Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very Strange happenings


  • Please log in to reply
21 replies to this topic

#1 Laserpaddy

Laserpaddy

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 02 September 2013 - 12:56 PM

Was on computer and it suddenly said I had been restored to previous date- I did not activate this!
Many wierd files etc..
windows 7 64bit home premium
avast internet security 
tried to repair / reload a new windows said no mbr- tried the mbr fixes etc no help
but it restores to the date it did with out my action
 
I have run hijackthis here is the file:
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tucker & Skitz\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Users\Tucker & Skitz\Downloads\HijackThis.exe /startupscan
O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4194929627-135268339-832707909-1001\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup (User 'Tucker & Skitz')
O4 - Global Startup: EVGAPrecision - Shortcut.lnk = C:\Program Files\EVGA Precision X\EVGAPrecision.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Open with PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - 
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B01C297-F40C-4062-A1E9-FD3F6C61C878}: NameServer = 208.67.222.222,208.67.202.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCF2A168-B7A7-405A-BB5E-C78FB6568573}: NameServer = 208.67.222.222,208.67.202.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{5B01C297-F40C-4062-A1E9-FD3F6C61C878}: NameServer = 208.67.222.222,208.67.202.202
O17 - HKLM\System\CS2\Services\Tcpip\..\{5B01C297-F40C-4062-A1E9-FD3F6C61C878}: NameServer = 208.67.222.222,208.67.202.202
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Software Protection (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Virtual Disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
 
--
End of file - 10831 bytes
 
rogue killer:
RogueKiller V8.6.8 _x64_ [Sep  2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : LK [Admin rights]
Mode : Remove -- Date : 09/02/2013 11:18:13
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 3 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-21-4194929627-135268339-832707909-1001\[...]\Run : Google Update ("C:\Users\Tucker & Skitz\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 4 ¤¤¤
[V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-4194929627-135268339-832707909-1001UA.job : C:\Users\Tucker & Skitz\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> DELETED
[V1][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-4194929627-135268339-832707909-1001Core.job : C:\Users\Tucker & Skitz\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> DELETED
[V2][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-4194929627-135268339-832707909-1001Core : C:\Users\Tucker & Skitz\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> DELETED
[V2][SUSP PATH] GoogleUpdateTaskUserS-1-5-21-4194929627-135268339-832707909-1001UA : C:\Users\Tucker & Skitz\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> DELETED
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: ST31000524AS +++++
--- User ---
[MBR] f8d023419c9e25ea04b5076eb609c65d
[BSP] 63d443524c8d41cb03a2567a4fc14e94 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: ST31000524AS +++++
--- User ---
[MBR] c7486ce56bce6577b7d674dbde834971
[BSP] ceb84c3e7b096f62a58a22cb4210973b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Finished : << RKreport[0]_D_09022013_111813.txt >>
RKreport[0]_D_08252013_094858.txt;RKreport[0]_S_08252013_092407.txt;RKreport[0]_S_08252013_093248.txt
RKreport[0]_S_08252013_094942.txt;RKreport[0]_S_09022013_111659.txt
 
frst:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-09-2013 04
Ran by LK (administrator) on LK-PC on 02-09-2013 11:19:38
Running from C:\Users\Tucker & Skitz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files\AVAST Software\Avast\OpenVpn\openvpn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
Winlogon\Notify\PFW: 
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [HijackThis startup scan] - C:\Users\Tucker & Skitz\Downloads\HijackThis.exe [388608 2013-08-16] (Trend Micro Inc.)
HKCU\...\Run: [OpenDNS Updater] - C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] ()
MountPoints2: {2bef1dc8-4dd5-11e2-8ec4-806e6f6e6963} - D:\Run.exe
MountPoints2: {4b526047-4d6d-11e2-8815-806e6f6e6963} - D:\Run.exe
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EVGAPrecision - Shortcut.lnk
ShortcutTarget: EVGAPrecision - Shortcut.lnk -> C:\Program Files\EVGA Precision X\EVGAPrecision.exe ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.3
Tcpip\..\Interfaces\{5B01C297-F40C-4062-A1E9-FD3F6C61C878}: [NameServer]208.67.222.222,208.67.202.202
Tcpip\..\Interfaces\{FCF2A168-B7A7-405A-BB5E-C78FB6568573}: [NameServer]208.67.222.222,208.67.202.202
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Ancient History Encyclopedia) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle\3_0
CHR Extension: (3DTin) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi\1.1_0
CHR Extension: (Google Docs) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0
CHR Extension: (Useful Periodic Table) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\chachkegffmilnmdlonllkhkfkakghie\2.0.2_0
CHR Extension: (Google Search) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Search by Image (by Google)) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0
CHR Extension: (Google Tasks (by Google)) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd\1.0_0
CHR Extension: (MaskMe) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg\1.27.316_0
CHR Extension: (Facebook Disconnect) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec\1.3.0_0
CHR Extension: (DoNotTrackMe) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd\2.2.9.815_0
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh\1_0
CHR Extension: (avast! Ad Blocker) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
CHR Extension: (Pathuku) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkiilmogcdkeefnbemdagpmcediekadb\1.24.0.0_0
CHR Extension: (Chrome to Mobile) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\2_0
CHR Extension: (Autodesk Homestyler) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.3_0
CHR Extension: (Steambirds: Survival) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn\1.0_0
CHR Extension: (FVD Downloader) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.3.7_0
CHR Extension: (TV for Google Chrome™) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.1.1_0
CHR Extension: (Google Dictionary (by Google)) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Scientific Calculator) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoipmeppdioagbkigdlnpmjphnolaog\1.0.0_0
CHR Extension: (My Chrome Theme) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0
CHR Extension: (Sinuous) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\omlmnomieeknagejjojcpdomnbnbchdl\1.0.4_0
CHR Extension: (Weather Underground) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0
CHR Extension: (Gmail) - C:\Users\LK\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-05-09] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 DES2 Service; "C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe" [x]
S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [x]
S4 TVService; "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TVService.exe" [x]
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2013-03-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\drivers\aswNdis2.sys [270824 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-21] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-21] ()
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-08-19] (Windows ® Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2013-08-19] (Windows ® Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-19] (Windows ® Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-08-19] (Windows ® Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-19] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-08-19] ()
R3 ICTDrv; C:\Windows\System32\DRIVERS\ICTDrv.sys [21504 2010-09-15] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-02-21] ()
S3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-02-21] ()
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [266752 2012-08-26] (Jungo)
S2 IOCBIOS; \??\C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [x]
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S3 SysInfo; \??\C:\Windows\system32\drivers\SysInfo.sys [x]
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys 0BAEFD3F648C6E7AB52990DD9565E4E2
C:\Windows\System32\Drivers\aswFW.sys 7A62C389380F6FF3FA952D511D8790B8
C:\Windows\System32\Drivers\aswKbd.sys 890918D53B80B474CFAFB48995B85AF3
C:\Windows\system32\drivers\aswMonFlt.sys FA562F34ED6633C66170B09182B4C049
C:\Windows\System32\DRIVERS\aswNdis.sys 518B8D447A1975AB46DA093A2E743256
C:\Windows\System32\drivers\aswNdis2.sys 94CCA87794454E1824D59B092B9F70C4
C:\Windows\System32\Drivers\aswrdr2.sys 64E2BAB4096C13D2342BC4661C967E07
C:\Windows\System32\Drivers\aswRvrt.sys 5573AA70993A2BB81525B1C704B88763
C:\Windows\System32\Drivers\aswSnx.sys 8C0800CDB501CFC1164B286A0478DC10
C:\Windows\System32\Drivers\aswSP.sys 3815DB16CDA62190F5C0A65118F3D714
C:\Windows\System32\Drivers\aswTdi.sys 29DD8E458A84171202AA4979364C30C0
C:\Windows\System32\Drivers\aswVmm.sys 22F521108881DC59837F6FC614E0568F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrSerIb.sys 63A00CDBEB300522C49EC7CA77324060
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrUsbSIb.sys BBCFD6C6EF66449F55AF1BFDB08C9B12
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\etdrv.sys 84486624268E078255BC7AA47F0960BC
C:\Windows\etdrv.sys 84486624268E078255BC7AA47F0960BC
C:\Windows\System32\Drivers\EtronHub3.sys 3DBC10CBC436288801FAEE66DE91AE47
C:\Windows\System32\Drivers\EtronXHCI.sys DE261095A2220D400D9603E1E42D4185
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\gdrv.sys 7907E14F9BCF3A4689C9A74A1A873CB6
C:\Windows\gdrv.sys 7907E14F9BCF3A4689C9A74A1A873CB6
C:\Windows\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
C:\Windows\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 26CF4275034214ECEDD8EC17B0A18A99
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ICCWDT.sys 94A05C51681244B370C4BAC9B31A5056
C:\Windows\System32\DRIVERS\ICTDrv.sys 0F363350230217FBF282657BA229FBE8
C:\Windows\System32\DRIVERS\igdkmd64.sys 348214F96642FD4FEF630DE021BA3540
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys C2F868881D48A568B525255F084EF063
C:\Windows\System32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mvs91xx.sys A986DC81534582FA478C286E8F57A877
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys B4F53BCA4C688FF47F04FA90098F896E
C:\Windows\System32\DRIVERS\nvlddmkm.sys EE6B7B6A54BCAFF516E30B1C15467495
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\drivers\nvvad64v.sys 92E4BEE1A9EC0572F794B5BAECC0B599
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\RMCAST.sys CAF88D6573D21CD2AA27001DDBFDC74D
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Program Files (x86)\EVGA Precision X\RTCore64.sys A1EBBF0EE62278F8392CB3899710E631
C:\Program Files (x86)\EVGA Precision X\RTCore64.sys A1EBBF0EE62278F8392CB3899710E631
C:\Windows\System32\DRIVERS\Rt64win7.sys 39A719875F572241C585A629EE62EB14
C:\Windows\System32\DRIVERS\RtNdPt60.sys 2B38C905492F36FE42B59DA52D6B4EB7
C:\Windows\System32\DRIVERS\RtTeam60.sys 8DF706A5A12A4832A3291A1FF26A7CC1
C:\Windows\System32\DRIVERS\RtVlan620.sys ED0624ED83121E1BC141F49B1316CAA0
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelsmb.sys 3DA591BBAB178A3152B8685DC43B20CD
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys 3C23BE0DAD748BAE77E87F18F34EBA0E
C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RtTeam60.sys 8DF706A5A12A4832A3291A1FF26A7CC1
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser.sys 4ACEE387FA8FD39F83564FCD2FC234F2
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\drivers\windrvr6.sys 2CB8EA7B3256FDBA51F402843E2A3617
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-02 11:19 - 2013-09-02 11:19 - 00000000 ____D C:\FRST
2013-09-02 11:18 - 2013-09-02 11:18 - 00002907 _____ C:\Users\LK\Desktop\RKreport[0]_D_09022013_111813.txt
2013-09-02 11:16 - 2013-09-02 11:16 - 00003585 _____ C:\Users\LK\Desktop\RKreport[0]_S_09022013_111659.txt
2013-09-02 11:04 - 2013-09-02 11:04 - 00001901 _____ C:\Users\Tucker & Skitz\Desktop\SafeZone Browser.lnk
2013-09-02 10:48 - 2013-09-02 14:02 - 00000000 ___SD C:\ComboFix
2013-09-02 10:47 - 2013-09-02 14:02 - 00000000 ____D C:\Windows\erdnt
2013-09-02 10:47 - 2013-09-02 10:48 - 00000000 ____D C:\Qoobox
2013-09-02 10:39 - 2013-09-02 10:39 - 00010833 _____ C:\Users\LK\Documents\hijackthisasd
2013-09-01 22:00 - 2013-09-01 22:00 - 00002020 _____ C:\Users\LK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenDNS Updater.lnk
2013-09-01 22:00 - 2013-09-01 22:00 - 00000000 ____D C:\Users\LK\AppData\Roaming\OpenDNS Updater
2013-09-01 22:00 - 2013-09-01 22:00 - 00000000 ____D C:\Program Files (x86)\OpenDNS Updater
2013-09-01 21:56 - 2013-09-01 21:56 - 00225336 _____ C:\Users\Tucker & Skitz\Downloads\OpenDNS-Updater-2.2.1.exe
2013-09-01 21:34 - 2013-09-01 21:34 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-08-25 11:47 - 2013-08-25 11:47 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\NVIDIA
2013-08-25 11:15 - 2013-08-25 11:22 - 00000000 ____D C:\AdwCleaner
2013-08-25 09:58 - 2013-08-25 09:58 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\rtk
2013-08-25 09:57 - 2013-08-25 09:57 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Tucker & Skitz\Downloads\mbar-1.07.0.1005.exe
2013-08-25 09:56 - 2013-08-25 09:56 - 00204496 _____ (Malwarebytes) C:\Users\Tucker & Skitz\Downloads\startuplite-setup-1.07.exe
2013-08-25 09:54 - 2013-08-25 09:54 - 00012080 _____ C:\Users\LK\Documents\hijackthis222
2013-08-25 09:49 - 2013-08-25 09:49 - 00002594 _____ C:\Users\LK\Desktop\RKreport[0]_S_08252013_094942.txt
2013-08-25 09:48 - 2013-08-25 09:48 - 00002690 _____ C:\Users\LK\Desktop\RKreport[0]_D_08252013_094858.txt
2013-08-25 09:32 - 2013-08-25 09:32 - 00002591 _____ C:\Users\LK\Desktop\RKreport[0]_S_08252013_093248.txt
2013-08-25 09:24 - 2013-08-25 09:24 - 00002558 _____ C:\Users\LK\Desktop\RKreport[0]_S_08252013_092407.txt
2013-08-25 09:22 - 2013-09-02 11:18 - 00000000 ____D C:\Users\LK\Desktop\RK_Quarantine
2013-08-24 11:27 - 2013-08-24 11:27 - 00000053 _____ C:\Users\Tucker & Skitz\AppData\Roaming\WB.CFG
2013-08-24 10:27 - 2013-08-25 07:33 - 00000000 ____D C:\Program Files\DivX
2013-08-24 10:26 - 2013-08-25 07:35 - 00000000 ____D C:\Program Files (x86)\DivX
2013-08-24 10:26 - 2013-08-25 07:33 - 00000000 ____D C:\ProgramData\DivX
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Users\LK\AppData\Roaming\LavFilters
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Users\LK\AppData\Roaming\CDXReader
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files (x86)\Haali
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-08-23 17:17 - 2013-08-23 17:17 - 00000000 ____D C:\NvidiaLogging
2013-08-23 17:16 - 2013-09-02 14:02 - 00000000 ____D C:\Users\LK\AppData\Local\NVIDIA
2013-08-23 17:16 - 2013-05-14 14:28 - 00039712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-23 17:16 - 2013-05-14 14:27 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-23 17:16 - 2013-05-14 14:27 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-23 17:15 - 2013-08-23 17:15 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-08-23 17:15 - 2013-08-23 17:15 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-23 17:14 - 2013-06-21 07:06 - 27781920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 21102368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 15144928 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 12427240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 11235104 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-23 17:14 - 2013-06-21 07:06 - 09239344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 07687592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 02953504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 02777888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 02597856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432049.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432049.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00572704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00570656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00467232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00465184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-23 17:14 - 2013-06-21 07:06 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-23 17:04 - 2013-06-21 05:23 - 06496544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-23 17:04 - 2013-06-21 05:23 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-23 17:04 - 2013-06-21 05:23 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-23 17:04 - 2013-06-21 05:23 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-23 17:04 - 2013-06-21 05:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-23 17:04 - 2013-06-19 23:17 - 03253909 _____ C:\Windows\system32\nvcoproc.bin
2013-08-23 17:03 - 2013-09-02 14:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-08-23 17:03 - 2013-06-21 07:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-23 17:03 - 2013-06-21 07:06 - 13411896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-23 17:03 - 2013-06-21 07:06 - 02936208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-23 17:03 - 2013-06-21 07:06 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-23 17:03 - 2013-06-21 07:06 - 00021578 _____ C:\Windows\system32\nvinfo.pb
2013-08-23 17:03 - 2012-12-29 05:34 - 01813432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco64.dll
2013-08-23 17:03 - 2012-12-29 05:34 - 01504696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco64.dll
2013-08-23 13:32 - 2013-08-23 13:32 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\fritz drawings
2013-08-23 12:49 - 2013-08-23 12:49 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Fritzing
2013-08-23 12:48 - 2013-08-23 12:48 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\fritzing
2013-08-21 13:13 - 2013-08-21 13:13 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\ARD101_Tutorial_Code
2013-08-21 13:12 - 2013-08-21 13:12 - 00017298 _____ C:\Users\Tucker & Skitz\Downloads\ARD101_Tutorial_Code.zip
2013-08-21 06:51 - 2013-09-02 11:04 - 00001922 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-08-21 06:51 - 2013-08-21 06:51 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-21 06:51 - 2013-08-21 06:51 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00270824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-21 06:51 - 2013-05-09 03:59 - 00022600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-08-21 06:51 - 2013-05-09 03:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-21 06:51 - 2013-03-13 13:01 - 00012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2013-08-21 06:43 - 2013-08-21 06:43 - 00326144 _____ (AVAST Software) C:\Users\Tucker & Skitz\Downloads\aswclear.exe
2013-08-20 18:03 - 2013-08-20 18:04 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\Download
2013-08-20 18:03 - 2013-08-20 18:03 - 00943952 _____ C:\Users\Tucker & Skitz\Downloads\IObit_Uninstaller_downloader.exe
2013-08-20 16:54 - 2013-08-20 16:54 - 00015417 _____ C:\Users\Tucker & Skitz\Documents\Book1acc.xlsx
2013-08-19 12:15 - 2013-08-19 12:15 - 01437003 _____ C:\Users\Tucker & Skitz\Downloads\ADXL345 module.rar
2013-08-19 11:58 - 2013-08-25 10:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-19 11:57 - 2013-08-19 12:09 - 00000000 ____D C:\Users\LK\Desktop\mbar
2013-08-19 11:54 - 2013-09-02 14:02 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Malwarebytes
2013-08-19 11:06 - 2013-08-19 11:06 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-19 11:06 - 2013-08-19 11:06 - 00000000 ____D C:\Users\LK\AppData\Roaming\Malwarebytes
2013-08-19 11:06 - 2013-08-19 11:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-19 11:06 - 2013-08-19 11:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-19 11:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-19 11:05 - 2013-08-19 11:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Tucker & Skitz\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-19 08:39 - 2013-09-02 14:02 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\backups
2013-08-18 09:49 - 2013-08-18 09:49 - 00002261 _____ C:\Users\Tucker & Skitz\Downloads\BM003_Arduino_flash_data_logger.zip
2013-08-17 21:04 - 2013-08-17 21:04 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\Adobe
2013-08-17 13:24 - 2013-08-17 13:24 - 00001730 _____ C:\Users\Tucker & Skitz\Downloads\license.avastlic
2013-08-16 16:18 - 2013-08-16 16:18 - 14012484 _____ C:\Users\Tucker & Skitz\Downloads\SaltLakesDeadSea.themepack
2013-08-16 12:50 - 2013-08-16 12:50 - 00002966 _____ C:\Windows\System32\Tasks\{C76F87E0-B6C4-4B30-86EF-07403449AAFB}
2013-08-16 12:46 - 2013-08-16 13:08 - 00000000 ____D C:\Users\LK\AppData\Local\CrashDumps
2013-08-16 12:34 - 2013-08-16 12:38 - 00080473 _____ C:\Windows\iis7.log
2013-08-16 12:31 - 2013-08-16 12:35 - 00000000 ____D C:\inetpub
2013-08-16 10:38 - 2012-02-16 13:42 - 00676968 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-08-16 10:38 - 2012-02-16 13:42 - 00074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-08-16 10:37 - 2013-08-16 10:37 - 00000000 ____D C:\Users\LK\Downloads\realtek
2013-08-16 10:36 - 2013-08-16 10:36 - 05909784 _____ C:\Users\LK\Desktop\Realtek_PCIe_GBE_Win7_7053_03162012.zip
2013-08-16 10:01 - 2013-08-20 18:04 - 00000000 ____D C:\Users\LK\AppData\Roaming\IObit
2013-08-16 10:01 - 2013-08-16 10:01 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\IObit
2013-08-16 10:01 - 2013-08-16 10:01 - 00000000 ____D C:\ProgramData\IObit
2013-08-16 10:01 - 2013-08-16 10:01 - 00000000 ____D C:\Program Files (x86)\IObit
2013-08-16 09:46 - 2013-08-16 09:46 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-16 09:41 - 2013-08-16 09:41 - 02218636 _____ C:\Users\Tucker & Skitz\Downloads\tdsskiller.zip
2013-08-16 09:41 - 2013-08-16 09:41 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\tdsskiller
2013-08-16 09:30 - 2013-08-16 09:30 - 00055791 _____ C:\Users\Tucker & Skitz\Downloads\startuplist.txt
2013-08-16 09:28 - 2013-08-16 09:28 - 00050688 _____ (Atribune.org) C:\Users\Tucker & Skitz\Downloads\ATF-Cleaner.exe
2013-08-16 08:54 - 2013-08-16 08:54 - 00012219 _____ C:\Users\LK\Documents\hijackthisdoc.txt
2013-08-16 08:54 - 2013-08-16 08:54 - 00012219 _____ C:\Users\LK\Desktop\hijackthisdoc.txt
2013-08-16 08:47 - 2013-08-16 08:47 - 00012219 _____ C:\Users\LK\Desktop\hijackthis.log
2013-08-16 08:46 - 2013-08-16 13:28 - 00011789 _____ C:\Users\Tucker & Skitz\Downloads\hijackthis.log
2013-08-16 08:45 - 2013-08-16 08:45 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tucker & Skitz\Downloads\HijackThis.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-16 03:31 - 2013-08-16 03:31 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-16 03:31 - 2013-08-16 03:31 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-16 03:31 - 2013-08-16 03:31 - 00000000 ____D C:\Program Files\Java
2013-08-16 03:29 - 2013-08-16 03:29 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-16 03:29 - 2013-08-16 03:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-16 03:29 - 2013-08-16 03:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-16 03:29 - 2013-08-16 03:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-16 02:56 - 2013-08-16 03:09 - 00000000 ____D C:\Program Files (x86)\Skin Pack
2013-08-16 02:56 - 2013-08-16 02:56 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.tmp
2013-08-16 02:56 - 2013-08-16 02:56 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.tmp
2013-08-16 02:56 - 2013-02-27 00:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-08-16 02:56 - 2013-02-27 00:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-08-16 02:56 - 2011-02-25 01:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-08-16 02:56 - 2010-11-20 22:24 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.backup
2013-08-16 02:56 - 2010-11-20 22:24 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-08-16 02:56 - 2010-11-20 22:24 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2013-08-16 02:56 - 2010-11-20 22:24 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2013-08-16 02:56 - 2010-11-20 22:24 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-08-16 02:56 - 2010-11-20 22:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2013-08-16 02:56 - 2010-11-20 22:23 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2013-08-16 02:56 - 2010-11-20 22:23 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2013-08-16 02:56 - 2009-07-13 20:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2013-08-16 02:56 - 2009-07-13 20:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2013-08-16 02:56 - 2009-07-13 20:39 - 06676480 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2013-08-16 02:56 - 2009-07-13 20:39 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2013-08-16 02:56 - 2009-07-13 20:38 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2013-08-16 02:56 - 2009-07-13 20:28 - 20268032 _____ (Microsoft Corporation) C:\Windows\system32\imageres.dll
2013-08-16 02:56 - 2009-07-13 20:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\imagesp1.dll
2013-08-16 02:56 - 2009-07-13 20:11 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.backup
2013-08-16 02:55 - 2013-08-16 02:55 - 00000000 ____D C:\Users\LK\AppData\Local\avgchrome
2013-08-16 02:54 - 2013-08-16 02:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 02:46 - 2013-08-16 02:46 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-08-16 02:46 - 2013-08-16 02:46 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-08-16 02:46 - 2012-06-19 03:54 - 04065296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2013-08-16 02:46 - 2012-06-19 00:31 - 00293889 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2013-08-16 02:46 - 2012-06-14 00:43 - 05096448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2013-08-16 02:46 - 2012-06-08 03:18 - 03615888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2013-08-16 02:46 - 2012-06-05 21:44 - 00869520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2013-08-16 02:46 - 2012-05-31 20:37 - 02674320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2013-08-16 02:46 - 2012-05-31 05:08 - 00105616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2013-08-16 02:46 - 2012-05-16 22:29 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2013-08-16 02:46 - 2012-05-16 22:29 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2013-08-16 02:46 - 2012-05-16 22:29 - 00141152 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2013-08-16 02:46 - 2012-05-16 22:29 - 00123744 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2013-08-16 02:46 - 2012-05-16 22:29 - 00074592 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2013-08-16 02:46 - 2012-05-10 02:22 - 01262696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2013-08-16 02:46 - 2012-04-03 05:42 - 01345368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2013-08-16 02:46 - 2012-02-21 06:45 - 02605400 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2013-08-16 02:46 - 2012-02-17 02:54 - 00396632 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2013-08-16 02:46 - 2012-01-29 22:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2013-08-16 02:46 - 2012-01-09 21:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2013-08-16 02:46 - 2011-12-20 02:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2013-08-16 02:46 - 2011-12-19 16:43 - 00220776 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2013-08-16 02:46 - 2011-12-13 03:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2013-08-16 02:46 - 2011-11-22 03:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2013-08-16 02:46 - 2011-09-02 01:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2013-08-16 02:46 - 2011-09-02 01:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2013-08-16 02:46 - 2011-09-02 01:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2013-08-16 02:46 - 2011-03-16 23:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2013-08-16 02:46 - 2011-03-07 04:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2013-08-16 02:46 - 2010-11-07 18:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2013-08-16 02:46 - 2010-11-07 18:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2013-08-16 02:46 - 2010-11-07 18:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2013-08-16 02:46 - 2010-11-07 18:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2013-08-16 02:46 - 2010-11-07 18:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2013-08-16 02:46 - 2010-11-07 18:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2013-08-16 02:46 - 2010-11-03 05:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2013-08-16 02:46 - 2010-07-22 03:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2013-08-16 02:46 - 2009-11-23 20:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2013-08-16 02:46 - 2009-11-23 20:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2013-08-16 02:46 - 2009-11-23 20:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2013-08-16 02:46 - 2009-11-23 20:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2013-08-16 02:45 - 2012-04-10 01:40 - 02533952 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2013-08-16 02:45 - 2012-04-03 05:42 - 01015640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2013-08-16 02:45 - 2012-03-07 22:47 - 00202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2013-08-16 02:45 - 2012-03-07 22:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2013-08-16 02:45 - 2012-02-13 11:05 - 08363864 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2013-08-16 02:45 - 2012-01-23 09:30 - 00537456 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2013-08-16 02:45 - 2012-01-23 09:30 - 00524656 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2013-08-16 02:45 - 2012-01-23 09:30 - 00449392 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2013-08-16 02:45 - 2011-12-18 04:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2013-08-16 02:45 - 2011-08-23 04:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2013-08-16 02:45 - 2011-05-30 20:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2013-08-16 02:45 - 2010-10-03 00:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2013-08-16 02:45 - 2010-09-26 20:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2013-08-16 02:44 - 2013-08-16 02:46 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Process Hacker
2013-08-16 02:29 - 2011-09-16 02:12 - 00032360 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtVlan620.sys
2013-08-16 02:29 - 2011-06-15 08:11 - 00058472 _____ (Realtek Corporation) C:\Windows\system32\Drivers\RtTeam60.sys
2013-08-16 02:29 - 2011-06-15 08:11 - 00027136 _____ (Realtek                                            ) C:\Windows\system32\Drivers\RtNdPt60.sys
2013-08-16 01:12 - 2013-08-16 17:26 - 00000000 ____D C:\Program Files\Process Hacker
2013-08-15 23:41 - 2013-08-15 23:41 - 00000017 _____ C:\Users\LK\AppData\Local\resmon.resmoncfg
2013-08-15 22:38 - 2013-08-15 22:38 - 00924173 _____ C:\Users\Tucker & Skitz\Downloads\BrMain480.exe
2013-08-15 22:36 - 2013-08-15 22:36 - 05009608 _____ (Macrovision Corporation) C:\Users\Tucker & Skitz\Downloads\bal1240000en (1).exe
2013-08-15 22:35 - 2013-08-15 22:36 - 05009608 _____ (Macrovision Corporation) C:\Users\Tucker & Skitz\Downloads\bal1240000en.exe
2013-08-15 22:14 - 2013-08-15 22:14 - 00000000 ____D C:\Users\LK\AppData\Roaming\ControlCenter4
2013-08-13 19:55 - 2013-08-15 22:32 - 00000000 ____D C:\Users\LK\AppData\Roaming\VisualAssistAtmel
2013-08-13 19:55 - 2013-08-15 22:32 - 00000000 ____D C:\Users\LK\AppData\Local\VisualAssistAtmel
2013-08-13 19:55 - 2013-08-13 19:55 - 00000000 ____D C:\Users\LK\AppData\Local\IsolatedStorage
2013-08-13 19:41 - 2013-08-13 19:41 - 00002108 _____ C:\Users\Public\Desktop\Atmel Studio 6.1.lnk
2013-08-13 19:34 - 2013-08-13 19:34 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-08-13 19:33 - 2013-08-13 19:33 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-08-13 18:34 - 2013-08-13 18:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2010 SDK
2013-08-13 18:20 - 2013-08-13 18:47 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\ATMEL PROG
2013-08-13 16:20 - 2013-08-13 16:20 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\Datasheets
2013-08-13 14:45 - 2013-07-26 00:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-13 14:45 - 2013-07-26 00:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-13 14:45 - 2013-07-26 00:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-13 14:45 - 2013-07-26 00:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-13 14:45 - 2013-07-25 22:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-13 14:45 - 2013-07-25 22:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-13 14:45 - 2013-07-25 22:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-13 14:45 - 2013-07-25 22:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-13 14:45 - 2013-07-25 22:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-13 14:45 - 2013-07-25 22:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-13 14:45 - 2013-07-25 21:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-13 14:45 - 2013-07-25 21:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-13 14:45 - 2013-07-25 20:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-13 14:41 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-13 14:41 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 14:41 - 2013-07-18 20:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 14:41 - 2013-07-18 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 14:41 - 2013-07-09 01:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-13 14:41 - 2013-07-09 00:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-13 14:41 - 2013-07-09 00:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-13 14:41 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-13 14:41 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-13 14:41 - 2013-07-09 00:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-13 14:41 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-13 14:41 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-13 14:41 - 2013-07-09 00:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-13 14:41 - 2013-07-09 00:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-13 14:41 - 2013-07-08 23:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-13 14:41 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-13 14:41 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-13 14:41 - 2013-07-08 23:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-13 14:41 - 2013-07-08 23:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-13 14:41 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-13 14:41 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-13 14:41 - 2013-07-08 21:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-13 14:41 - 2013-07-08 21:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-13 14:41 - 2013-07-08 21:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-13 14:41 - 2013-07-08 21:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-13 14:41 - 2013-07-06 01:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-13 14:41 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 14:04 - 2013-08-15 23:48 - 00003184 _____ C:\Windows\System32\Tasks\{521A1FA8-B733-4CD6-AC19-1BBDEA6EA73D}
2013-08-13 14:04 - 2013-08-13 14:04 - 00002938 _____ C:\Windows\System32\Tasks\{2D36F76D-CAC7-4EE4-8196-700A502C1CDE}
2013-08-13 14:02 - 2013-08-13 14:02 - 00000000 ____D C:\New Folder1
2013-08-12 18:02 - 2013-08-12 18:02 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Help
2013-08-12 18:02 - 2013-08-12 18:02 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\Help
2013-08-12 17:06 - 2013-08-13 13:58 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\EAGLE LIBRARIES
2013-08-12 04:54 - 2013-08-12 04:54 - 01932149 _____ C:\Users\Tucker & Skitz\Downloads\CDM20830_Setup.exe
2013-08-07 13:36 - 2013-08-07 13:38 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\ControlCenter4
2013-08-07 13:29 - 2013-08-07 13:29 - 00002140 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2013-08-07 13:28 - 2013-08-07 13:29 - 00000066 _____ C:\Windows\Brfaxrx.ini
2013-08-07 13:28 - 2013-08-07 13:28 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-08-07 13:28 - 2013-08-07 13:28 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-08-07 13:28 - 2013-08-07 13:28 - 00000000 ____D C:\Brother
2013-08-07 13:28 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2013-08-07 13:28 - 2012-03-19 13:09 - 00245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2013-08-07 13:28 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2013-08-07 13:28 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
 
==================== One Month Modified Files and Folders =======
 
2013-09-02 14:02 - 2013-09-02 10:47 - 00000000 ____D C:\Windows\erdnt
2013-09-02 14:02 - 2013-08-23 17:16 - 00000000 ____D C:\Users\LK\AppData\Local\NVIDIA
2013-09-02 14:02 - 2013-08-23 17:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-02 14:02 - 2013-08-19 11:54 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Malwarebytes
2013-09-02 14:02 - 2013-08-19 08:39 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\backups
2013-09-02 14:02 - 2013-02-12 23:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-02 14:02 - 2013-02-12 23:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-02 14:02 - 2013-02-12 23:31 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-02 14:02 - 2013-01-10 12:32 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-09-02 14:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-02 14:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-09-02 14:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-09-02 11:19 - 2013-09-02 11:19 - 01951950 _____ (Farbar) C:\Users\Tucker & Skitz\Downloads\FRST64.exe
2013-09-02 11:19 - 2013-09-02 11:19 - 00000000 ____D C:\FRST
2013-09-02 11:18 - 2013-09-02 11:18 - 00002907 _____ C:\Users\LK\Desktop\RKreport[0]_D_09022013_111813.txt
2013-09-02 11:18 - 2013-08-25 09:22 - 00000000 ____D C:\Users\LK\Desktop\RK_Quarantine
2013-09-02 11:16 - 2013-09-02 11:16 - 00003585 _____ C:\Users\LK\Desktop\RKreport[0]_S_09022013_111659.txt
2013-09-02 11:11 - 2009-07-13 23:45 - 00022720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 11:11 - 2009-07-13 23:45 - 00022720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-02 11:07 - 2012-12-23 20:15 - 01802313 _____ C:\Windows\WindowsUpdate.log
2013-09-02 11:06 - 2012-12-23 20:15 - 00000000 ____D C:\Users\LK
2013-09-02 11:04 - 2013-09-02 11:04 - 00001901 _____ C:\Users\Tucker & Skitz\Desktop\SafeZone Browser.lnk
2013-09-02 11:04 - 2013-08-21 06:51 - 00001922 _____ C:\Users\Public\Desktop\avast! Internet Security.lnk
2013-09-02 11:04 - 2013-02-13 14:50 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-02 11:04 - 2013-02-13 14:50 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-02 11:04 - 2012-12-25 11:44 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-02 11:03 - 2013-07-27 15:11 - 00006053 _____ C:\Windows\setupact.log
2013-09-02 11:03 - 2012-12-24 10:18 - 00000000 ____D C:\Users\Tucker & Skitz
2013-09-02 11:03 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 10:54 - 2009-07-13 21:34 - 82837504 _____ C:\Windows\system32\config\software.bak
2013-09-02 10:54 - 2009-07-13 21:34 - 22806528 _____ C:\Windows\system32\config\system.bak
2013-09-02 10:54 - 2009-07-13 21:34 - 04980736 _____ C:\Windows\system32\config\default.bak
2013-09-02 10:54 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2013-09-02 10:54 - 2009-07-13 21:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2013-09-02 10:48 - 2013-09-02 10:47 - 00000000 ____D C:\Qoobox
2013-09-02 10:39 - 2013-09-02 10:39 - 00010833 _____ C:\Users\LK\Documents\hijackthisasd
2013-09-01 22:52 - 2012-12-25 11:44 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-01 22:40 - 2013-02-14 06:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 22:00 - 2013-09-01 22:00 - 00002020 _____ C:\Users\LK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenDNS Updater.lnk
2013-09-01 22:00 - 2013-09-01 22:00 - 00000000 ____D C:\Users\LK\AppData\Roaming\OpenDNS Updater
2013-09-01 22:00 - 2013-09-01 22:00 - 00000000 ____D C:\Program Files (x86)\OpenDNS Updater
2013-09-01 21:56 - 2013-09-01 21:56 - 00225336 _____ C:\Users\Tucker & Skitz\Downloads\OpenDNS-Updater-2.2.1.exe
2013-09-01 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-09-01 21:34 - 2013-09-01 21:34 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-08-25 13:28 - 2013-03-03 14:21 - 00003010 _____ C:\Windows\System32\Tasks\EVGAPrecision
2013-08-25 13:05 - 2009-07-14 00:13 - 00815714 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-25 11:47 - 2013-08-25 11:47 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\NVIDIA
2013-08-25 11:22 - 2013-08-25 11:15 - 00000000 ____D C:\AdwCleaner
2013-08-25 10:58 - 2013-02-03 13:10 - 00009960 _____ C:\Windows\IE10_main.log
2013-08-25 10:55 - 2013-01-06 12:42 - 00339088 _____ C:\Windows\PFRO.log
2013-08-25 10:55 - 2012-12-25 11:45 - 00000000 ____D C:\Program Files\Google
2013-08-25 10:55 - 2012-12-25 11:44 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-25 10:53 - 2012-12-25 11:44 - 00000000 ____D C:\Users\LK\AppData\Local\Google
2013-08-25 10:52 - 2013-06-19 12:00 - 00000000 ____D C:\Users\Public\Documents\DesignSpark PCB 5.0
2013-08-25 10:52 - 2012-12-23 20:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-25 10:14 - 2012-12-23 21:44 - 00089424 _____ C:\Users\LK\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-25 10:11 - 2013-08-19 11:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-25 09:58 - 2013-08-25 09:58 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\rtk
2013-08-25 09:57 - 2013-08-25 09:57 - 12907592 _____ (Malwarebytes Corp.) C:\Users\Tucker & Skitz\Downloads\mbar-1.07.0.1005.exe
2013-08-25 09:56 - 2013-08-25 09:56 - 00204496 _____ (Malwarebytes) C:\Users\Tucker & Skitz\Downloads\startuplite-setup-1.07.exe
2013-08-25 09:54 - 2013-08-25 09:54 - 00012080 _____ C:\Users\LK\Documents\hijackthis222
2013-08-25 09:49 - 2013-08-25 09:49 - 00002594 _____ C:\Users\LK\Desktop\RKreport[0]_S_08252013_094942.txt
2013-08-25 09:49 - 2013-07-21 19:43 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\1 Arduino
2013-08-25 09:48 - 2013-08-25 09:48 - 00002690 _____ C:\Users\LK\Desktop\RKreport[0]_D_08252013_094858.txt
2013-08-25 09:32 - 2013-08-25 09:32 - 00002591 _____ C:\Users\LK\Desktop\RKreport[0]_S_08252013_093248.txt
2013-08-25 09:24 - 2013-08-25 09:24 - 00002558 _____ C:\Users\LK\Desktop\RKreport[0]_S_08252013_092407.txt
2013-08-25 07:59 - 2012-12-24 10:18 - 00089424 _____ C:\Users\Tucker & Skitz\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-25 07:35 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files (x86)\DivX
2013-08-25 07:33 - 2013-08-24 10:27 - 00000000 ____D C:\Program Files\DivX
2013-08-25 07:33 - 2013-08-24 10:26 - 00000000 ____D C:\ProgramData\DivX
2013-08-24 11:27 - 2013-08-24 11:27 - 00000053 _____ C:\Users\Tucker & Skitz\AppData\Roaming\WB.CFG
2013-08-24 10:37 - 2009-07-13 23:45 - 00362072 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Users\LK\AppData\Roaming\LavFilters
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Users\LK\AppData\Roaming\CDXReader
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files (x86)\Haali
2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files (x86)\DSP-worx
2013-08-23 18:40 - 2013-03-03 14:20 - 00000000 ____D C:\Program Files (x86)\EVGA Precision X
2013-08-23 18:37 - 2013-06-21 19:17 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\Diary of a Madman
2013-08-23 17:17 - 2013-08-23 17:17 - 00000000 ____D C:\NvidiaLogging
2013-08-23 17:15 - 2013-08-23 17:15 - 00001347 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-08-23 17:15 - 2013-08-23 17:15 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-23 17:08 - 2013-02-13 07:10 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\EVGA 560Ti Driver
2013-08-23 17:04 - 2013-07-11 08:27 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\Arduino
2013-08-23 17:04 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2013-08-23 13:32 - 2013-08-23 13:32 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\fritz drawings
2013-08-23 12:49 - 2013-08-23 12:49 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Fritzing
2013-08-23 12:48 - 2013-08-23 12:48 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\fritzing
2013-08-23 05:53 - 2013-02-03 14:00 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-21 13:13 - 2013-08-21 13:13 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\ARD101_Tutorial_Code
2013-08-21 13:12 - 2013-08-21 13:12 - 00017298 _____ C:\Users\Tucker & Skitz\Downloads\ARD101_Tutorial_Code.zip
2013-08-21 11:47 - 2013-03-03 14:11 - 00000000 ___RD C:\Users\Tucker & Skitz\Downloads\evga
2013-08-21 06:51 - 2013-08-21 06:51 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-21 06:51 - 2013-08-21 06:51 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-21 06:51 - 2013-06-27 15:10 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-21 06:51 - 2013-06-26 18:28 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-21 06:51 - 2013-06-26 18:28 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-21 06:51 - 2013-03-18 13:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-21 06:50 - 2013-02-13 14:49 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-21 06:50 - 2013-02-13 14:49 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-21 06:49 - 2013-02-13 18:39 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\New folder
2013-08-21 06:43 - 2013-08-21 06:43 - 00326144 _____ (AVAST Software) C:\Users\Tucker & Skitz\Downloads\aswclear.exe
2013-08-20 18:04 - 2013-08-20 18:03 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\Download
2013-08-20 18:04 - 2013-08-16 10:01 - 00000000 ____D C:\Users\LK\AppData\Roaming\IObit
2013-08-20 18:03 - 2013-08-20 18:03 - 00943952 _____ C:\Users\Tucker & Skitz\Downloads\IObit_Uninstaller_downloader.exe
2013-08-20 16:54 - 2013-08-20 16:54 - 00015417 _____ C:\Users\Tucker & Skitz\Documents\Book1acc.xlsx
2013-08-19 14:29 - 2012-12-24 13:23 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\etdrv.sys
2013-08-19 14:29 - 2012-12-24 10:01 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-08-19 14:29 - 2012-12-23 21:44 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-08-19 12:59 - 2013-07-13 09:35 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\aRDUINO BOOK
2013-08-19 12:15 - 2013-08-19 12:15 - 01437003 _____ C:\Users\Tucker & Skitz\Downloads\ADXL345 module.rar
2013-08-19 12:09 - 2013-08-19 11:57 - 00000000 ____D C:\Users\LK\Desktop\mbar
2013-08-19 11:06 - 2013-08-19 11:06 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-19 11:06 - 2013-08-19 11:06 - 00000000 ____D C:\Users\LK\AppData\Roaming\Malwarebytes
2013-08-19 11:06 - 2013-08-19 11:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-19 11:06 - 2013-08-19 11:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-19 11:05 - 2013-08-19 11:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Tucker & Skitz\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-18 15:46 - 2013-06-16 11:41 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\adruino
2013-08-18 13:48 - 2013-07-21 21:02 - 00000000 ____D C:\Users\Tucker & Skitz\TEMP36 ALL DATA to Serial Port
2013-08-18 09:49 - 2013-08-18 09:49 - 00002261 _____ C:\Users\Tucker & Skitz\Downloads\BM003_Arduino_flash_data_logger.zip
2013-08-17 21:04 - 2013-08-17 21:04 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\Adobe
2013-08-17 13:24 - 2013-08-17 13:24 - 00001730 _____ C:\Users\Tucker & Skitz\Downloads\license.avastlic
2013-08-16 17:26 - 2013-08-16 01:12 - 00000000 ____D C:\Program Files\Process Hacker
2013-08-16 16:18 - 2013-08-16 16:18 - 14012484 _____ C:\Users\Tucker & Skitz\Downloads\SaltLakesDeadSea.themepack
2013-08-16 14:44 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-08-16 13:28 - 2013-08-16 08:46 - 00011789 _____ C:\Users\Tucker & Skitz\Downloads\hijackthis.log
2013-08-16 13:08 - 2013-08-16 12:46 - 00000000 ____D C:\Users\LK\AppData\Local\CrashDumps
2013-08-16 12:50 - 2013-08-16 12:50 - 00002966 _____ C:\Windows\System32\Tasks\{C76F87E0-B6C4-4B30-86EF-07403449AAFB}
2013-08-16 12:38 - 2013-08-16 12:34 - 00080473 _____ C:\Windows\iis7.log
2013-08-16 12:35 - 2013-08-16 12:31 - 00000000 ____D C:\inetpub
2013-08-16 12:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-08-16 12:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\inetsrv
2013-08-16 10:45 - 2013-07-08 12:43 - 00000000 ____D C:\Users\LK\Documents\Visual Studio 2010
2013-08-16 10:38 - 2012-12-23 20:52 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-08-16 10:37 - 2013-08-16 10:37 - 00000000 ____D C:\Users\LK\Downloads\realtek
2013-08-16 10:36 - 2013-08-16 10:36 - 05909784 _____ C:\Users\LK\Desktop\Realtek_PCIe_GBE_Win7_7053_03162012.zip
2013-08-16 10:16 - 2012-12-23 21:00 - 00000000 ____D C:\ProgramData\InstallShield
2013-08-16 10:14 - 2013-06-25 15:59 - 00000000 ____D C:\ProgramData\PCB123
2013-08-16 10:07 - 2013-06-25 15:43 - 00000000 ____D C:\Program Files\OrCAD_Demo
2013-08-16 10:01 - 2013-08-16 10:01 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\IObit
2013-08-16 10:01 - 2013-08-16 10:01 - 00000000 ____D C:\ProgramData\IObit
2013-08-16 10:01 - 2013-08-16 10:01 - 00000000 ____D C:\Program Files (x86)\IObit
2013-08-16 09:46 - 2013-08-16 09:46 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-16 09:41 - 2013-08-16 09:41 - 02218636 _____ C:\Users\Tucker & Skitz\Downloads\tdsskiller.zip
2013-08-16 09:41 - 2013-08-16 09:41 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\tdsskiller
2013-08-16 09:30 - 2013-08-16 09:30 - 00055791 _____ C:\Users\Tucker & Skitz\Downloads\startuplist.txt
2013-08-16 09:28 - 2013-08-16 09:28 - 00050688 _____ (Atribune.org) C:\Users\Tucker & Skitz\Downloads\ATF-Cleaner.exe
2013-08-16 08:54 - 2013-08-16 08:54 - 00012219 _____ C:\Users\LK\Documents\hijackthisdoc.txt
2013-08-16 08:54 - 2013-08-16 08:54 - 00012219 _____ C:\Users\LK\Desktop\hijackthisdoc.txt
2013-08-16 08:47 - 2013-08-16 08:47 - 00012219 _____ C:\Users\LK\Desktop\hijackthis.log
2013-08-16 08:46 - 2013-02-12 23:37 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\8400 GS
2013-08-16 08:45 - 2013-08-16 08:45 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tucker & Skitz\Downloads\HijackThis.exe
2013-08-16 03:45 - 2013-02-01 09:08 - 00000000 ____D C:\Windows\pss
2013-08-16 03:31 - 2013-08-16 03:31 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-08-16 03:31 - 2013-08-16 03:31 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-16 03:31 - 2013-08-16 03:31 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-16 03:31 - 2013-08-16 03:31 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-08-16 03:31 - 2013-08-16 03:31 - 00000000 ____D C:\Program Files\Java
2013-08-16 03:29 - 2013-08-16 03:29 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-16 03:29 - 2013-08-16 03:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-16 03:29 - 2013-08-16 03:29 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-16 03:29 - 2013-08-16 03:29 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-16 03:29 - 2013-01-10 12:29 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-16 03:29 - 2013-01-10 12:29 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-16 03:09 - 2013-08-16 02:56 - 00000000 ____D C:\Program Files (x86)\Skin Pack
2013-08-16 02:56 - 2013-08-16 02:56 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll.tmp
2013-08-16 02:56 - 2013-08-16 02:56 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll.tmp
2013-08-16 02:56 - 2010-11-20 22:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-08-16 02:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Cursors
2013-08-16 02:56 - 2009-07-13 18:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-16 02:56 - 2009-07-13 18:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2013-08-16 02:55 - 2013-08-16 02:55 - 00000000 ____D C:\Users\LK\AppData\Local\avgchrome
2013-08-16 02:54 - 2013-08-16 02:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 02:46 - 2013-08-16 02:46 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-08-16 02:46 - 2013-08-16 02:46 - 00000000 ____D C:\Program Files (x86)\Dolby Home Theater v4
2013-08-16 02:46 - 2013-08-16 02:44 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Process Hacker
2013-08-16 02:29 - 2013-01-10 11:59 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\GIGABYTE
2013-08-15 23:48 - 2013-08-13 14:04 - 00003184 _____ C:\Windows\System32\Tasks\{521A1FA8-B733-4CD6-AC19-1BBDEA6EA73D}
2013-08-15 23:41 - 2013-08-15 23:41 - 00000017 _____ C:\Users\LK\AppData\Local\resmon.resmoncfg
2013-08-15 22:38 - 2013-08-15 22:38 - 00924173 _____ C:\Users\Tucker & Skitz\Downloads\BrMain480.exe
2013-08-15 22:36 - 2013-08-15 22:36 - 05009608 _____ (Macrovision Corporation) C:\Users\Tucker & Skitz\Downloads\bal1240000en (1).exe
2013-08-15 22:36 - 2013-08-15 22:35 - 05009608 _____ (Macrovision Corporation) C:\Users\Tucker & Skitz\Downloads\bal1240000en.exe
2013-08-15 22:32 - 2013-08-13 19:55 - 00000000 ____D C:\Users\LK\AppData\Roaming\VisualAssistAtmel
2013-08-15 22:32 - 2013-08-13 19:55 - 00000000 ____D C:\Users\LK\AppData\Local\VisualAssistAtmel
2013-08-15 22:14 - 2013-08-15 22:14 - 00000000 ____D C:\Users\LK\AppData\Roaming\ControlCenter4
2013-08-15 22:03 - 2012-12-25 11:44 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\Google
2013-08-15 16:58 - 2013-06-26 08:56 - 00772990 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-15 16:56 - 2013-07-08 12:43 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-08-13 22:23 - 2013-07-13 17:51 - 00040960 ___SH C:\Users\Tucker & Skitz\Documents\Thumbs.db
2013-08-13 20:01 - 2013-06-26 09:02 - 00000000 ____D C:\Program Files (x86)\HI-TECH Software
2013-08-13 19:59 - 2013-07-08 12:47 - 00000000 ____D C:\Users\LK\Documents\Atmel Studio
2013-08-13 19:55 - 2013-08-13 19:55 - 00000000 ____D C:\Users\LK\AppData\Local\IsolatedStorage
2013-08-13 19:41 - 2013-08-13 19:41 - 00002108 _____ C:\Users\Public\Desktop\Atmel Studio 6.1.lnk
2013-08-13 19:38 - 2013-07-08 12:45 - 00000000 ____D C:\Program Files (x86)\Atmel
2013-08-13 19:36 - 2013-07-08 12:45 - 00058718 _____ C:\Windows\DPINST.LOG
2013-08-13 19:34 - 2013-08-13 19:34 - 00000000 ____D C:\Windows\SysWOW64\1033
2013-08-13 19:34 - 2013-07-08 12:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-08-13 19:33 - 2013-08-13 19:33 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-08-13 18:47 - 2013-08-13 18:20 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\ATMEL PROG
2013-08-13 18:35 - 2013-08-13 18:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2010 SDK
2013-08-13 18:35 - 2012-12-25 12:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-13 16:20 - 2013-08-13 16:20 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\Datasheets
2013-08-13 14:43 - 2013-07-10 05:50 - 00000000 ____D C:\Windows\system32\MRT
2013-08-13 14:42 - 2012-12-23 22:00 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 14:04 - 2013-08-13 14:04 - 00002938 _____ C:\Windows\System32\Tasks\{2D36F76D-CAC7-4EE4-8196-700A502C1CDE}
2013-08-13 14:02 - 2013-08-13 14:02 - 00000000 ____D C:\New Folder1
2013-08-13 13:58 - 2013-08-12 17:06 - 00000000 ____D C:\Users\Tucker & Skitz\Downloads\EAGLE LIBRARIES
2013-08-12 18:05 - 2013-07-12 13:27 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\EAGLE CAD FREE
2013-08-12 18:02 - 2013-08-12 18:02 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\Help
2013-08-12 18:02 - 2013-08-12 18:02 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Local\Help
2013-08-12 17:59 - 2013-06-26 09:31 - 00000000 ____D C:\Users\Tucker & Skitz\Documents\ExpressPCB
2013-08-12 04:54 - 2013-08-12 04:54 - 01932149 _____ C:\Users\Tucker & Skitz\Downloads\CDM20830_Setup.exe
2013-08-12 04:54 - 2013-07-08 12:45 - 00000000 ____D C:\Program Files\DIFX
2013-08-07 13:38 - 2013-08-07 13:36 - 00000000 ____D C:\Users\Tucker & Skitz\AppData\Roaming\ControlCenter4
2013-08-07 13:38 - 2013-03-08 14:22 - 00000000 ____D C:\ProgramData\PCFaxTx
2013-08-07 13:31 - 2013-03-08 14:22 - 00000000 ____D C:\Program Files (x86)\Brother
2013-08-07 13:29 - 2013-08-07 13:29 - 00002140 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2013-08-07 13:29 - 2013-08-07 13:28 - 00000066 _____ C:\Windows\Brfaxrx.ini
2013-08-07 13:29 - 2013-03-08 14:23 - 00000457 _____ C:\Windows\Brpfx04a.ini
2013-08-07 13:29 - 2013-03-08 14:23 - 00000092 _____ C:\Windows\brpcfx.ini
2013-08-07 13:28 - 2013-08-07 13:28 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-08-07 13:28 - 2013-08-07 13:28 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-08-07 13:28 - 2013-08-07 13:28 - 00000000 ____D C:\Brother
2013-08-07 13:28 - 2013-03-08 14:22 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
 
Files to move or delete:
====================
C:\Users\LK\AppData\Local\Temp\_is2126.exe
C:\Users\LK\AppData\Local\Temp\_isC25B.exe
C:\Users\LK\AppData\Local\Temp\_isFC86.exe
C:\Users\LK\AppData\Local\Temp\{76F9DADE-BE5E-4DF1-954C-750FD7D5FA98}\ISSetup.dll
C:\Users\LK\AppData\Local\Temp\{76F9DADE-BE5E-4DF1-954C-750FD7D5FA98}\_Setup.dll
C:\Users\LK\AppData\Local\Temp\{5EBDF2CB-7862-4B32-9BB8-C1C4009B9C54}\ISSetup.dll
C:\Users\LK\AppData\Local\Temp\{5EBDF2CB-7862-4B32-9BB8-C1C4009B9C54}\_Setup.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\PCFaxSending_Version\PCFaxTxVersion.exe
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\ControlCenter\BrImageConversion.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\ControlCenter\BrImgPDF.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\ControlCenter\BrTPGSplash.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\brlm03a.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrmfPrint.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrotherNetTool.exe
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrotherOfflineChk.exe
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrotherUSBTool.exe
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBAru.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBBul.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBChn.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBCht.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBCze.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBDan.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBDut.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBEng.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBFin.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBFrc.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBFre.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBGer.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBHun.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBIta.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBJpn.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBKor.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBNor.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBPol.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBPor.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBPtb.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBRom.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBRus.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBSpa.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBSvk.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBSwe.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBTrk.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\{DD98C438-D769-4677-AA87-3481FA32D20C}\browny02\Company\BrUSBUsa.dll
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\Drivers\dpinstx64.exe
C:\Users\LK\AppData\Local\Temp\{56EA628F-1030-4820-BB36-EF89F855FD04}\Drivers\dpinstx86.exe
C:\Users\LK\AppData\Local\Temp\{4D1D2233-83CE-4209-BE9D-E55B61C7A264}\ISSetup.dll
C:\Users\LK\AppData\Local\Temp\{4D1D2233-83CE-4209-BE9D-E55B61C7A264}\_Setup.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\setup.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvaudcap32v.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvaudcap64v.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvgenco32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NvVAD\nvgenco64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVI2.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVI2UI.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVPrxy32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\NVPrxy64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\NVI2\ReleaseHighlights.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\MS.NET\dotNetFx40_Full_setup.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\MS.NET\MSNetExt.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\clrzmq.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\detoured.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\libzmq.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvFBC.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvsteamsupport.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\protobuf-net.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\rxinput.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\x86\server\steam_api.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\detoured.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\libzmq.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvFBC.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvsteamsupport.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\rxinput.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience.NvStreamSrv\amd64\server\steam_api64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\7z.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\DisplayCplExt.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ExtensionLoader.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GalaSoft.MvvmLight.Extras.WPF4.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GalaSoft.MvvmLight.WPF4.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperience.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperienceControls.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperienceCore.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GFExperienceExt.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\GridService.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\InstallerService.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\InstallerUIExtension.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\log4net.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\Microsoft.Practices.ServiceLocation.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\Microsoft.WindowsAPICodePack.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\Microsoft.WindowsAPICodePack.Shell.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.Settings.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.Settings.Properties.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.UpdateService.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\NVIDIA.Win32Api.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\nvtmru.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\oaremote_plugin.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ShadowPlay.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Core.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Interfaces.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Linq.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.PlatformServices.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Providers.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Runtime.Remoting.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Reactive.Windows.Threading.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\System.Windows.Interactivity.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\zh-CHT\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\zh-CHS\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\tr-TR\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\th-TH\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\sv-SE\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\sl-SI\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\sk-SK\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ru-RU\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\pt-PT\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\pt-BR\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\pl-PL\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\nl-NL\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\nb-NO\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ko-KR\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ja-JP\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\it-IT\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\hu-HU\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\he-IL\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\fr-FR\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\fi-FI\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\es-MX\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\es-ES\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\en-US\GFExperience.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\en-US\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\en-GB\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\el-GR\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\de-DE\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\da-DK\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\cs-CZ\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\GFExperience\ar-AE\GFExperienceControls.resources.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\ComUpdatus.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\daemonu.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\easyDaemonAPIU32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\easyDaemonAPIU64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdt32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdt64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtr32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtr64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtrXP32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtrXP64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtXP32.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\nvupdtXP64.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\UpdateExt.dll
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Update\WLMerger.exe
C:\Users\LK\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\7.2.17.0\Display.Optimus\OptimusExt.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\CbsProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\CompatProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\DismCore.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\DismCorePS.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\DismHost.exe
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\DismProv.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\DmiProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\FolderProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\IntlProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\LogProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\MsiProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\OSProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\SmiProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\TransmogProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\UnattendProvider.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\wdscore.dll
C:\Users\LK\AppData\Local\Temp\A84AAD2A-F479-46BD-939A-FF2011D38765\WimProvider.dll
C:\Users\Tucker & Skitz\AppData\Local\Temp\Uninstaller-4132.exe
C:\Users\Tucker & Skitz\AppData\Local\Temp\Uninstaller-4520.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-01 23:00
 
==================== End Of Log ============================
 
addional
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-09-2013 04
Ran by LK at 2013-09-02 11:20:12
Running from C:\Users\Tucker & Skitz\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
   
@BIOS (x32 Version: 2.11)
64 Bit HP CIO Components Installer (Version: 7.2.8)
ACPI Driver Installer (x32 Version: 2.1)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Arduino (x32 Version: 1.0.5)
Atmel ARM GNU Toolchain (x32 Version: 4.7.3.1029)
Atmel AVR (32 bit) GNU Toolchain (x32 Version: 3.4.2.1002)
Atmel AVR (8 bit) GNU Toolchain (x32 Version: 3.4.2.1002)
Atmel Studio 6.1 (x32 Version: 6.1.2674)
Atmel USB (x32 Version: 11.4)
AtmelSoftwareFramework (x32 Version: 3.8.886)
avast! Ad Blocker (x32 Version: 1.0.0.0)
avast! Internet Security (x32 Version: 8.0.1489.0)
AVR macro Assembler (x32 Version: 2.1.39.1005)
Brother BRAdmin Light 1.24.0000 (x32 Version: 1.24.0000)
Brother MFL-Pro Suite MFC-J4510DW (x32 Version: 2.0.0.0)
CodeWarrior Development Studio for Microcontrollers v10.4 (x32 Version: 10.4)
Coupon Printer for Windows (x32 Version: 5.0.0.0)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DivX Setup (x32 Version: 2.6.1.8)
Dolby Home Theater v4 (x32 Version: 7.2.8000.13)
dows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (Version: 07/12/2013 2.08.30)
EAGLE 6.4.0 (x32 Version: 6.4.0)
Etron USB3.0 Host Controller (x32 Version: 0.115)
EVGA Precision X 4.0.0 (x32 Version: 4.0.0)
Google Chrome (x32 Version: 29.0.1547.57)
Google Drive (x32 Version: 1.11.4865.2530)
Google Update Helper (x32 Version: 1.3.21.153)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Management Engine Components (x32 Version: 7.0.0.1118)
Intel® Processor Graphics (x32 Version: 9.17.10.2932)
Intel® Rapid Storage Technology (x32 Version: 10.5.0.1026)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® SMBus
Intel® Watchdog Timer Driver (Intel® WDT) (x32)
Internet Explorer (Enable DEP)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JLink OB CDC Driver Package (Version: 1.2.2)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.1.0.6)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 SDK SP1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31010)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nuance PaperPort 12 (x32 Version: 12.1.0005)
Nuance PDF Viewer Plus (x32 Version: 5.30.3290)
NVIDIA Control Panel 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.6 (Version: 1.6)
NVIDIA Graphics Driver 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.131.854)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604)
NVIDIA Update 7.2.17 (Version: 7.2.17)
NVIDIA Update Components (Version: 7.2.17)
NVIDIA Virtual Audio 1.2.1 (Version: 1.2.1)
OpenDNS Updater 2.2.1 (x32 Version: 2.2.1)
P&E Device Drivers (x32)
PaperPort Image Printer 64-bit (Version: 14.00.0000)
PlanetSide 2 (HKCU Version: 1.0.3.183)
Realtek Ethernet Controller Driver (x32 Version: 7.53.216.2012)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.006)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Remote Control USB Driver (x32 Version: 2.3.2.317)
Scansoft PDF Professional (x32)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
SHIELD Streaming (Version: 1.05.19)
Sweet Home 3D version 3.7 (x32)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab for Intel (x32 Version: 4.5.13.0)
TouchBIOS B11.1201.1 (x32 Version: 1.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Visual Micro for Arduino (x32 Version: 13.05.0904)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (Version: 07/12/2013 2.08.30)
Windows Driver Package - Segger (jlink) USB  (04/11/2012 2.6.8.2) (Version: 04/11/2012 2.6.8.2)
Windows Driver Package - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (Version: 01/25/2012 6.0.2600.4)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)
 
==================== Restore Points  =========================
 
02-09-2013 04:07:08 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {01DD3AEE-CF9D-483D-9D51-2E19F9C2034B} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe No File
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started
Task: {1723D88B-BA5D-444F-BAC2-94EED04A7B0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {20062CCD-C2D3-4A42-A13C-590EC158017C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {201856FF-5E11-466C-B01F-006D8AE3CB46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-30] (Adobe Systems Incorporated)
Task: {24538368-94DE-4356-AAEE-04D9DB4F432E} - System32\Tasks\{2D36F76D-CAC7-4EE4-8196-700A502C1CDE} => C:\New Folder1\arduino.exe [2012-05-21] ()
Task: {382772EF-F3D7-4C28-9C02-A6AE0F326EB7} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {3EEBC1E0-1062-40EA-BC29-4A79D8A6ACD1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {4497F501-81AB-45D9-9FF5-E7004908A321} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-25] (Google Inc.)
Task: {514EA735-8B77-40F9-97E5-8ED27C0BDD51} - System32\Tasks\{521A1FA8-B733-4CD6-AC19-1BBDEA6EA73D} => C:\New Folder1\arduino.exe [2012-05-21] ()
Task: {6B3D62CC-043B-42EB-B456-75CEA6980023} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-02-21] ()
Task: {8D610294-B76E-4119-B73C-F8EFDF02EBD9} - \DSite No Task File
Task: {9BCF33A7-1372-4549-91BF-C2701D42C656} - System32\Tasks\{C76F87E0-B6C4-4B30-86EF-07403449AAFB} => C:\Users\LK\Downloads\AVG_Remover_en.exe [2013-01-16] ()
Task: {C1CF742C-9645-49D9-B94B-ED51380BF62B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => start osppsvc
Task: {D5345F22-5589-4317-AFC7-EE89CA249555} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-25] (Google Inc.)
Task: {F3E85D16-5269-4EB0-B90A-53E506F8686A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-23 17:03 - 2013-06-21 07:06 - 15920536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-21 06:51 - 2013-05-09 03:58 - 00133840 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\ashShA64.dll
2013-06-27 16:11 - 2013-06-27 16:11 - 00778704 _____ (Google) C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
2009-07-13 19:18 - 2009-07-13 20:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-13 19:18 - 2009-07-13 20:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-13 19:18 - 2009-07-13 20:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-13 19:18 - 2009-07-13 20:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-13 19:22 - 2009-07-13 20:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-08-23 17:04 - 2013-06-21 05:23 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2012-12-12 17:41 - 2012-12-12 17:41 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc
2009-07-13 19:08 - 2009-07-13 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\NetworkItemFactory.dll
2009-07-13 19:08 - 2009-07-13 20:40 - 00748032 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2009-07-13 18:35 - 2009-07-13 20:40 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\FunDisc.dll
2010-11-20 22:24 - 2010-11-20 22:24 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdproxy.dll
2009-07-13 19:08 - 2009-07-13 20:40 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\fdwcn.dll
2009-07-13 19:08 - 2009-07-13 20:41 - 00120832 _____ (Microsoft Corporation) C:\Windows\System32\wcnapi.dll
2009-07-13 18:35 - 2009-07-13 20:40 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2009-07-13 18:53 - 2009-07-13 20:40 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\dfscli.dll
2012-12-23 21:52 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2012-10-10 03:22 - 2012-12-12 17:42 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2012-12-23 20:52 - 2012-12-12 17:42 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.DLL
2012-12-23 20:52 - 2012-12-12 17:42 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-05-13 10:39 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR\rarext64.dll
2013-03-07 16:31 - 2013-03-07 16:31 - 00747472 _____ (Google) C:\Program Files (x86)\Google\Drive\contextmenu64.dll
2012-12-25 14:29 - 2012-12-25 14:29 - 00176456 _____ (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.DLL
2013-06-27 22:09 - 2013-06-27 22:09 - 01587384 _____ (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL
2009-07-13 19:08 - 2009-07-13 20:40 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\dtsh.dll
2013-08-23 17:04 - 2013-06-21 05:23 - 04528416 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
2013-08-23 17:04 - 2013-07-27 03:35 - 01180448 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU64.DLL
2013-08-23 17:04 - 2013-07-27 03:36 - 04864800 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
2013-08-23 17:04 - 2013-07-27 03:36 - 01662240 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
2010-11-20 22:24 - 2010-11-20 22:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2013-08-21 06:51 - 2013-05-09 03:58 - 00302224 _____ (AVAST Software) C:\Program Files\AVAST Software\Avast\snxhk64.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\IEUI.dll
2013-08-13 14:45 - 2013-07-26 00:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-02-27 04:02 - 2013-02-27 04:02 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2009-07-13 18:19 - 2009-07-13 20:41 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\ktmw32.dll
2009-07-13 18:46 - 2009-07-13 20:41 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\tschannel.dll
2009-07-13 18:46 - 2009-07-13 20:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\TaskSchdPS.dll
 
==================== Alternate Data Streams (whitelisted) ==========
 
AlternateDataStreams: C:\Users\Tucker & Skitz\Documents\Thumbs.db:encryptable
 
 
==================== Faulty Device Manager Devices =============
 
Name: IOCBIOS
Description: IOCBIOS
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: IOCBIOS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: iocbios2
Description: iocbios2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iocbios2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/02/2013 11:05:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/02/2013 11:03:53 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
 
Error: (09/02/2013 11:03:49 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
 
Error: (09/02/2013 10:57:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/02/2013 10:26:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/02/2013 09:04:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/01/2013 09:44:39 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (09/01/2013 09:36:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/01/2013 09:35:02 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/01/2013 09:35:02 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (09/02/2013 11:03:46 AM) (Source: Service Control Manager) (User: )
Description: The iocbios2 service failed to start due to the following error: 
%%3
 
Error: (09/02/2013 11:03:46 AM) (Source: Service Control Manager) (User: )
Description: The IOCBIOS service failed to start due to the following error: 
%%3
 
Error: (09/02/2013 11:03:45 AM) (Source: Service Control Manager) (User: )
Description: The DES2 Service for Energy Saving. service failed to start due to the following error: 
%%2
 
Error: (09/02/2013 10:56:01 AM) (Source: Service Control Manager) (User: )
Description: The iocbios2 service failed to start due to the following error: 
%%3
 
Error: (09/02/2013 10:56:01 AM) (Source: Service Control Manager) (User: )
Description: The IOCBIOS service failed to start due to the following error: 
%%3
 
Error: (09/02/2013 10:56:00 AM) (Source: Service Control Manager) (User: )
Description: The DES2 Service for Energy Saving. service failed to start due to the following error: 
%%2
 
Error: (09/02/2013 10:54:44 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (09/02/2013 10:54:40 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (09/02/2013 10:54:22 AM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (09/02/2013 10:53:09 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
 
Microsoft Office Sessions:
=========================
Error: (09/02/2013 11:05:14 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/02/2013 11:03:53 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
 
Error: (09/02/2013 11:03:49 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
 
Error: (09/02/2013 10:57:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/02/2013 10:26:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/02/2013 09:04:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/01/2013 09:44:39 PM) (Source: Windows Backup)(User: )
Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (09/01/2013 09:36:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/01/2013 09:35:02 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (09/01/2013 09:35:02 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4400
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-09-02 10:54:22.306
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-09-02 10:54:22.274
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-16 03:09:12.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:09:07.514
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:08:40.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:08:35.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:08:21.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:08:16.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:07:13.137
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-08-16 03:07:08.114
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 28%
Total physical RAM: 8175.11 MB
Available physical RAM: 5882.36 MB
Total Pagefile: 20384.29 MB
Available Pagefile: 17708.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:844.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
Drive f: (Storage) (Fixed) (Total:465.76 GB) (Free:376.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A9E32746)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 02 September 2013 - 02:50 PM

I came here because it appeared that answers would be here? any help please?



#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,901 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 AM

Posted 07 September 2013 - 10:25 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#4 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 07 September 2013 - 04:13 PM

Files to be uploaded soon thanks

#5 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 07 September 2013 - 04:24 PM

here are the scans and no amount of formatting etc... changes anything

 

 

RogueKiller V8.6.6 [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : not [Admin rights]
Mode : Remove -- Date : 09/07/2013 15:42:18
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: WDC WD5000AAKS-65YGA0 ATA Device +++++
--- User ---
[MBR] 07dd9db7aa902d3fead0a1abd836605a
[BSP] ceb84c3e7b096f62a58a22cb4210973b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: WDC WD5000AAKS-65YGA0 ATA Device +++++
--- User ---
[MBR] 12ea879717f1c0cb2870c2c96fd5bedc
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 7632 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Finished : << RKreport[0]_D_09072013_154218.txt >>
RKreport[0]_S_09072013_154146.txt
 
 
 
 
 
 
 
# AdwCleaner v3.001 - Report created 07/09/2013 at 15:43:14
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : not - NOT-PC
# Running from : C:\Users\not\Desktop\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7601.17514
 
 
*************************
 
AdwCleaner[R0].txt - [491 octets] - [07/09/2013 15:43:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [550 octets] ##########
 
 
 
 
 
013-09-07 23:30 . 2011-04-26 03:07 557848 ----a-r- c:\windows\system32\drivers\iaStor.sys
2013-09-07 22:49 . 2013-09-07 22:49 -------- d-----w- c:\users\Default\AppData\Local\temp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - VOLSNAP
*NewlyCreated* - WUDFPF
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 172.31.79.142 172.31.79.144 157.54.104.75 157.54.14.146 157.54.14.162 157.54.80.10
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
 
ComboFix 13-09-06.01 - not 09/07/2013  15:47:27.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8109.7082 [GMT -7:00]
Running from: c:\users\not\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-07 to 2013-09-07  )))))))))))))))))))))))))))))))
.
.
2013-09-07 23:30 . 2013-09-07 22:39 -------- d-----w- c:\windows\Panther
2013-09-07 23:30 . 2013-09-07 23:30 -------- d-----w- C:\Boot
2013-09-07 23:30 . 2011-04-26 03:07 557848 ----a-r- c:\windows\system32\drivers\iaStor.sys
2013-09-07 22:49 . 2013-09-07 22:49 -------- d-----w- c:\users\Default\AppData\Local\temp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - VOLSNAP
*NewlyCreated* - WUDFPF
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 172.31.79.142 172.31.79.144 157.54.104.75 157.54.14.146 157.54.14.162 157.54.80.10
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-07  15:50:05
ComboFix-quarantined-files.txt  2013-09-07 22:50
.
Pre-Run: 476,552,454,144 bytes free
Post-Run: 476,451,983,360 bytes free
.
- - End Of File - - A92D48A226BB75A391085C3D8DBED921
A36C5E4F47E84449FF07ED3517B43A31
 
 

 



#6 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 07 September 2013 - 05:33 PM

reran after reboot 

 

ComboFix 13-09-06.01 - not 09/07/2013  14:53:23.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8109.7225 [GMT -7:00]
Running from: c:\users\not\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-07 to 2013-09-07  )))))))))))))))))))))))))))))))
.
.
2013-09-07 23:30 . 2013-09-07 22:39 -------- d-----w- c:\windows\Panther
2013-09-07 23:30 . 2013-09-07 23:30 -------- d-----w- C:\Boot
2013-09-07 23:30 . 2011-04-26 03:07 557848 ----a-r- c:\windows\system32\drivers\iaStor.sys
2013-09-07 22:59 . 2013-09-07 22:59 -------- d-----w- c:\program files (x86)\Etron Technology
2013-09-07 22:59 . 2010-10-06 03:50 8192 ----a-w- c:\windows\SysWow64\drivers\IntelMEFWVer.dll
2013-09-07 22:59 . 2010-10-06 03:50 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2013-09-07 22:59 . 2013-09-07 22:59 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2013-09-07 22:59 . 2010-09-21 16:59 56344 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2013-09-07 22:58 . 2013-09-07 22:59 -------- d-sh--w- c:\windows\Installer
2013-09-07 22:58 . 2013-09-07 22:58 -------- d-----w- c:\program files (x86)\Realtek
2013-09-07 22:58 . 2013-09-07 22:59 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-09-07 22:58 . 2013-09-07 23:00 -------- d-----w- c:\program files (x86)\Intel
2013-09-07 22:58 . 2010-12-23 03:09 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2013-09-07 22:58 . 2013-09-07 23:00 -------- d-----w- C:\Intel
2013-09-07 22:55 . 2011-03-07 09:22 65280 ----a-w- c:\windows\system32\drivers\EtronXHCI.sys
2013-09-07 22:55 . 2011-03-07 09:22 40832 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2013-09-07 22:55 . 2011-01-13 11:58 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-09-07 22:55 . 2011-01-13 11:58 413800 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-09-07 22:55 . 2011-01-13 11:58 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-09-07 22:44 . 2013-09-07 22:44 -------- d-----w- c:\windows\ERUNT
2013-09-07 22:43 . 2013-09-07 21:50 -------- d-----w- C:\AdwCleaner
2013-09-07 22:39 . 2013-09-07 22:39 -------- d-----w- c:\users\not
2013-09-07 22:39 . 2013-09-07 22:39 -------- d-----w- C:\Recovery
2013-09-07 21:54 . 2013-09-07 21:54 -------- d-----w- c:\users\Default\AppData\Local\temp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-12 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-12 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-12 416024]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.3
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-07  14:55:36
ComboFix-quarantined-files.txt  2013-09-07 21:55
ComboFix2.txt  2013-09-07 21:46
ComboFix3.txt  2013-09-07 22:50
.
Pre-Run: 475,952,230,400 bytes free
Post-Run: 475,893,481,472 bytes free
.
- - End Of File - - 336F38F5E7E78EC5C5C52B94F43DC752
A36C5E4F47E84449FF07ED3517B43A31


#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,901 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 AM

Posted 08 September 2013 - 08:13 AM

Third party programs if not up to date can be an open door for an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please let me know of any issues with this computer.

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,901 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 AM

Posted 14 September 2013 - 10:22 AM

If all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
===

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful addons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#9 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 15 September 2013 - 10:17 AM

well I thought i was ok- i reinstalled etc.... found a remote hive, a virtual system volume etc... and a keylogger - I have pictures as i was not allowed to copy any files- the 6432node shows up- i ran a bootable memory checker and on a probe setting it shows every thing bad- I suppose we start over?

 

all these are hidden there are more

a $recycler in recycling bin- yes it allows me to turn of restore but it really isnt---

mountpointmanagerremotedatabase in system vol information

syscache.hve 2 of them

a tracking.log

2 long class number 

folder spp with onlinemetadatacache folder--- spphivestore---sppgroupcache

 

router log has remote lan connections from all over the place- appears an sql server was installled?

 

permissions seem to be all messed up also - please note everything looked fine until reboot- then all went back to same- it seems to be in memory or bios or heck everywhere

 

seems that in the print out and looking at some other folder files that virus etc are spoofed- so let me know what you want done please-



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,901 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 AM

Posted 15 September 2013 - 01:07 PM


Lets start with these this time.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#11 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 15 September 2013 - 02:30 PM

I went to install drivers after instal- rebooting bsod numerous times tried startup repair etc... reinstalling and formatting though windows disk.....please be patient with me

 

thanks



#12 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 15 September 2013 - 04:07 PM

15:58:08.0759 4000  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:58:09.0227 4000  ============================================================
15:58:09.0227 4000  Current date / time: 2013/09/15 15:58:09.0227
15:58:09.0227 4000  SystemInfo:
15:58:09.0227 4000 
15:58:09.0227 4000  OS Version: 6.1.7601 ServicePack: 1.0
15:58:09.0227 4000  Product type: Workstation
15:58:09.0227 4000  ComputerName: LKK-PC
15:58:09.0227 4000  UserName: LKK
15:58:09.0227 4000  Windows directory: C:\Windows
15:58:09.0227 4000  System windows directory: C:\Windows
15:58:09.0227 4000  Running under WOW64
15:58:09.0227 4000  Processor architecture: Intel x64
15:58:09.0227 4000  Number of processors: 4
15:58:09.0227 4000  Page size: 0x1000
15:58:09.0227 4000  Boot type: Normal boot
15:58:09.0227 4000  ============================================================
15:58:09.0508 4000  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x50C0B, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000040
15:58:09.0508 4000  ============================================================
15:58:09.0508 4000  \Device\Harddisk0\DR0:
15:58:09.0508 4000  MBR partitions:
15:58:09.0508 4000  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:58:09.0508 4000  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
15:58:09.0508 4000  ============================================================
15:58:09.0555 4000  C: <-> \Device\Harddisk0\DR0\Partition2
15:58:09.0555 4000  ============================================================
15:58:09.0555 4000  Initialize success
15:58:09.0555 4000  ============================================================
15:58:27.0852 2152  ============================================================
15:58:27.0852 2152  Scan started
15:58:27.0852 2152  Mode: Manual; SigCheck; TDLFS;
15:58:27.0852 2152  ============================================================
15:58:28.0013 2152  ================ Scan system memory ========================
15:58:28.0013 2152  System memory - ok
15:58:28.0013 2152  ================ Scan services =============================
15:58:28.0325 2152  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
15:58:28.0403 2152  1394ohci - ok
15:58:28.0419 2152  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:58:28.0435 2152  ACPI - ok
15:58:28.0466 2152  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:58:28.0481 2152  AcpiPmi - ok
15:58:28.0497 2152  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:58:28.0513 2152  adp94xx - ok
15:58:28.0544 2152  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:58:28.0559 2152  adpahci - ok
15:58:28.0575 2152  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:58:28.0591 2152  adpu320 - ok
15:58:28.0606 2152  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:58:28.0622 2152  AeLookupSvc - ok
15:58:28.0684 2152  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:58:28.0700 2152  AFD - ok
15:58:28.0715 2152  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:58:28.0731 2152  agp440 - ok
15:58:28.0731 2152  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:58:28.0747 2152  ALG - ok
15:58:28.0778 2152  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:58:28.0778 2152  aliide - ok
15:58:28.0793 2152  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:58:28.0809 2152  amdide - ok
15:58:28.0809 2152  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:58:28.0809 2152  AmdK8 - ok
15:58:28.0856 2152  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:58:28.0887 2152  AmdPPM - ok
15:58:28.0887 2152  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:58:28.0903 2152  amdsata - ok
15:58:28.0934 2152  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:58:28.0949 2152  amdsbs - ok
15:58:28.0949 2152  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:58:28.0949 2152  amdxata - ok
15:58:28.0965 2152  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:58:28.0996 2152  AppID - ok
15:58:29.0012 2152  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:58:29.0043 2152  AppIDSvc - ok
15:58:29.0059 2152  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
15:58:29.0059 2152  Appinfo - ok
15:58:29.0152 2152  [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
15:58:29.0168 2152  AppleCharger - ok
15:58:29.0168 2152  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
15:58:29.0183 2152  AppleChargerSrv - ok
15:58:29.0183 2152  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
15:58:29.0199 2152  arc - ok
15:58:29.0215 2152  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:58:29.0230 2152  arcsas - ok
15:58:29.0230 2152  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:58:29.0246 2152  AsyncMac - ok
15:58:29.0293 2152  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:58:29.0293 2152  atapi - ok
15:58:29.0324 2152  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:58:29.0355 2152  AudioEndpointBuilder - ok
15:58:29.0371 2152  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:58:29.0386 2152  AudioSrv - ok
15:58:29.0417 2152  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:58:29.0449 2152  AxInstSV - ok
15:58:29.0464 2152  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:58:29.0495 2152  b06bdrv - ok
15:58:29.0527 2152  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:58:29.0542 2152  b57nd60a - ok
15:58:29.0558 2152  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:58:29.0573 2152  BDESVC - ok
15:58:29.0605 2152  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:58:29.0651 2152  Beep - ok
15:58:29.0683 2152  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:58:29.0745 2152  BFE - ok
15:58:29.0776 2152  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:58:29.0807 2152  BITS - ok
15:58:29.0823 2152  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:58:29.0839 2152  blbdrive - ok
15:58:29.0870 2152  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:58:29.0890 2152  bowser - ok
15:58:29.0895 2152  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:58:29.0911 2152  BrFiltLo - ok
15:58:29.0911 2152  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:58:29.0911 2152  BrFiltUp - ok
15:58:29.0973 2152  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:58:29.0973 2152  Browser - ok
15:58:30.0005 2152  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:58:30.0020 2152  Brserid - ok
15:58:30.0020 2152  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:58:30.0036 2152  BrSerWdm - ok
15:58:30.0051 2152  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:58:30.0051 2152  BrUsbMdm - ok
15:58:30.0051 2152  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:58:30.0083 2152  BrUsbSer - ok
15:58:30.0083 2152  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:58:30.0114 2152  BTHMODEM - ok
15:58:30.0129 2152  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:58:30.0161 2152  bthserv - ok
15:58:30.0176 2152  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:58:30.0192 2152  cdfs - ok
15:58:30.0223 2152  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:58:30.0239 2152  cdrom - ok
15:58:30.0254 2152  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:58:30.0285 2152  CertPropSvc - ok
15:58:30.0285 2152  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:58:30.0317 2152  circlass - ok
15:58:30.0363 2152  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:58:30.0379 2152  CLFS - ok
15:58:30.0457 2152  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:58:30.0473 2152  clr_optimization_v2.0.50727_32 - ok
15:58:30.0551 2152  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:58:30.0566 2152  clr_optimization_v2.0.50727_64 - ok
15:58:30.0597 2152  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:58:30.0613 2152  CmBatt - ok
15:58:30.0629 2152  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:58:30.0644 2152  cmdide - ok
15:58:30.0675 2152  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:58:30.0691 2152  CNG - ok
15:58:30.0707 2152  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:58:30.0722 2152  Compbatt - ok
15:58:30.0738 2152  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:58:30.0769 2152  CompositeBus - ok
15:58:30.0785 2152  COMSysApp - ok
15:58:30.0785 2152  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:58:30.0785 2152  crcdisk - ok
15:58:30.0816 2152  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:58:30.0847 2152  CryptSvc - ok
15:58:30.0878 2152  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:58:30.0925 2152  DcomLaunch - ok
15:58:30.0956 2152  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:58:30.0987 2152  defragsvc - ok
15:58:31.0003 2152  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:58:31.0019 2152  DfsC - ok
15:58:31.0050 2152  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:58:31.0050 2152  Dhcp - ok
15:58:31.0065 2152  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:58:31.0081 2152  discache - ok
15:58:31.0097 2152  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:58:31.0097 2152  Disk - ok
15:58:31.0128 2152  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:58:31.0143 2152  Dnscache - ok
15:58:31.0159 2152  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:58:31.0190 2152  dot3svc - ok
15:58:31.0190 2152  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:58:31.0221 2152  DPS - ok
15:58:31.0253 2152  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:58:31.0268 2152  drmkaud - ok
15:58:31.0299 2152  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:58:31.0331 2152  DXGKrnl - ok
15:58:31.0346 2152  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:58:31.0377 2152  EapHost - ok
15:58:31.0424 2152  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:58:31.0487 2152  ebdrv - ok
15:58:31.0533 2152  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:58:31.0533 2152  EFS - ok
15:58:31.0627 2152  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:58:31.0643 2152  ehRecvr - ok
15:58:31.0658 2152  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:58:31.0674 2152  ehSched - ok
15:58:31.0705 2152  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:58:31.0721 2152  elxstor - ok
15:58:31.0736 2152  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:58:31.0736 2152  ErrDev - ok
15:58:31.0783 2152  [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
15:58:31.0799 2152  EtronHub3 - ok
15:58:31.0814 2152  [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
15:58:31.0830 2152  EtronXHCI - ok
15:58:31.0877 2152  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:58:31.0913 2152  EventSystem - ok
15:58:31.0928 2152  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:58:31.0960 2152  exfat - ok
15:58:31.0975 2152  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:58:31.0991 2152  fastfat - ok
15:58:32.0022 2152  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:58:32.0053 2152  Fax - ok
15:58:32.0053 2152  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
15:58:32.0069 2152  fdc - ok
15:58:32.0084 2152  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:58:32.0116 2152  fdPHost - ok
15:58:32.0116 2152  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:58:32.0147 2152  FDResPub - ok
15:58:32.0162 2152  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:58:32.0178 2152  FileInfo - ok
15:58:32.0178 2152  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:58:32.0194 2152  Filetrace - ok
15:58:32.0194 2152  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:58:32.0209 2152  flpydisk - ok
15:58:32.0209 2152  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:58:32.0225 2152  FltMgr - ok
15:58:32.0256 2152  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:58:32.0303 2152  FontCache - ok
15:58:32.0350 2152  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:58:32.0350 2152  FontCache3.0.0.0 - ok
15:58:32.0350 2152  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:58:32.0365 2152  FsDepends - ok
15:58:32.0396 2152  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:58:32.0396 2152  Fs_Rec - ok
15:58:32.0443 2152  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:58:32.0474 2152  fvevol - ok
15:58:32.0490 2152  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:58:32.0490 2152  gagp30kx - ok
15:58:32.0506 2152  gdrv - ok
15:58:32.0537 2152  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:58:32.0599 2152  gpsvc - ok
15:58:32.0615 2152  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:58:32.0630 2152  hcw85cir - ok
15:58:32.0662 2152  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:58:32.0693 2152  HdAudAddService - ok
15:58:32.0693 2152  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:58:32.0708 2152  HDAudBus - ok
15:58:32.0708 2152  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:58:32.0724 2152  HidBatt - ok
15:58:32.0724 2152  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:58:32.0724 2152  HidBth - ok
15:58:32.0740 2152  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:58:32.0740 2152  HidIr - ok
15:58:32.0755 2152  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:58:32.0771 2152  hidserv - ok
15:58:32.0786 2152  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:58:32.0786 2152  HidUsb - ok
15:58:32.0802 2152  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:58:32.0818 2152  hkmsvc - ok
15:58:32.0849 2152  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:58:32.0864 2152  HomeGroupListener - ok
15:58:32.0880 2152  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:58:32.0911 2152  HomeGroupProvider - ok
15:58:32.0911 2152  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:58:32.0911 2152  HpSAMD - ok
15:58:32.0942 2152  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:58:32.0974 2152  HTTP - ok
15:58:32.0974 2152  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:58:32.0974 2152  hwpolicy - ok
15:58:32.0989 2152  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:58:32.0989 2152  i8042prt - ok
15:58:33.0020 2152  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:58:33.0036 2152  iaStor - ok
15:58:33.0114 2152  [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:58:33.0130 2152  IAStorDataMgrSvc - ok
15:58:33.0145 2152  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:58:33.0161 2152  iaStorV - ok
15:58:33.0223 2152  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:58:33.0254 2152  idsvc - ok
15:58:33.0457 2152  [ 174BCAC474DE13B2650E444CF124828E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:58:33.0676 2152  igfx - ok
15:58:33.0691 2152  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:58:33.0707 2152  iirsp - ok
15:58:33.0722 2152  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:58:33.0769 2152  IKEEXT - ok
15:58:33.0863 2152  [ 2CC2F7C5990BB76767038F4B16D17A56 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:58:33.0897 2152  IntcAzAudAddService - ok
15:58:33.0951 2152  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:58:33.0966 2152  IntcDAud - ok
15:58:33.0998 2152  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:58:34.0013 2152  intelide - ok
15:58:34.0044 2152  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:58:34.0060 2152  intelppm - ok
15:58:34.0091 2152  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:58:34.0138 2152  IPBusEnum - ok
15:58:34.0138 2152  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:58:34.0169 2152  IpFilterDriver - ok
15:58:34.0247 2152  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:58:34.0263 2152  iphlpsvc - ok
15:58:34.0263 2152  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:58:34.0294 2152  IPMIDRV - ok
15:58:34.0294 2152  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:58:34.0310 2152  IPNAT - ok
15:58:34.0325 2152  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:58:34.0341 2152  IRENUM - ok
15:58:34.0341 2152  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:58:34.0341 2152  isapnp - ok
15:58:34.0356 2152  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:58:34.0372 2152  iScsiPrt - ok
15:58:34.0372 2152  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:58:34.0372 2152  kbdclass - ok
15:58:34.0388 2152  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:58:34.0403 2152  kbdhid - ok
15:58:34.0419 2152  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:58:34.0419 2152  KeyIso - ok
15:58:34.0434 2152  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:58:34.0434 2152  KSecDD - ok
15:58:34.0450 2152  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:58:34.0466 2152  KSecPkg - ok
15:58:34.0481 2152  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:58:34.0497 2152  ksthunk - ok
15:58:34.0528 2152  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:58:34.0544 2152  KtmRm - ok
15:58:34.0575 2152  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:58:34.0622 2152  LanmanServer - ok
15:58:34.0637 2152  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:58:34.0684 2152  LanmanWorkstation - ok
15:58:34.0700 2152  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:58:34.0731 2152  lltdio - ok
15:58:34.0746 2152  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:58:34.0793 2152  lltdsvc - ok
15:58:34.0793 2152  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:58:34.0824 2152  lmhosts - ok
15:58:34.0824 2152  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:58:34.0840 2152  LSI_FC - ok
15:58:34.0840 2152  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:58:34.0856 2152  LSI_SAS - ok
15:58:34.0856 2152  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:58:34.0856 2152  LSI_SAS2 - ok
15:58:34.0871 2152  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:58:34.0871 2152  LSI_SCSI - ok
15:58:34.0871 2152  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:58:34.0887 2152  luafv - ok
15:58:34.0918 2152  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:58:34.0934 2152  Mcx2Svc - ok
15:58:34.0934 2152  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:58:34.0934 2152  megasas - ok
15:58:34.0949 2152  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:58:34.0949 2152  MegaSR - ok
15:58:34.0980 2152  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:58:34.0980 2152  MEIx64 - ok
15:58:35.0012 2152  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:58:35.0058 2152  MMCSS - ok
15:58:35.0058 2152  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:58:35.0090 2152  Modem - ok
15:58:35.0105 2152  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:58:35.0105 2152  monitor - ok
15:58:35.0121 2152  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:58:35.0121 2152  mouclass - ok
15:58:35.0121 2152  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:58:35.0136 2152  mouhid - ok
15:58:35.0152 2152  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:58:35.0168 2152  mountmgr - ok
15:58:35.0168 2152  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:58:35.0168 2152  mpio - ok
15:58:35.0168 2152  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:58:35.0199 2152  mpsdrv - ok
15:58:35.0230 2152  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:58:35.0261 2152  MpsSvc - ok
15:58:35.0277 2152  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:58:35.0277 2152  MRxDAV - ok
15:58:35.0308 2152  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:35.0324 2152  mrxsmb - ok
15:58:35.0339 2152  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:35.0355 2152  mrxsmb10 - ok
15:58:35.0370 2152  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:35.0386 2152  mrxsmb20 - ok
15:58:35.0402 2152  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:58:35.0417 2152  msahci - ok
15:58:35.0433 2152  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:58:35.0433 2152  msdsm - ok
15:58:35.0464 2152  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:58:35.0480 2152  MSDTC - ok
15:58:35.0480 2152  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:58:35.0511 2152  Msfs - ok
15:58:35.0511 2152  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:58:35.0542 2152  mshidkmdf - ok
15:58:35.0542 2152  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:58:35.0542 2152  msisadrv - ok
15:58:35.0573 2152  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:58:35.0589 2152  MSiSCSI - ok
15:58:35.0589 2152  msiserver - ok
15:58:35.0604 2152  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:58:35.0636 2152  MSKSSRV - ok
15:58:35.0636 2152  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:35.0651 2152  MSPCLOCK - ok
15:58:35.0651 2152  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:58:35.0682 2152  MSPQM - ok
15:58:35.0682 2152  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:58:35.0698 2152  MsRPC - ok
15:58:35.0698 2152  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:58:35.0698 2152  mssmbios - ok
15:58:35.0698 2152  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:58:35.0729 2152  MSTEE - ok
15:58:35.0729 2152  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:58:35.0729 2152  MTConfig - ok
15:58:35.0729 2152  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:58:35.0745 2152  Mup - ok
15:58:35.0792 2152  [ A986DC81534582FA478C286E8F57A877 ] mvs91xx         C:\Windows\system32\DRIVERS\mvs91xx.sys
15:58:35.0807 2152  mvs91xx - ok
15:58:35.0823 2152  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:58:35.0838 2152  napagent - ok
15:58:35.0890 2152  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:58:35.0906 2152  NativeWifiP - ok
15:58:35.0968 2152  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:58:35.0999 2152  NDIS - ok
15:58:36.0015 2152  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:58:36.0062 2152  NdisCap - ok
15:58:36.0077 2152  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:36.0093 2152  NdisTapi - ok
15:58:36.0093 2152  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:36.0124 2152  Ndisuio - ok
15:58:36.0124 2152  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:36.0155 2152  NdisWan - ok
15:58:36.0155 2152  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:58:36.0171 2152  NDProxy - ok
15:58:36.0187 2152  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:58:36.0202 2152  NetBIOS - ok
15:58:36.0202 2152  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:58:36.0233 2152  NetBT - ok
15:58:36.0233 2152  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:58:36.0249 2152  Netlogon - ok
15:58:36.0280 2152  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:58:36.0327 2152  Netman - ok
15:58:36.0343 2152  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:58:36.0374 2152  netprofm - ok
15:58:36.0389 2152  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:58:36.0389 2152  NetTcpPortSharing - ok
15:58:36.0405 2152  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:58:36.0421 2152  nfrd960 - ok
15:58:36.0436 2152  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:58:36.0452 2152  NlaSvc - ok
15:58:36.0452 2152  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:58:36.0483 2152  Npfs - ok
15:58:36.0499 2152  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:58:36.0514 2152  nsi - ok
15:58:36.0514 2152  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:58:36.0530 2152  nsiproxy - ok
15:58:36.0577 2152  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:58:36.0608 2152  Ntfs - ok
15:58:36.0623 2152  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:58:36.0639 2152  Null - ok
15:58:36.0826 2152  [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:58:36.0920 2152  nvlddmkm - ok
15:58:36.0935 2152  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:58:36.0935 2152  nvraid - ok
15:58:36.0951 2152  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:58:36.0951 2152  nvstor - ok
15:58:36.0998 2152  [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:58:37.0013 2152  nvsvc - ok
15:58:37.0060 2152  [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:58:37.0107 2152  nvUpdatusService - ok
15:58:37.0123 2152  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:58:37.0138 2152  nv_agp - ok
15:58:37.0138 2152  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:58:37.0154 2152  ohci1394 - ok
15:58:37.0185 2152  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:58:37.0201 2152  p2pimsvc - ok
15:58:37.0216 2152  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:58:37.0232 2152  p2psvc - ok
15:58:37.0247 2152  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
15:58:37.0263 2152  Parport - ok
15:58:37.0279 2152  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:58:37.0279 2152  partmgr - ok
15:58:37.0294 2152  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:58:37.0294 2152  PcaSvc - ok
15:58:37.0325 2152  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:58:37.0325 2152  pci - ok
15:58:37.0357 2152  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:58:37.0372 2152  pciide - ok
15:58:37.0372 2152  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:58:37.0388 2152  pcmcia - ok
15:58:37.0388 2152  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:58:37.0403 2152  pcw - ok
15:58:37.0403 2152  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:58:37.0435 2152  PEAUTH - ok
15:58:37.0591 2152  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:58:37.0606 2152  PerfHost - ok
15:58:37.0653 2152  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:58:37.0715 2152  pla - ok
15:58:37.0747 2152  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:58:37.0762 2152  PlugPlay - ok
15:58:37.0778 2152  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:58:37.0778 2152  PNRPAutoReg - ok
15:58:37.0793 2152  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:58:37.0809 2152  PNRPsvc - ok
15:58:37.0825 2152  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:58:37.0871 2152  PolicyAgent - ok
15:58:37.0897 2152  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:58:37.0913 2152  Power - ok
15:58:37.0944 2152  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:58:37.0975 2152  PptpMiniport - ok
15:58:37.0991 2152  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
15:58:38.0006 2152  Processor - ok
15:58:38.0037 2152  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:58:38.0053 2152  ProfSvc - ok
15:58:38.0069 2152  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:58:38.0084 2152  ProtectedStorage - ok
15:58:38.0100 2152  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:58:38.0131 2152  Psched - ok
15:58:38.0178 2152  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:58:38.0240 2152  ql2300 - ok
15:58:38.0240 2152  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:58:38.0240 2152  ql40xx - ok
15:58:38.0271 2152  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:58:38.0271 2152  QWAVE - ok
15:58:38.0271 2152  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:58:38.0287 2152  QWAVEdrv - ok
15:58:38.0303 2152  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:58:38.0318 2152  RasAcd - ok
15:58:38.0349 2152  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:58:38.0365 2152  RasAgileVpn - ok
15:58:38.0365 2152  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:58:38.0396 2152  RasAuto - ok
15:58:38.0396 2152  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:38.0427 2152  Rasl2tp - ok
15:58:38.0443 2152  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:58:38.0490 2152  RasMan - ok
15:58:38.0490 2152  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:38.0505 2152  RasPppoe - ok
15:58:38.0537 2152  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:58:38.0568 2152  RasSstp - ok
15:58:38.0583 2152  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:58:38.0615 2152  rdbss - ok
15:58:38.0615 2152  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:58:38.0630 2152  rdpbus - ok
15:58:38.0646 2152  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:38.0677 2152  RDPCDD - ok
15:58:38.0677 2152  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:58:38.0708 2152  RDPENCDD - ok
15:58:38.0708 2152  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:58:38.0724 2152  RDPREFMP - ok
15:58:38.0755 2152  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:58:38.0755 2152  RDPWD - ok
15:58:38.0755 2152  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:58:38.0771 2152  rdyboost - ok
15:58:38.0786 2152  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:58:38.0802 2152  RemoteAccess - ok
15:58:38.0833 2152  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:58:38.0880 2152  RemoteRegistry - ok
15:58:38.0880 2152  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:58:38.0911 2152  RpcEptMapper - ok
15:58:38.0927 2152  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:58:38.0942 2152  RpcLocator - ok
15:58:38.0958 2152  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:58:38.0989 2152  RpcSs - ok
15:58:39.0020 2152  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:58:39.0036 2152  rspndr - ok
15:58:39.0067 2152  [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:58:39.0083 2152  RTL8167 - ok
15:58:39.0098 2152  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:58:39.0114 2152  SamSs - ok
15:58:39.0114 2152  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:58:39.0129 2152  sbp2port - ok
15:58:39.0145 2152  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:58:39.0176 2152  SCardSvr - ok
15:58:39.0176 2152  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:58:39.0207 2152  scfilter - ok
15:58:39.0239 2152  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:58:39.0285 2152  Schedule - ok
15:58:39.0301 2152  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:58:39.0348 2152  SCPolicySvc - ok
15:58:39.0348 2152  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:58:39.0363 2152  SDRSVC - ok
15:58:39.0395 2152  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:58:39.0410 2152  secdrv - ok
15:58:39.0410 2152  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:58:39.0441 2152  seclogon - ok
15:58:39.0457 2152  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:58:39.0473 2152  SENS - ok
15:58:39.0488 2152  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:58:39.0504 2152  SensrSvc - ok
15:58:39.0519 2152  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:58:39.0535 2152  Serenum - ok
15:58:39.0551 2152  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:58:39.0566 2152  Serial - ok
15:58:39.0566 2152  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:58:39.0582 2152  sermouse - ok
15:58:39.0597 2152  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:58:39.0629 2152  SessionEnv - ok
15:58:39.0644 2152  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:58:39.0644 2152  sffdisk - ok
15:58:39.0644 2152  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:58:39.0660 2152  sffp_mmc - ok
15:58:39.0660 2152  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:58:39.0660 2152  sffp_sd - ok
15:58:39.0675 2152  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:58:39.0675 2152  sfloppy - ok
15:58:39.0707 2152  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:58:39.0753 2152  SharedAccess - ok
15:58:39.0753 2152  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:58:39.0785 2152  ShellHWDetection - ok
15:58:39.0800 2152  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:58:39.0800 2152  SiSRaid2 - ok
15:58:39.0800 2152  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:58:39.0816 2152  SiSRaid4 - ok
15:58:39.0831 2152  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:58:39.0847 2152  Smb - ok
15:58:39.0863 2152  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:58:39.0863 2152  SNMPTRAP - ok
15:58:39.0863 2152  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:58:39.0878 2152  spldr - ok
15:58:39.0899 2152  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:58:39.0914 2152  Spooler - ok
15:58:39.0992 2152  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:58:40.0039 2152  sppsvc - ok
15:58:40.0055 2152  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:58:40.0086 2152  sppuinotify - ok
15:58:40.0102 2152  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:58:40.0133 2152  srv - ok
15:58:40.0148 2152  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:58:40.0180 2152  srv2 - ok
15:58:40.0195 2152  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:58:40.0211 2152  srvnet - ok
15:58:40.0242 2152  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:58:40.0273 2152  SSDPSRV - ok
15:58:40.0273 2152  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:58:40.0304 2152  SstpSvc - ok
15:58:40.0351 2152  [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:58:40.0367 2152  Stereo Service - ok
15:58:40.0382 2152  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:58:40.0398 2152  stexstor - ok
15:58:40.0429 2152  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:58:40.0460 2152  stisvc - ok
15:58:40.0460 2152  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:58:40.0460 2152  swenum - ok
15:58:40.0476 2152  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:58:40.0507 2152  swprv - ok
15:58:40.0538 2152  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:58:40.0570 2152  SysMain - ok
15:58:40.0585 2152  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:58:40.0601 2152  TabletInputService - ok
15:58:40.0616 2152  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:58:40.0648 2152  TapiSrv - ok
15:58:40.0663 2152  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:58:40.0679 2152  TBS - ok
15:58:40.0726 2152  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:58:40.0757 2152  Tcpip - ok
15:58:40.0788 2152  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:58:40.0819 2152  TCPIP6 - ok
15:58:40.0835 2152  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:58:40.0835 2152  tcpipreg - ok
15:58:40.0866 2152  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:58:40.0882 2152  TDPIPE - ok
15:58:40.0913 2152  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:58:40.0928 2152  TDTCP - ok
15:58:40.0928 2152  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:58:40.0960 2152  tdx - ok
15:58:40.0960 2152  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:58:40.0975 2152  TermDD - ok
15:58:40.0991 2152  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:58:41.0038 2152  TermService - ok
15:58:41.0038 2152  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:58:41.0053 2152  Themes - ok
15:58:41.0069 2152  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:58:41.0084 2152  THREADORDER - ok
15:58:41.0100 2152  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:58:41.0116 2152  TrkWks - ok
15:58:41.0162 2152  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:58:41.0194 2152  TrustedInstaller - ok
15:58:41.0209 2152  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:41.0225 2152  tssecsrv - ok
15:58:41.0240 2152  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:58:41.0256 2152  TsUsbFlt - ok
15:58:41.0256 2152  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:58:41.0272 2152  TsUsbGD - ok
15:58:41.0287 2152  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:58:41.0303 2152  tunnel - ok
15:58:41.0303 2152  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:58:41.0318 2152  uagp35 - ok
15:58:41.0318 2152  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:58:41.0350 2152  udfs - ok
15:58:41.0350 2152  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:58:41.0365 2152  UI0Detect - ok
15:58:41.0365 2152  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:58:41.0381 2152  uliagpkx - ok
15:58:41.0396 2152  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:58:41.0396 2152  umbus - ok
15:58:41.0412 2152  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:58:41.0412 2152  UmPass - ok
15:58:41.0428 2152  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:58:41.0459 2152  upnphost - ok
15:58:41.0459 2152  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:41.0474 2152  usbccgp - ok
15:58:41.0474 2152  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:58:41.0474 2152  usbcir - ok
15:58:41.0490 2152  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:58:41.0490 2152  usbehci - ok
15:58:41.0521 2152  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:58:41.0537 2152  usbhub - ok
15:58:41.0537 2152  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:58:41.0537 2152  usbohci - ok
15:58:41.0568 2152  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:58:41.0584 2152  usbprint - ok
15:58:41.0584 2152  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:58:41.0599 2152  USBSTOR - ok
15:58:41.0599 2152  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:58:41.0599 2152  usbuhci - ok
15:58:41.0630 2152  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:58:41.0662 2152  UxSms - ok
15:58:41.0677 2152  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:58:41.0693 2152  VaultSvc - ok
15:58:41.0708 2152  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:58:41.0708 2152  vdrvroot - ok
15:58:41.0724 2152  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:58:41.0771 2152  vds - ok
15:58:41.0771 2152  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:41.0786 2152  vga - ok
15:58:41.0786 2152  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:58:41.0802 2152  VgaSave - ok
15:58:41.0802 2152  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:58:41.0818 2152  vhdmp - ok
15:58:41.0833 2152  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:58:41.0833 2152  viaide - ok
15:58:41.0864 2152  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:58:41.0864 2152  volmgr - ok
15:58:41.0883 2152  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:58:41.0890 2152  volmgrx - ok
15:58:41.0890 2152  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:58:41.0890 2152  volsnap - ok
15:58:41.0906 2152  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:58:41.0906 2152  vsmraid - ok
15:58:41.0937 2152  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:58:41.0999 2152  VSS - ok
15:58:41.0999 2152  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:58:42.0015 2152  vwifibus - ok
15:58:42.0030 2152  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:58:42.0046 2152  W32Time - ok
15:58:42.0046 2152  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:58:42.0062 2152  WacomPen - ok
15:58:42.0062 2152  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:58:42.0093 2152  WANARP - ok
15:58:42.0093 2152  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:58:42.0108 2152  Wanarpv6 - ok
15:58:42.0186 2152  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:58:42.0218 2152  WatAdminSvc - ok
15:58:42.0249 2152  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:58:42.0311 2152  wbengine - ok
15:58:42.0311 2152  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:58:42.0327 2152  WbioSrvc - ok
15:58:42.0327 2152  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:58:42.0358 2152  wcncsvc - ok
15:58:42.0358 2152  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:58:42.0374 2152  WcsPlugInService - ok
15:58:42.0389 2152  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:58:42.0405 2152  Wd - ok
15:58:42.0436 2152  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:58:42.0452 2152  Wdf01000 - ok
15:58:42.0467 2152  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:58:42.0498 2152  WdiServiceHost - ok
15:58:42.0498 2152  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:58:42.0498 2152  WdiSystemHost - ok
15:58:42.0514 2152  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:58:42.0530 2152  WebClient - ok
15:58:42.0545 2152  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:58:42.0561 2152  Wecsvc - ok
15:58:42.0576 2152  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:58:42.0608 2152  wercplsupport - ok
15:58:42.0608 2152  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:58:42.0623 2152  WerSvc - ok
15:58:42.0654 2152  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:58:42.0670 2152  WfpLwf - ok
15:58:42.0670 2152  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:58:42.0670 2152  WIMMount - ok
15:58:42.0686 2152  WinDefend - ok
15:58:42.0701 2152  WinHttpAutoProxySvc - ok
15:58:42.0795 2152  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:58:42.0842 2152  Winmgmt - ok
15:58:42.0888 2152  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:58:42.0951 2152  WinRM - ok
15:58:42.0998 2152  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:58:43.0029 2152  Wlansvc - ok
15:58:43.0060 2152  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:58:43.0060 2152  WmiAcpi - ok
15:58:43.0076 2152  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:58:43.0091 2152  wmiApSrv - ok
15:58:43.0107 2152  WMPNetworkSvc - ok
15:58:43.0122 2152  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:58:43.0122 2152  WPCSvc - ok
15:58:43.0122 2152  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:58:43.0138 2152  WPDBusEnum - ok
15:58:43.0154 2152  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:58:43.0169 2152  ws2ifsl - ok
15:58:43.0185 2152  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:58:43.0185 2152  wscsvc - ok
15:58:43.0185 2152  WSearch - ok
15:58:43.0247 2152  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:58:43.0310 2152  wuauserv - ok
15:58:43.0325 2152  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:58:43.0341 2152  WudfPf - ok
15:58:43.0356 2152  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:58:43.0356 2152  WUDFRd - ok
15:58:43.0356 2152  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:58:43.0388 2152  wudfsvc - ok
15:58:43.0403 2152  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:58:43.0434 2152  WwanSvc - ok
15:58:43.0434 2152  ================ Scan global ===============================
15:58:43.0450 2152  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:58:43.0481 2152  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
15:58:43.0481 2152  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
15:58:43.0512 2152  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:58:43.0528 2152  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:58:43.0544 2152  [Global] - ok
15:58:43.0544 2152  ================ Scan MBR ==================================
15:58:43.0559 2152  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:58:43.0778 2152  \Device\Harddisk0\DR0 - ok
15:58:43.0778 2152  ================ Scan VBR ==================================
15:58:43.0793 2152  [ C3A74451B6DD2A3EF5957DE5569B27FF ] \Device\Harddisk0\DR0\Partition1
15:58:43.0793 2152  \Device\Harddisk0\DR0\Partition1 - ok
15:58:43.0809 2152  [ 86AF5D61D2C78EF9E644952FB34CC686 ] \Device\Harddisk0\DR0\Partition2
15:58:43.0824 2152  \Device\Harddisk0\DR0\Partition2 - ok
15:58:43.0824 2152  ============================================================
15:58:43.0824 2152  Scan finished
15:58:43.0824 2152  ============================================================
15:58:43.0824 4052  Detected object count: 0
15:58:43.0824 4052  Actual detected object count: 0
16:01:39.0165 3772  Deinitialize success
 

cannot see where to attach the Zipped file



#13 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 15 September 2013 - 04:23 PM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-15 16:12:07
-----------------------------
16:12:07.931    OS Version: Windows x64 6.1.7601 Service Pack 1
16:12:07.931    Number of processors: 4 586 0x2A07
16:12:07.931    ComputerName: LKK-PC  UserName: LKK
16:12:08.341    Initialize success
16:12:41.611    AVAST engine defs: 13091500
16:12:43.731    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:12:43.731    Disk 0 Vendor: WDC_WD32 15.0 Size: 305245MB BusType: 3
16:12:43.831    Disk 0 MBR read successfully
16:12:43.831    Disk 0 MBR scan
16:12:43.841    Disk 0 Windows 7 default MBR code
16:12:43.841    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
16:12:43.841    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       305143 MB offset 206848
16:12:43.871    Disk 0 scanning C:\Windows\system32\drivers
16:12:48.021    Service scanning
16:12:58.821    Modules scanning
16:12:58.821    Disk 0 trace - called modules:
16:12:58.841    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:12:58.841    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800aed9060]
16:12:58.841    3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80075a8050]
16:12:59.301    AVAST engine scan C:\Windows
16:13:00.261    AVAST engine scan C:\Windows\system32
16:13:49.361    AVAST engine scan C:\Windows\system32\drivers
16:13:53.421    AVAST engine scan C:\Users\LKK
16:14:09.421    AVAST engine scan C:\ProgramData
16:14:11.311    Scan finished successfully
16:14:25.721    Disk 0 MBR has been saved successfully to "C:\Users\LKK\Desktop\MBR.dat"
16:14:25.731    The log file has been saved successfully to "C:\Users\LKK\Desktop\lppaswMBR.txt"

 

windows update log after fresh install was marshaling and delaying updates for some reason it is attached as well since I cannot copy it for some reason.

Attached Files



#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,901 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:09 AM

Posted 16 September 2013 - 08:14 AM

I went to install drivers after instal- rebooting bsod numerous times tried startup repair etc... reinstalling and formatting though windows disk.....please be patient with me


I'm I to understand that you have reformatted you disk and reinstalled the Operating system?

The Windows update log means nothing to me.

What problems are you having with the Windows updates?

Run this tool it may give me some clues.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#15 Laserpaddy

Laserpaddy
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:09 AM

Posted 16 September 2013 - 09:02 AM

Yes new hard drive and dvd drive and bios flash etc---

 

Windows update should not marshall updates

Farbar Service Scanner Version: 13-09-2013
Ran by LKK (administrator) on 16-09-2013 at 09:01:59
Running from "C:\Users\LKK\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ2KGW31"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

 

these are not legit as it says....






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users