Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads playing in background, unstoppable, but requires internet to stop it. Help.


  • This topic is locked This topic is locked
17 replies to this topic

#1 sharbotsky

sharbotsky

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 09 January 2014 - 12:00 PM

Hi,

I'm new to this forum so I hope I am doing this correctly.

Yesterday around 8-9pm I was just doing my usual internet business, facebooking, skyping, streaming videos on netflix. Out of nowhere my computer reboots by itself and i thought it was weird and just let it restart. After restarting and running windows, I started surfing the web. That's when I started hearing all these ads playing in the background. They would stop from time to time so I thought I was okay, but it kept doing it. They were random infomercial ads, sports ads, and music would also play. Sometimes multiple ads would play at the same time and things just sounded ridiculous.

I started running microsoft essentials but it didn't find anything. I also ran malwarebytes and it detected threats, removed those threats, but did not fix the problem. After running these programs to no avail i used superantispyware which also detected threats and removed the threats but after reboot, ads were still playing.

Also note that whenever I restarted the computer myself, it would not fully shut down and a black screen with my cursor would appear. I would have to actually press my power button for it to completely shut off and turn it back on for my windows to start.

Whatever this malicious attack is, it requires internet. Whenever i turn off my WiFi, no ads will play. If i leave wifi on long enough, it would also constantly restart my computer without my consent.

Can anyone help me with this? Much appreciated! :)

 

 

Here's the DDS

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 8.0.7600.17267  BrowserJavaVersion: 10.4.1
Run by Sharon at 22:01:34 on 2014-01-09
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3767.1088 [GMT -8:00]
.
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sharon\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\Sharon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Facebook Update] "C:\Users\Sharon\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"                                              
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACERVC~1.LNK - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{73BC40CA-CC40-431D-BB7C-61FD8200AA7D} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{D94FA776-556B-4245-94D4-DB524696B9AF} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{D94FA776-556B-4245-94D4-DB524696B9AF}\2375942554138363 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{D94FA776-556B-4245-94D4-DB524696B9AF}\2416368656C6F62737255537 : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{D94FA776-556B-4245-94D4-DB524696B9AF}\C616A6F6C6C616 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
x64-mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [Onboard] C:\Program Files\Western Digital\WD SmartWare\BackupTask.exe /Onboard "C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - component: C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Sharon\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\Sharon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Sharon\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\Sharon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Sharon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Sharon\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-11-19 20:25; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\rsdrvx64.sys [2013-10-20 26024]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-5-16 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-5-26 867360]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-16 13336]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 134944]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-5 144640]
R2 ODDPwrSvc;Acer ODD Power Service;C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-5-16 171040]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-8-12 87040]
R2 RS_Service;Raw Socket Service;C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-5-16 260640]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-5-26 2314240]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-16 243232]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-4-22 1042808]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-4-1 270192]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-5-26 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-5-16 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-5-16 271872]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2010-5-16 74280]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-25 1358944]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-5-26 40448]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2010-5-26 335400]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-5-26 39464]
S3 Gun;Gun;C:\Game\SoftnyxGame\GunboundIS\Gun64.sys [2013-4-9 45176]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-16 305520]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-16 7680512]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-5 50432]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-28 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== Created Last 30 ================
.
2014-01-09 21:53:10 -------- d-----w- C:\ProgramData\boost_interprocess
2014-01-09 16:27:02 -------- d-----w- C:\Windows\ERUNT
2014-01-09 16:18:12 -------- d-----w- C:\AdwCleaner
2014-01-09 08:21:04 -------- d-----w- C:\Users\Sharon\AppData\Roaming\SUPERAntiSpyware.com
2014-01-09 08:20:53 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-01-09 04:28:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-09 03:49:03 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{94826D45-738C-4953-8A8E-BEF8EFB4C09E}\offreg.dll
2014-01-08 23:33:51 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{94826D45-738C-4953-8A8E-BEF8EFB4C09E}\mpengine.dll
2014-01-08 09:54:30 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-16 21:15:07 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDB8.DLL
2013-12-16 21:15:07 100352 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPB8.DLL
2013-12-16 21:13:59 389120 ----a-w- C:\Windows\System32\CNMLMB8.DLL
.
==================== Find3M  ====================
.
2013-12-11 08:34:40 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 08:34:40 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 22:06:12.06 ===============

Edited by sharbotsky, 10 January 2014 - 01:09 AM.


BC AdBot (Login to Remove)

 


#2 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 10 January 2014 - 03:24 AM

.


Edited by sharbotsky, 10 January 2014 - 03:25 AM.


#3 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 11 January 2014 - 03:31 PM

Hello and welcome.  Please follow these guidelines while we work on your PC:

  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.

icon11.gif   Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#4 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 12 January 2014 - 03:54 AM

I ran the scan on safe mode with networking, and my audio device was not responding. I also received a pop up that says "You are about to be logged off. Windows will shut down in 1 minute." These messages do not show up when I use only safe mode.

 

here is the FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05
Ran by Sharon (administrator) on SHARON-PC on 12-01-2014 00:48:27
Running from C:\Users\Sharon\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Google Inc.) C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775072 2010-04-22] (Realtek Semiconductor)
HKLM\...\Run: [ODDPwr] - C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-22] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-16] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [Onboard] - C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3162488 2013-04-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-16] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-08] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [MDS_Menu] - "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"                                              
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-04-01] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5687152 2013-04-22] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-19] (SUPERAntiSpyware)
HKCU\...\RunOnce: [Report] - C:\AdwCleaner\AdwCleaner[S2].txt [1118 2014-01-10] ()
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-14] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-14] ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_4820t&r=27360710t006l04h3z125t5661j836
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.4.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Sharon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Sharon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Sharon\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Sharon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Sharon\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Sharon\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Sharon\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Sharon\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Sharon\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Sharon\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default\searchplugins\startnow.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Adblock Plus - C:\Users\Sharon\AppData\Roaming\Mozilla\Firefox\Profiles\rojazsk4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-22]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-22]
 
Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sharon\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-05]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-06]
CHR StartMenuInternet: Google Chrome - C:\Users\Sharon\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-25] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-16] (Egis Technology Inc.)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-22] (Acer Incorporated)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] ()
S2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] ()
S2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-04-22] (Western Digital Technologies, Inc.)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-04-01] (Western Digital Technologies, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 Gun; C:\Game\SoftnyxGame\GunboundIS\Gun64.sys [45176 2013-04-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-12 00:45 - 2014-01-12 00:48 - 00019655 _____ C:\Users\Sharon\Desktop\FRST.txt
2014-01-12 00:44 - 2014-01-12 00:44 - 00000000 ____D C:\Users\Sharon\Desktop\FRST-OlderVersion
2014-01-12 00:43 - 2014-01-12 00:44 - 02076672 _____ (Farbar) C:\Users\Sharon\Downloads\FRST64.exe
2014-01-10 15:57 - 2014-01-10 15:57 - 00000634 _____ C:\Users\Sharon\Desktop\JRT.txt
2014-01-10 15:24 - 2014-01-12 00:44 - 00000000 ____D C:\FRST
2014-01-10 15:22 - 2014-01-10 15:22 - 02356000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00767144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00292912 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00273576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00028840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WSDScan.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WSDPrint.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00016896 _____ (NewTech Infosystems Corporation) C:\Windows\system32\Drivers\UBHelper.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014464 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-10 15:21 - 2014-01-10 15:22 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 10322848 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 07680512 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5s64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 03060800 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00335400 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00271872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00251192 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00241464 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00192824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00135720 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00102440 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00074280 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060464 _____ (Egis Technology Inc.) C:\Windows\system32\Drivers\mwlPSDVDisk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00039464 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00036928 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\htcnprot.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00030272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00022576 _____ (Egis Technology Inc.) C:\Windows\system32\Drivers\mwlPSDFilter.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00020016 _____ (Egis Technology Inc.) C:\Windows\system32\Drivers\mwlPSDNserv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00018432 _____ (NewTech Infosystems, Inc.) C:\Windows\system32\Drivers\NTIDrvr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-10 15:20 - 2014-01-10 15:24 - 00000000 ____D C:\Users\Sharon\Desktop\RK_Quarantine
2014-01-10 15:20 - 2014-01-10 15:21 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00040448 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00033736 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-10 15:19 - 2014-01-12 00:44 - 02076672 _____ (Farbar) C:\Users\Sharon\Desktop\FRST64.exe
2014-01-10 15:19 - 2014-01-10 14:59 - 03810304 _____ C:\Users\Sharon\Desktop\RogueKiller.exe
2014-01-10 15:00 - 2014-01-10 15:00 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dfb765c1-d479-4bfe-b0df-ffa45e54d889.job
2014-01-10 15:00 - 2014-01-10 15:00 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 63637880-579d-4380-8989-b4767e7e25f5.job
2014-01-10 15:00 - 2014-01-10 15:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Sharon\Documents\SelfMV
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Sharon\Documents\samsung
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\Samsung
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2014-01-10 07:57 - 2014-01-10 15:00 - 00001812 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-01-10 01:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-10 00:55 - 2014-01-10 00:56 - 04745728 _____ (AVAST Software) C:\Users\Sharon\Downloads\aswMBR.exe
2014-01-10 00:50 - 2014-01-10 00:50 - 00033800 _____ C:\ComboFix.txt
2014-01-10 00:28 - 2014-01-10 00:50 - 00000000 ____D C:\Qoobox
2014-01-10 00:28 - 2011-06-25 22:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-10 00:28 - 2010-11-07 09:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-10 00:28 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-10 00:28 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-10 00:28 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-10 00:28 - 2000-08-30 16:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-10 00:28 - 2000-08-30 16:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-10 00:28 - 2000-08-30 16:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-10 00:27 - 2014-01-10 00:48 - 00000000 ____D C:\Windows\erdnt
2014-01-10 00:24 - 2014-01-10 00:25 - 05162489 ____R (Swearware) C:\Users\Sharon\Desktop\ComboFix.exe
2014-01-10 00:10 - 2014-01-10 00:22 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-10 00:06 - 2014-01-10 00:09 - 10264904 _____ (SurfRight B.V.) C:\Users\Sharon\Downloads\HitmanPro_x64.exe
2014-01-09 22:06 - 2014-01-09 22:06 - 00026083 _____ C:\Users\Sharon\Desktop\dds.txt
2014-01-09 22:06 - 2014-01-09 22:06 - 00013022 _____ C:\Users\Sharon\Desktop\attach.txt
2014-01-09 21:59 - 2014-01-09 22:00 - 00688992 ____R (Swearware) C:\Users\Sharon\Downloads\dds.com
2014-01-09 08:27 - 2014-01-09 08:27 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 08:26 - 2014-01-09 08:26 - 00021161 _____ C:\Users\Sharon\Documents\AdwCleaner[S0].txt
2014-01-09 08:25 - 2014-01-09 08:25 - 01037068 _____ (Thisisu) C:\Users\Sharon\Downloads\JRT.exe
2014-01-09 08:18 - 2014-01-10 14:58 - 00000000 ____D C:\AdwCleaner
2014-01-09 08:17 - 2014-01-09 08:17 - 01233962 _____ C:\Users\Sharon\Downloads\adwcleaner.exe
2014-01-09 00:21 - 2014-01-09 00:21 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\SUPERAntiSpyware.com
2014-01-09 00:20 - 2014-01-09 00:20 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2014-01-09 00:16 - 2014-01-09 00:18 - 29342272 _____ (SUPERAntiSpyware) C:\Users\Sharon\Downloads\SUPERAntiSpyware.exe
2014-01-09 00:07 - 2014-01-09 00:09 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Sharon\Downloads\tdsskiller.exe
2014-01-08 20:28 - 2014-01-10 01:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-08 20:08 - 2014-01-08 20:15 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sharon\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-08 19:23 - 2014-01-08 19:23 - 00037376 _____ C:\Windows\system32\kussjfm.vxl
2014-01-08 19:13 - 2014-01-10 17:43 - 00000078 _____ C:\Windows\system32\ktups.gsk
2014-01-08 19:12 - 2014-01-08 19:23 - 00000102 _____ C:\Windows\system32\yjtvxe.ctn
2014-01-08 19:12 - 2014-01-08 19:12 - 00000064 _____ C:\Windows\system32\eqqsebx.und
2014-01-08 18:56 - 2014-01-08 18:56 - 00219314 ____S C:\Windows\system32\auyvzy.anz
2013-12-16 13:13 - 2012-03-26 05:00 - 00389120 _____ (CANON INC.) C:\Windows\system32\CNMLMB8.DLL
 
==================== One Month Modified Files and Folders =======
 
2014-01-12 00:48 - 2014-01-12 00:45 - 00019655 _____ C:\Users\Sharon\Desktop\FRST.txt
2014-01-12 00:44 - 2014-01-12 00:44 - 00000000 ____D C:\Users\Sharon\Desktop\FRST-OlderVersion
2014-01-12 00:44 - 2014-01-12 00:43 - 02076672 _____ (Farbar) C:\Users\Sharon\Downloads\FRST64.exe
2014-01-12 00:44 - 2014-01-10 15:24 - 00000000 ____D C:\FRST
2014-01-12 00:44 - 2014-01-10 15:19 - 02076672 _____ (Farbar) C:\Users\Sharon\Desktop\FRST64.exe
2014-01-10 18:36 - 2010-05-26 09:22 - 01237472 _____ C:\Windows\WindowsUpdate.log
2014-01-10 17:43 - 2014-01-08 19:13 - 00000078 _____ C:\Windows\system32\ktups.gsk
2014-01-10 15:57 - 2014-01-10 15:57 - 00000634 _____ C:\Users\Sharon\Desktop\JRT.txt
2014-01-10 15:28 - 2009-07-13 21:13 - 00727334 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-10 15:24 - 2014-01-10 15:20 - 00000000 ____D C:\Users\Sharon\Desktop\RK_Quarantine
2014-01-10 15:22 - 2014-01-10 15:22 - 02356000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00767144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00292912 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00273576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00028840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WSDScan.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WSDPrint.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00016896 _____ (NewTech Infosystems Corporation) C:\Windows\system32\Drivers\UBHelper.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014464 _____ (Western Digital Technologies) C:\Windows\system32\Drivers\wdcsam64.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-10 15:22 - 2014-01-10 15:22 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-10 15:22 - 2014-01-10 15:21 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 10322848 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 07680512 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5s64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 03060800 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00335400 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00271872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00251192 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00241464 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00192824 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00135720 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00102440 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00074280 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060464 _____ (Egis Technology Inc.) C:\Windows\system32\Drivers\mwlPSDVDisk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgfwd6a.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00039464 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00036928 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\htcnprot.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00030272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00022576 _____ (Egis Technology Inc.) C:\Windows\system32\Drivers\mwlPSDFilter.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00020016 _____ (Egis Technology Inc.) C:\Windows\system32\Drivers\mwlPSDNserv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00018432 _____ (NewTech Infosystems, Inc.) C:\Windows\system32\Drivers\NTIDrvr.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-10 15:21 - 2014-01-10 15:21 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-10 15:21 - 2014-01-10 15:20 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00040448 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00033736 _____ (HTC, Corporation) C:\Windows\system32\Drivers\ANDROIDUSB.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-10 15:20 - 2014-01-10 15:20 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-10 15:00 - 2014-01-10 15:00 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task dfb765c1-d479-4bfe-b0df-ffa45e54d889.job
2014-01-10 15:00 - 2014-01-10 15:00 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 63637880-579d-4380-8989-b4767e7e25f5.job
2014-01-10 15:00 - 2014-01-10 15:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2014-01-10 15:00 - 2014-01-10 07:57 - 00001812 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-01-10 14:59 - 2014-01-10 15:19 - 03810304 _____ C:\Users\Sharon\Desktop\RogueKiller.exe
2014-01-10 14:58 - 2014-01-09 08:18 - 00000000 ____D C:\AdwCleaner
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Sharon\Documents\SelfMV
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Sharon\Documents\samsung
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\Samsung
2014-01-10 14:55 - 2014-01-10 14:55 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2014-01-10 14:44 - 2013-12-04 17:26 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2014-01-10 14:44 - 2012-07-22 15:21 - 00045128 _____ C:\Windows\setupact.log
2014-01-10 14:44 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 14:41 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 14:41 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 14:39 - 2010-07-26 10:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 14:38 - 2010-07-26 10:11 - 00000000 ____D C:\Users\Sharon
2014-01-10 14:35 - 2012-12-14 21:16 - 00000000 ____D C:\Users\Sharon\Desktop\League of Legends
2014-01-10 14:35 - 2012-07-30 17:20 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\Malwarebytes
2014-01-10 14:35 - 2010-09-03 23:04 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\Skype
2014-01-10 14:35 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2014-01-10 07:54 - 2012-07-31 00:16 - 00049402 _____ C:\Windows\PFRO.log
2014-01-10 07:50 - 2013-10-22 16:27 - 00000000 ____D C:\ProgramData\MFAData
2014-01-10 07:48 - 2010-07-26 10:29 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 07:46 - 2013-01-13 18:29 - 00000000 ___RD C:\Users\Sharon\Google Drive
2014-01-10 01:02 - 2014-01-08 20:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 00:56 - 2014-01-10 00:55 - 04745728 _____ (AVAST Software) C:\Users\Sharon\Downloads\aswMBR.exe
2014-01-10 00:50 - 2014-01-10 00:50 - 00033800 _____ C:\ComboFix.txt
2014-01-10 00:50 - 2014-01-10 00:28 - 00000000 ____D C:\Qoobox
2014-01-10 00:50 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Default
2014-01-10 00:48 - 2014-01-10 00:27 - 00000000 ____D C:\Windows\erdnt
2014-01-10 00:41 - 2009-07-13 18:34 - 00000215 _____ C:\Windows\system.ini
2014-01-10 00:34 - 2013-01-09 11:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 00:25 - 2014-01-10 00:24 - 05162489 ____R (Swearware) C:\Users\Sharon\Desktop\ComboFix.exe
2014-01-10 00:22 - 2014-01-10 00:10 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-10 00:09 - 2014-01-10 00:06 - 10264904 _____ (SurfRight B.V.) C:\Users\Sharon\Downloads\HitmanPro_x64.exe
2014-01-10 00:09 - 2011-05-05 18:18 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-654952758-3240891001-1665640597-1001UA.job
2014-01-09 22:09 - 2012-08-01 00:22 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-654952758-3240891001-1665640597-1001UA.job
2014-01-09 22:06 - 2014-01-09 22:06 - 00026083 _____ C:\Users\Sharon\Desktop\dds.txt
2014-01-09 22:06 - 2014-01-09 22:06 - 00013022 _____ C:\Users\Sharon\Desktop\attach.txt
2014-01-09 22:00 - 2014-01-09 21:59 - 00688992 ____R (Swearware) C:\Users\Sharon\Downloads\dds.com
2014-01-09 08:27 - 2014-01-09 08:27 - 00000000 ____D C:\Windows\ERUNT
2014-01-09 08:26 - 2014-01-09 08:26 - 00021161 _____ C:\Users\Sharon\Documents\AdwCleaner[S0].txt
2014-01-09 08:25 - 2014-01-09 08:25 - 01037068 _____ (Thisisu) C:\Users\Sharon\Downloads\JRT.exe
2014-01-09 08:17 - 2014-01-09 08:17 - 01233962 _____ C:\Users\Sharon\Downloads\adwcleaner.exe
2014-01-09 01:09 - 2012-08-01 00:22 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-654952758-3240891001-1665640597-1001Core.job
2014-01-09 00:21 - 2014-01-09 00:21 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\SUPERAntiSpyware.com
2014-01-09 00:20 - 2014-01-09 00:20 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2014-01-09 00:18 - 2014-01-09 00:16 - 29342272 _____ (SUPERAntiSpyware) C:\Users\Sharon\Downloads\SUPERAntiSpyware.exe
2014-01-09 00:09 - 2014-01-09 00:07 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Sharon\Downloads\tdsskiller.exe
2014-01-08 23:56 - 2013-07-07 23:32 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\vlc
2014-01-08 23:55 - 2011-12-08 12:22 - 00000000 ____D C:\Program Files (x86)\FoxTabFLVPlayer
2014-01-08 20:53 - 2010-05-16 01:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-08 20:15 - 2014-01-08 20:08 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Sharon\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-08 19:50 - 2011-06-01 16:16 - 00000000 ____D C:\Program Files (x86)\DJ Music Mixer
2014-01-08 19:48 - 2010-07-26 10:30 - 00000000 ____D C:\Users\Sharon\AppData\Roaming\acccore
2014-01-08 19:23 - 2014-01-08 19:23 - 00037376 _____ C:\Windows\system32\kussjfm.vxl
2014-01-08 19:23 - 2014-01-08 19:12 - 00000102 _____ C:\Windows\system32\yjtvxe.ctn
2014-01-08 19:12 - 2014-01-08 19:12 - 00000064 _____ C:\Windows\system32\eqqsebx.und
2014-01-08 18:56 - 2014-01-08 18:56 - 00219314 ____S C:\Windows\system32\auyvzy.anz
2014-01-08 18:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\system32\sysprep
2014-01-08 13:48 - 2011-05-05 18:18 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-654952758-3240891001-1665640597-1001Core.job
2014-01-06 20:16 - 2012-06-05 18:36 - 00000000 ____D C:\Users\Sharon\Documents\PPS
2014-01-04 08:28 - 2013-10-22 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 15:47 - 2012-04-25 17:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-13 18:56 - 2013-07-14 17:33 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:53 - 2010-10-18 08:06 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\Sharon\AppData\Local\Temp\mpam-d41151f4.exe
C:\Users\Sharon\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Sharon\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-07-13 16:00] - [2009-07-13 17:41] - 0510464 ____A (Microsoft Corporation) 1E2C813A2CD8F059696813885428E7E2
 
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-09 03:48
 
==================== End Of Log ============================

Attached Files


Edited by sharbotsky, 12 January 2014 - 03:59 AM.


#5 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 12 January 2014 - 09:55 AM

Please do this next:

icon11.gif   Run FRST again.

  • When the tool opens click Yes to disclaimer.
  • Enter the following into the search box:  rpcss.dll
  • Press the Search File(s) button
  • The tool will make another log please post it to your reply.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#6 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 12 January 2014 - 01:46 PM

I'm writing this on another laptop. Currently running the FRST search, I received a notification on the bottom right side of the task bar that said "Farbar Recovery Scan Tool: FRST64.exe - Corrupt File. The file or directory C: is corrupt and unreadable. Please run the Chkdsk utility." Search is still going. Should I continue?



#7 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 12 January 2014 - 02:15 PM

Download a new copy of FRST on your uninfected laptop, move it to the infected machine with a thumb drive, the try the search again.


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#8 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 13 January 2014 - 12:20 AM

Here's the search.txt

 

Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05
Ran by Sharon at 2014-01-12 20:28:58
Running from C:\Users\Sharon\Desktop
Boot Mode: Safe Mode (minimal)
 
================== Search: "rpcss.dll" ===================
 
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[2009-07-13 16:00] - [2009-07-13 17:41] - 0509440 ____A (Microsoft Corporation) 7266972E86890E2B30C0C322E906B027
 
C:\Windows\System32\rpcss.dll
[2009-07-13 16:00] - [2009-07-13 17:41] - 0510464 ____A (Microsoft Corporation) 1E2C813A2CD8F059696813885428E7E2
 
====== End Of Search ======


#9 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 13 January 2014 - 10:34 AM

Please do this next:

icon11.gif   Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it in the same location as FRST (usually your desktop) as fixlist.txt

2014-01-08 19:23 - 2014-01-08 19:23 - 00037376 _____ C:\Windows\system32\kussjfm.vxl
2014-01-08 19:13 - 2014-01-10 17:43 - 00000078 _____ C:\Windows\system32\ktups.gsk
2014-01-08 19:12 - 2014-01-08 19:23 - 00000102 _____ C:\Windows\system32\yjtvxe.ctn
2014-01-08 19:12 - 2014-01-08 19:12 - 00000064 _____ C:\Windows\system32\eqqsebx.und
2014-01-08 18:56 - 2014-01-08 18:56 - 00219314 ____S C:\Windows\system32\auyvzy.anz
C:\Users\Sharon\AppData\Local\Temp\mpam-d41151f4.exe
C:\Users\Sharon\AppData\Local\Temp\Quarantine.exe
Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll C:\Windows\System32\rpcss.dll
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now run FRST again.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) please post it to your reply.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#10 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 13 January 2014 - 01:43 PM

I logged onto my infected laptop in normal windows and no longer hear any ads playing and have not been told that my computer will shut down. 

Here's the Fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2014 05
Ran by Sharon at 2014-01-13 10:28:00 Run:1
Running from C:\Users\Sharon\Desktop
Boot Mode: Safe Mode (minimal)
==============================================
 
Content of fixlist:
*****************
2014-01-08 19:23 - 2014-01-08 19:23 - 00037376 _____ C:\Windows\system32\kussjfm.vxl
2014-01-08 19:13 - 2014-01-10 17:43 - 00000078 _____ C:\Windows\system32\ktups.gsk
2014-01-08 19:12 - 2014-01-08 19:23 - 00000102 _____ C:\Windows\system32\yjtvxe.ctn
2014-01-08 19:12 - 2014-01-08 19:12 - 00000064 _____ C:\Windows\system32\eqqsebx.und
2014-01-08 18:56 - 2014-01-08 18:56 - 00219314 ____S C:\Windows\system32\auyvzy.anz
C:\Users\Sharon\AppData\Local\Temp\mpam-d41151f4.exe
C:\Users\Sharon\AppData\Local\Temp\Quarantine.exe
Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll C:\Windows\System32\rpcss.dll
*****************
 
C:\Windows\system32\kussjfm.vxl => Moved successfully.
C:\Windows\system32\ktups.gsk => Moved successfully.
Could not move "C:\Windows\system32\yjtvxe.ctn" => Scheduled to move on reboot.
C:\Windows\system32\eqqsebx.und => Moved successfully.
Could not move "C:\Windows\system32\auyvzy.anz" => Scheduled to move on reboot.
C:\Users\Sharon\AppData\Local\Temp\mpam-d41151f4.exe => Moved successfully.
C:\Users\Sharon\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll
 
=> Result of Scheduled Files to move (Boot Mode: Safe Mode (minimal)) (Date&Time: 2014-01-13 10:29:55)<=
 
C:\Windows\system32\yjtvxe.ctn => Is moved successfully.
C:\Windows\system32\auyvzy.anz => Is moved successfully.
 
==== End of Fixlog ====


#11 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 13 January 2014 - 02:55 PM

Please do this next:

icon11.gif  You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.

Open MBAM

  • Click the Update tab
  • Click Check for Updates
  • If an update is found, it will download and install the latest version.
  • The program will close to update and reopen.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Uncheck any entries from C:\System Volume Information, C:FRST\Quarantine or C:\Qoobox
  • Make sure that everything else is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Please include the following in your next post:
  • MBAM log


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#12 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 13 January 2014 - 09:50 PM

i performed the scan while i was away and was unable to view the results so i couldn't uncheck the following: C:\System Volume Information, C:FRST\Quarantine or C:\Qoobox.

 

here is the mbam log

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.13.07
 
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Sharon :: SHARON-PC [administrator]
 
1/13/2014 12:09:52 PM
mbam-log-2014-01-13 (12-09-52).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 577451
Time elapsed: 2 hour(s), 31 minute(s), 34 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#13 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 13 January 2014 - 11:14 PM

How is your computer running now?  Please do this next:

icon11.gif  Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.  Please go to www.java.com and press the "Free Java Download" button near the center of the page.  Follow the prompts to install the latest version. Once it completes a web page should open that will verify that you have the latest version.  Below that is a box with a link to remove older, insecure versions.  Click that and follow the prompts.

icon11.gif  Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.

Please include the following in your next post:

  • How is the computer running now?
  • ESET log

 


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#14 sharbotsky

sharbotsky
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:41 PM

Posted 14 January 2014 - 04:02 AM

my computer has been fine running on normal windows mode. No ads playing and audio is working. I haven't been prompted my computer that it will be shutting down. everything is running normal!

 

here's the log from the eset scanner

 

C:\FRST\Quarantine\rpcss.dll Win64/Patched.H trojan


#15 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:41 PM

Posted 14 January 2014 - 03:15 PM

Excellent!  That ESET detection is already in quarantine and will be removed with these last steps.  All I have left for you is another update and some very important cleanup:

icon11.gif  Your Adobe reader needs to be updated.  Please visit Adobe's site and grab the newest version.  Be sure to watch for and uncheck any boxes offering to install other software.

icon11.gif  Uninstall ComboFix

  • Press the Windows key + R on your keyboard or click Start -> Run.  Copy and past the following text into the run box that opens and press OK:
    Combofix /Uninstall

Combofix_uninstall_image.jpg

icon11.gif  Download OTC to your desktop and run it
  • Click Yes to begin the cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.
  • Manually delete any remaining logs or tools from our fixes

icon11.gif  Double click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.

icon11.gif  Download TFC to your desktop
  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't,  manually reboot to ensure a complete clean

icon11.gif  Finally, I'd like to make a couple of suggestions to help you stay clean in the future:
  • Restart any anti-malware programs that we disabled while we were cleaning your machine.
  • Keep your antivirus application and MBAM current and updated.  Scan with them at least weekly.
  • Please read this post for some helpful information.

Please post once more so I know you are all set and I can mark this thread resolved. Good luck and stay safe!


Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users