== "After posting your new post, make sure under options, you select Follow this topic button and choose Immediate Email Notification" i saw the selection for "Follow this topic" but i did not see anything labled "Immediate Email Notification"
- December 22, 2013
- 18 replies
- - virus
  - mal-ware
  - (and 8 more)
    Tagged with:
    
    virus
    
    mal-ware
    
    slow speed
    
    missing folders
    
    mouse ghosting
    
    loss of connection
    
    unremovable threats
    
    work computer-losing money
    
    Blue-Screen
    
    wouldnt turn on for a week

Sign In

AnthonyBoladeres

Posts

Joined

Last visited

Reputation

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Help me, my computer is dying.

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information