Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 boot fail, bad driver - previously infected w/ FBI Ransomware


  • This topic is locked This topic is locked
7 replies to this topic

#1 cobraphx

cobraphx

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 18 January 2014 - 11:51 AM

This Windows 7 64 PC worked great until Xmas. When I got home I couldn't get video. After investigating I found t was in a reeboot loop. It would blue screen as soon as the Windows logo sprites began circling. fails to load in safe mode and Windows Startup Repair had been no help. As part of my troubleshooting, I installed Win7 on a second SSD drive to see if it was a hardware failure. That install works good, just missing all my programs and settings.Because it said it was a driver failure, I tried renaming windows/system32/drivers and copied the same directory from the new install... no change. System Restore to the last known good configuration didn't help. I ran chksdk /r on the SSD drive and got no errors reported Spintire 6 also found no errors on the drive.. I'm attaching t logs, FRST1Attached File  FRST1.txt   89.74KB   0 downloads.TXT is the scan of the broken Windows install, FRST2.TXT is the can of the new clean install on a new SSD on the same computer.

 

So, on to the failures:

 

Blue screen.

----------------------------

0x0000007B (0xFFFFF88000A98E8, OXFFFFFFFFC0000034, 0X0000000000000000, 0X0000000000000000)

 

----------------------------

Startup Repair problem details

----------------------------

Problem signature:

 Problem Event Name:       StartupRepairOffline

 Problem signature 01:      6.1.7600.16385

 Problem signature 02:      6.1.7600.16385

 Problem signature 03:      unknown

 Problem signature 04:      21200340

 Problem signature 05:      AutoFailover

 Problem signature 06:      27

 Problem signature 07:      BadDriver

 OSVersion:                       6.1.7600.2.0.0.256.1

 LocaleID:                          1033

----------------------------

FRST64 from install I want to save.

----------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by SYSTEM on MININT-644BHI1 on 17-01-2014 22:27:35
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Razer Mamba Elite Driver] - C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe [973720 2011-11-25] (Razer USA Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Cobraphx\...\Run: [Google Update] - C:\Users\Cobraphx\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-11-08] (Google Inc.)
HKU\Cobraphx\...\Run: [Steam] - C:\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)
HKU\Cobraphx\...\Run: [CAHeadless] - D:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
HKU\Cobraphx\...\Run: [Akamai NetSession Interface] - C:\Users\Cobraphx\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\Cobraphx\...\Run: [Spotify Web Helper] - C:\Users\Cobraphx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-13] (Spotify Ltd)
HKU\Cobraphx\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)
HKU\Cobraphx\...\Run: [Spotify] - C:\Users\Cobraphx\AppData\Roaming\Spotify\Spotify.exe [5955072 2013-11-13] (Spotify Ltd)
HKU\Cobraphx\...\Run: [GoogleChromeAutoLaunch_712A74A91D6F2526900C261BEA41BB7F] - C:\Users\Cobraphx\AppData\Local\Google\Chrome\Application\chrome.exe [863184 2013-11-06] (Google Inc.)
HKU\Cobraphx\...\RunOnce: [Application Restart #0] - C:\Users\Cobraphx\AppData\Local\Google\Chrome\Application\chrome.exe [863184 2013-11-06] (Google Inc.)
HKU\Cobraphx\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe [829832 2013-10-09] (Adobe Systems Incorporated)
Startup: C:\Users\Cobraphx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)
 
==================== Services (Whitelisted) =================
 
S2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [68608 2013-01-24] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-05-24] ()
S2 Polar Daemon; C:\Program Files (x86)\Polar\Daemon\polard.exe [411136 2011-10-19] ()
S2 AdobeActiveFileMonitor10.0; D:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AdobeActiveFileMonitor9.0; D:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 HDHomeRun Service; "D:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe" [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-09] (Samsung Electronics)
S3 amdkmdag; system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap; system32\DRIVERS\atikmpag.sys [x]
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
S3 AtiHDAudioService; system32\drivers\AtihdW76.sys [x]
S3 cpuz135; \??\C:\Users\Cobraphx\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S3 MBfilt; system32\drivers\MBfilt64.sys [x]
S0 mv91xx; system32\DRIVERS\mv91xx.sys [x]
S0 PxHlpa64; System32\Drivers\PxHlpa64.sys [x]
S3 TsUsbFlt; system32\drivers\tsusbflt.sys [x]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys 7A4B413614C055935567CF88A9734D38
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\EtronHub3.sys DF2F6C1E55F6E81CFC7F688380D85816
C:\Windows\System32\Drivers\EtronXHCI.sys E093ABFB67A4B9D94F80611A7D0A8BB9
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064
C:\Windows\System32\DRIVERS\fvevol.sys 1F44F8559E61A8306ECC67BB1E168B7C
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys E8017F1662D9142F45CEAB694D013C00
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5
C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\drivers\LGBusEnum.sys FA529FB35694C24BF98A9EF67C1CD9D0
C:\Windows\System32\DRIVERS\LGSHidFilt.Sys 94AF1384A67B9FCF5651E70BC9D4C526
C:\Windows\System32\drivers\LGVirHid.sys 94B29CE153765E768F004FB3440BE2B0
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 6B01B7414A105B9E51652089A03027CF
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 9A6089B056EA1B83B36424FC9D0A300E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys 554964B900AE2954B8B589B6287034AC
C:\Windows\System32\DRIVERS\nvlddmkm.sys E71E299FF15390E585BACF2C18F55078
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvvad64v.sys 09216A70CC364D0974F606F6F2109210
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys F4C374B1C46DE294B573BB43723AC3F6
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\SysWOW64\Drivers\SSPORT.sys 0211AB46B73A2623B86C1CFCB30579AB
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\DRIVERS\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys 9E425AC5C9A5A973273D169F43B4F5E1
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-17 22:03 - 2014-01-17 22:03 - 00000000 ____D C:\FRST
2014-01-17 19:12 - 2014-01-17 19:12 - 00000000 ____D C:\Windows\System32\config\Newbak
2014-01-17 18:15 - 2014-01-17 17:06 - 00018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2014-01-17 18:15 - 2014-01-16 21:02 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-01-17 18:15 - 2013-12-05 00:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2014-01-17 18:15 - 2013-10-27 08:12 - 12572960 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-01-17 18:15 - 2013-10-27 08:12 - 00196384 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2014-01-17 18:15 - 2013-05-30 08:16 - 00064280 _____ (Logitech Inc.) C:\Windows\System32\Drivers\LGSHidFilt.Sys
2014-01-17 18:15 - 2013-04-12 06:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-01-17 18:15 - 2013-02-12 06:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2014-01-17 18:15 - 2013-01-23 21:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-01-17 18:15 - 2013-01-03 21:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-01-17 18:15 - 2013-01-03 21:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2014-01-17 18:15 - 2012-09-06 09:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2014-01-17 18:15 - 2012-07-25 20:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2014-01-17 18:15 - 2012-07-25 20:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2014-01-17 18:15 - 2012-07-25 18:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2014-01-17 18:15 - 2012-07-25 18:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2014-01-17 18:15 - 2012-06-02 06:57 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-01-17 18:15 - 2012-06-02 06:35 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-01-17 18:15 - 2012-06-01 21:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2014-01-17 18:15 - 2012-06-01 21:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-01-17 18:15 - 2012-06-01 21:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2014-01-17 18:15 - 2012-04-27 19:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2014-01-17 18:15 - 2012-03-16 23:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2014-01-17 18:15 - 2012-02-29 22:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2014-01-17 18:15 - 2012-02-14 20:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2014-01-17 18:15 - 2011-12-27 19:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-01-17 18:15 - 2011-11-10 00:04 - 00060184 _____ (Intel Corporation) C:\Windows\System32\Drivers\HECIx64.sys
2014-01-17 18:15 - 2011-07-08 18:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2014-01-17 18:15 - 2011-05-03 18:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-01-17 18:15 - 2011-05-03 18:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2014-01-17 18:15 - 2011-04-28 19:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2014-01-17 18:15 - 2011-04-28 19:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2014-01-17 18:15 - 2011-04-28 19:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2014-01-17 18:15 - 2011-04-26 18:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2014-01-17 18:15 - 2011-04-22 12:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-01-17 18:15 - 2011-04-22 01:17 - 00471144 _____ (Realtek                                            ) C:\Windows\System32\Drivers\Rt64win7.sys
2014-01-17 18:15 - 2011-02-22 21:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2014-01-17 18:15 - 2011-02-08 12:30 - 00064512 _____ (Etron Technology Inc) C:\Windows\System32\Drivers\EtronXHCI.sys
2014-01-17 18:15 - 2011-02-08 12:30 - 00039936 _____ (Etron Technology Inc) C:\Windows\System32\Drivers\EtronHub3.sys
2014-01-17 18:15 - 2011-01-25 22:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-01-17 18:15 - 2011-01-25 22:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-01-17 18:15 - 2010-07-28 17:26 - 02445672 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2014-01-17 18:15 - 2010-03-03 20:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2014-01-17 18:15 - 2009-11-23 17:38 - 00016008 _____ (Logitech Inc.) C:\Windows\System32\Drivers\LGVirHid.sys
2014-01-17 18:15 - 2009-11-23 17:37 - 00022408 _____ (Logitech Inc.) C:\Windows\System32\Drivers\LGBusEnum.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00491088 _____ (Adaptec, Inc.) C:\Windows\System32\Drivers\adp94xx.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00339536 _____ (Adaptec, Inc.) C:\Windows\System32\Drivers\adpahci.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00334416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\System32\Drivers\amdsbs.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00182864 _____ (Adaptec, Inc.) C:\Windows\System32\Drivers\adpu320.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00178752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00155728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00106576 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00097856 _____ (Adaptec, Inc.) C:\Windows\System32\Drivers\arcsas.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00087632 _____ (Adaptec, Inc.) C:\Windows\System32\Drivers\arc.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00061008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\AGP440.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00028752 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00028240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00024128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00021584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\compbatt.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\System32\Drivers\cmdide.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00015440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdide.sys
2014-01-17 18:15 - 2009-07-13 17:52 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\System32\Drivers\aliide.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00947776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00410688 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00374864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00367168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\System32\Drivers\MegaSR.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00224832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00155216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mpio.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00149056 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00140352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msdsm.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00122960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\NV_AGP.SYS
2014-01-17 18:15 - 2009-07-13 17:48 - 00115776 _____ (LSI Corporation) C:\Windows\System32\Drivers\lsi_scsi.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00114752 _____ (LSI Corporation) C:\Windows\System32\Drivers\lsi_fc.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00106560 _____ (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00094784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00065600 _____ (LSI Corporation) C:\Windows\System32\Drivers\lsi_sas2.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00060496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00051264 _____ (IBM Corporation) C:\Windows\System32\Drivers\nfrd960.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00050768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00049216 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\System32\Drivers\iirsp.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00035392 _____ (LSI Corporation) C:\Windows\System32\Drivers\megasas.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00032320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00030272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msahci.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00020544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00016960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00015424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msisadrv.sys
2014-01-17 18:15 - 2009-07-13 17:48 - 00014416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hwpolicy.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00530496 _____ (Emulex) C:\Windows\System32\Drivers\elxstor.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00290368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\System32\Drivers\HpSAMD.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00073280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00070224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00065088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\GAGP30KX.SYS
2014-01-17 18:15 - 2009-07-13 17:47 - 00055376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fsdepends.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00039504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00028736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys
2014-01-17 18:15 - 2009-07-13 17:47 - 00024144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\crcdisk.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 01524816 _____ (QLogic Corporation) C:\Windows\System32\Drivers\ql2300.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00363584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00220752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00217680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00214096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00185936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00183872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00171600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00167488 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\System32\Drivers\vsmraid.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00128592 _____ (QLogic Corporation) C:\Windows\System32\Drivers\ql40xx.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00104016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sbp2port.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\System32\Drivers\sisraid4.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00071760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volmgr.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00064592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ULIAGPKX.SYS
2014-01-17 18:15 - 2009-07-13 17:45 - 00064080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UAGP35.SYS
2014-01-17 18:15 - 2009-07-13 17:45 - 00062544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00050768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pcw.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00048720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\System32\Drivers\sisraid2.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00036432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vdrvroot.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00024656 _____ (Promise Technology) C:\Windows\System32\Drivers\stexstor.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00022096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wimmount.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00021056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wd.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00019008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spldr.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\System32\Drivers\viaide.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00016464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00012496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys
2014-01-17 18:15 - 2009-07-13 17:45 - 00012352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys
2014-01-17 18:15 - 2009-07-13 17:43 - 00055128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2014-01-17 18:15 - 2009-07-13 17:19 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerId.sys
2014-01-17 18:15 - 2009-07-13 17:01 - 00651264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2014-01-17 18:15 - 2009-07-13 17:01 - 00116224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2014-01-17 18:15 - 2009-07-13 17:01 - 00095232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2014-01-17 18:15 - 2009-07-13 16:38 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys
2014-01-17 18:15 - 2009-07-13 16:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbrpm.sys
2014-01-17 18:15 - 2009-07-13 16:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpbus.sys
2014-01-17 18:15 - 2009-07-13 16:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-01-17 18:15 - 2009-07-13 16:16 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2014-01-17 18:15 - 2009-07-13 16:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RDPREFMP.sys
2014-01-17 18:15 - 2009-07-13 16:16 - 00007680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RDPENCDD.sys
2014-01-17 18:15 - 2009-07-13 16:16 - 00007680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RDPCDD.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00164352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00092672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00088576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rassstp.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00082944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00057856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00023040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00021504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00014848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys
2014-01-17 18:15 - 2009-07-13 16:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00145920 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00131584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pacer.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00125440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00120320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\irda.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00093184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\smb.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00056320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00046592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\qwavedrv.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2014-01-17 18:15 - 2009-07-13 16:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwf.sys
2014-01-17 18:15 - 2009-07-13 16:08 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2014-01-17 18:15 - 2009-07-13 16:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rspndr.sys
2014-01-17 18:15 - 2009-07-13 16:08 - 00060928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\lltdio.sys
2014-01-17 18:15 - 2009-07-13 16:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndiscap.sys
2014-01-17 18:15 - 2009-07-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00350208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00318976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00227840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\1394ohci.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vwifibus.sys
2014-01-17 18:15 - 2009-07-13 16:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00324608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00122368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-01-17 18:15 - 2009-07-13 16:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00072832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ohci1394.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00068864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00068096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\1394bus.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\umbus.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00046592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\circlass.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBCAMD2.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\umpass.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mshidkmdf.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00007936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2014-01-17 18:15 - 2009-07-13 16:06 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2014-01-17 18:15 - 2009-07-13 16:02 - 00027776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2014-01-17 18:15 - 2009-07-13 16:02 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\MTConfig.sys
2014-01-17 18:15 - 2009-07-13 16:01 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys
2014-01-17 18:15 - 2009-07-13 16:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys
2014-01-17 18:15 - 2009-07-13 16:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys
2014-01-17 18:15 - 2009-07-13 16:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2014-01-17 18:15 - 2009-07-13 16:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys
2014-01-17 18:15 - 2009-07-13 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00094208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\CompositeBus.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sermouse.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksthunk.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00011136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00008064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mstee.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00006784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys
2014-01-17 18:15 - 2009-07-13 16:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys
2014-01-17 18:15 - 2009-07-13 15:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2014-01-17 18:15 - 2009-07-13 15:50 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scfilter.sys
2014-01-17 18:15 - 2009-07-13 15:47 - 00078848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\IPMIDrv.sys
2014-01-17 18:15 - 2009-07-13 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2014-01-17 18:15 - 2009-07-13 15:38 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys
2014-01-17 18:15 - 2009-07-13 15:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2014-01-17 18:15 - 2009-07-13 15:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vgapnp.sys
2014-01-17 18:15 - 2009-07-13 15:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vga.sys
2014-01-17 18:15 - 2009-07-13 15:38 - 00016896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxapi.sys
2014-01-17 18:15 - 2009-07-13 15:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\watchdog.sys
2014-01-17 18:15 - 2009-07-13 15:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\discache.sys
2014-01-17 18:15 - 2009-07-13 15:35 - 00045056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\blbdrive.sys
2014-01-17 18:15 - 2009-07-13 15:31 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidbatt.sys
2014-01-17 18:15 - 2009-07-13 15:31 - 00017664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\CmBatt.sys
2014-01-17 18:15 - 2009-07-13 15:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wmiacpi.sys
2014-01-17 18:15 - 2009-07-13 15:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\errdev.sys
2014-01-17 18:15 - 2009-07-13 15:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpipmi.sys
2014-01-17 18:15 - 2009-07-13 15:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\luafv.sys
2014-01-17 18:15 - 2009-07-13 15:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\filetrace.sys
2014-01-17 18:15 - 2009-07-13 15:24 - 00309248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2014-01-17 18:15 - 2009-07-13 15:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2014-01-17 18:15 - 2009-07-13 15:23 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2014-01-17 18:15 - 2009-07-13 15:23 - 00195072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2014-01-17 18:15 - 2009-07-13 15:23 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2014-01-17 18:15 - 2009-07-13 15:22 - 00751616 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2014-01-17 18:15 - 2009-07-13 15:21 - 00259072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2014-01-17 18:15 - 2009-07-13 15:21 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2014-01-17 18:15 - 2009-07-13 15:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys
2014-01-17 18:15 - 2009-07-13 15:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00105472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00064512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00060928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2014-01-17 18:15 - 2009-07-13 15:19 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys
2014-01-17 18:15 - 2009-06-10 13:00 - 00017463 _____ C:\Windows\System32\Drivers\etc\services
2014-01-17 18:15 - 2009-06-10 13:00 - 00003683 _____ C:\Windows\System32\Drivers\etc\lmhosts.sam
2014-01-17 18:15 - 2009-06-10 13:00 - 00001358 _____ C:\Windows\System32\Drivers\etc\protocol
2014-01-17 18:15 - 2009-06-10 13:00 - 00000407 _____ C:\Windows\System32\Drivers\etc\networks
2014-01-17 18:15 - 2009-06-10 12:48 - 00426496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spsys.sys
2014-01-17 18:15 - 2009-06-10 12:41 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrSerWdm.sys
2014-01-17 18:15 - 2009-06-10 12:41 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltLo.sys
2014-01-17 18:15 - 2009-06-10 12:41 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbMdm.sys
2014-01-17 18:15 - 2009-06-10 12:41 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\System32\Drivers\BrUsbSer.sys
2014-01-17 18:15 - 2009-06-10 12:41 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\System32\Drivers\BrFiltUp.sys
2014-01-17 18:15 - 2009-06-10 12:37 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys
2014-01-17 18:15 - 2009-06-10 12:34 - 03286016 _____ (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2014-01-17 18:15 - 2009-06-10 12:34 - 00468480 _____ (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2014-01-17 18:15 - 2009-06-10 12:34 - 00270848 _____ (Broadcom Corporation) C:\Windows\System32\Drivers\b57nd60a.sys
2014-01-17 18:15 - 2009-06-10 12:31 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\System32\Drivers\hcw85cir.sys
2014-01-17 18:15 - 2009-06-10 12:30 - 03440660 _____ C:\Windows\System32\Drivers\gm.dls
2014-01-17 18:15 - 2009-06-10 12:30 - 00000646 _____ C:\Windows\System32\Drivers\gmreadme.txt
2014-01-16 21:08 - 2009-07-13 17:52 - 00491088 _____ (Adaptec, Inc.) C:\Windows\System32\adp94xx.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00339536 _____ (Adaptec, Inc.) C:\Windows\System32\adpahci.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00334416 _____ (Microsoft Corporation) C:\Windows\System32\acpi.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\System32\amdsbs.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00182864 _____ (Adaptec, Inc.) C:\Windows\System32\adpu320.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00178752 _____ (Microsoft Corporation) C:\Windows\System32\Classpnp.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00155728 _____ (Microsoft Corporation) C:\Windows\System32\ataport.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00106576 _____ (Advanced Micro Devices) C:\Windows\System32\amdsata.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00097856 _____ (Adaptec, Inc.) C:\Windows\System32\arcsas.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00087632 _____ (Adaptec, Inc.) C:\Windows\System32\arc.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00061008 _____ (Microsoft Corporation) C:\Windows\System32\AGP440.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00028752 _____ (Advanced Micro Devices) C:\Windows\System32\amdxata.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00028240 _____ (Microsoft Corporation) C:\Windows\System32\battc.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00024128 _____ (Microsoft Corporation) C:\Windows\System32\atapi.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00021584 _____ (Microsoft Corporation) C:\Windows\System32\compbatt.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\System32\cmdide.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00015440 _____ (Microsoft Corporation) C:\Windows\System32\amdide.sys
2014-01-16 21:08 - 2009-07-13 17:52 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\System32\aliide.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 01659984 _____ (Microsoft Corporation) C:\Windows\System32\ntfs.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00947776 _____ (Microsoft Corporation) C:\Windows\System32\ndis.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00410688 _____ (Intel Corporation) C:\Windows\System32\iaStorV.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00374864 _____ (Microsoft Corporation) C:\Windows\System32\netio.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00367168 _____ (Microsoft Corporation) C:\Windows\System32\msrpc.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\System32\MegaSR.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00224832 _____ (Microsoft Corporation) C:\Windows\System32\msiscsi.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00155216 _____ (Microsoft Corporation) C:\Windows\System32\mpio.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00153152 _____ (Microsoft Corporation) C:\Windows\System32\ksecpkg.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00149056 _____ (NVIDIA Corporation) C:\Windows\System32\nvraid.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00140352 _____ (Microsoft Corporation) C:\Windows\System32\msdsm.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00122960 _____ (Microsoft Corporation) C:\Windows\System32\NV_AGP.SYS
2014-01-16 21:08 - 2009-07-13 17:48 - 00115776 _____ (LSI Corporation) C:\Windows\System32\lsi_scsi.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00114752 _____ (LSI Corporation) C:\Windows\System32\lsi_fc.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00106560 _____ (LSI Corporation) C:\Windows\System32\lsi_sas.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00095312 _____ (Microsoft Corporation) C:\Windows\System32\ksecdd.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00094784 _____ (Microsoft Corporation) C:\Windows\System32\mountmgr.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00065600 _____ (LSI Corporation) C:\Windows\System32\lsi_sas2.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00060496 _____ (Microsoft Corporation) C:\Windows\System32\mup.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00051264 _____ (IBM Corporation) C:\Windows\System32\nfrd960.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00050768 _____ (Microsoft Corporation) C:\Windows\System32\kbdclass.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00049216 _____ (Microsoft Corporation) C:\Windows\System32\mouclass.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\System32\iirsp.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00035392 _____ (LSI Corporation) C:\Windows\System32\megasas.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00032320 _____ (Microsoft Corporation) C:\Windows\System32\mssmbios.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00030272 _____ (Microsoft Corporation) C:\Windows\System32\msahci.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00020544 _____ (Microsoft Corporation) C:\Windows\System32\isapnp.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00016960 _____ (Microsoft Corporation) C:\Windows\System32\intelide.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00015424 _____ (Microsoft Corporation) C:\Windows\System32\msisadrv.sys
2014-01-16 21:08 - 2009-07-13 17:48 - 00014416 _____ (Microsoft Corporation) C:\Windows\System32\hwpolicy.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00530496 _____ (Emulex) C:\Windows\System32\elxstor.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00290368 _____ (Microsoft Corporation) C:\Windows\System32\fltMgr.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00288336 _____ (Microsoft Corporation) C:\Windows\System32\FWPKCLNT.SYS
2014-01-16 21:08 - 2009-07-13 17:47 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\System32\HpSAMD.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00073280 _____ (Microsoft Corporation) C:\Windows\System32\disk.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00070224 _____ (Microsoft Corporation) C:\Windows\System32\fileinfo.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00065088 _____ (Microsoft Corporation) C:\Windows\System32\GAGP30KX.SYS
2014-01-16 21:08 - 2009-07-13 17:47 - 00055376 _____ (Microsoft Corporation) C:\Windows\System32\fsdepends.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00039504 _____ (Microsoft Corporation) C:\Windows\System32\crashdmp.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00028736 _____ (Microsoft Corporation) C:\Windows\System32\Dumpata.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00027216 _____ (Microsoft Corporation) C:\Windows\System32\Diskdump.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00024144 _____ (Microsoft Corporation) C:\Windows\System32\crcdisk.sys
2014-01-16 21:08 - 2009-07-13 17:47 - 00023104 _____ (Microsoft Corporation) C:\Windows\System32\fs_rec.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 01898576 _____ (Microsoft Corporation) C:\Windows\System32\tcpip.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 01524816 _____ (QLogic Corporation) C:\Windows\System32\ql2300.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00654928 _____ (Microsoft Corporation) C:\Windows\System32\Wdf01000.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00363584 _____ (Microsoft Corporation) C:\Windows\System32\volmgrx.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00294992 _____ (Microsoft Corporation) C:\Windows\System32\volsnap.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00220752 _____ (Microsoft Corporation) C:\Windows\System32\pcmcia.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00217680 _____ (Microsoft Corporation) C:\Windows\System32\vhdmp.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00214096 _____ (Microsoft Corporation) C:\Windows\System32\rdyboost.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00185936 _____ (Microsoft Corporation) C:\Windows\System32\storport.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00183872 _____ (Microsoft Corporation) C:\Windows\System32\pci.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00171600 _____ (Microsoft Corporation) C:\Windows\System32\scsiport.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00167488 _____ (NVIDIA Corporation) C:\Windows\System32\nvstor.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\System32\vsmraid.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00128592 _____ (QLogic Corporation) C:\Windows\System32\ql40xx.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00104016 _____ (Microsoft Corporation) C:\Windows\System32\sbp2port.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\System32\sisraid4.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00075840 _____ (Microsoft Corporation) C:\Windows\System32\partmgr.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00071760 _____ (Microsoft Corporation) C:\Windows\System32\volmgr.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00064592 _____ (Microsoft Corporation) C:\Windows\System32\ULIAGPKX.SYS
2014-01-16 21:08 - 2009-07-13 17:45 - 00064080 _____ (Microsoft Corporation) C:\Windows\System32\UAGP35.SYS
2014-01-16 21:08 - 2009-07-13 17:45 - 00062544 _____ (Microsoft Corporation) C:\Windows\System32\termdd.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00050768 _____ (Microsoft Corporation) C:\Windows\System32\pcw.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00048720 _____ (Microsoft Corporation) C:\Windows\System32\pciidex.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\System32\sisraid2.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00042064 _____ (Microsoft Corporation) C:\Windows\System32\WdfLdr.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00036432 _____ (Microsoft Corporation) C:\Windows\System32\vdrvroot.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00024656 _____ (Promise Technology) C:\Windows\System32\stexstor.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00022096 _____ (Microsoft Corporation) C:\Windows\System32\wimmount.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00021056 _____ (Microsoft Corporation) C:\Windows\System32\wd.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00019008 _____ (Microsoft Corporation) C:\Windows\System32\spldr.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\System32\viaide.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00016464 _____ (Microsoft Corporation) C:\Windows\System32\wmilib.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00012496 _____ (Microsoft Corporation) C:\Windows\System32\swenum.sys
2014-01-16 21:08 - 2009-07-13 17:45 - 00012352 _____ (Microsoft Corporation) C:\Windows\System32\pciide.sys
2014-01-16 21:08 - 2009-07-13 17:43 - 00460504 _____ (Microsoft Corporation) C:\Windows\System32\cng.sys
2014-01-16 21:08 - 2009-07-13 17:43 - 00223448 _____ (Microsoft Corporation) C:\Windows\System32\fvevol.sys
2014-01-16 21:08 - 2009-07-13 17:43 - 00055128 _____ (Microsoft Corporation) C:\Windows\System32\dumpfve.sys
2014-01-16 21:08 - 2009-07-13 17:19 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\System32\BrSerId.sys
2014-01-16 21:08 - 2009-07-13 17:01 - 00651264 _____ (Microsoft Corporation) C:\Windows\System32\PEAuth.sys
2014-01-16 21:08 - 2009-07-13 17:01 - 00116224 _____ (Microsoft Corporation) C:\Windows\System32\drmk.sys
2014-01-16 21:08 - 2009-07-13 17:01 - 00095232 _____ (Microsoft Corporation) C:\Windows\System32\bridge.sys
2014-01-16 21:08 - 2009-07-13 16:38 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\usbprint.sys
2014-01-16 21:08 - 2009-07-13 16:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\System32\usbrpm.sys
2014-01-16 21:08 - 2009-07-13 16:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\rdpbus.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\rdpwd.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\tssecsrv.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\tdtcp.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\tdpipe.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\RDPREFMP.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00007680 _____ (Microsoft Corporation) C:\Windows\System32\RDPENCDD.sys
2014-01-16 21:08 - 2009-07-13 16:16 - 00007680 _____ (Microsoft Corporation) C:\Windows\System32\RDPCDD.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00164352 _____ (Microsoft Corporation) C:\Windows\System32\ndiswan.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\rasl2tp.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\System32\ipnat.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\raspptp.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00092672 _____ (Microsoft Corporation) C:\Windows\System32\raspppoe.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00088576 _____ (Microsoft Corporation) C:\Windows\System32\wanarp.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\rassstp.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00082944 _____ (Microsoft Corporation) C:\Windows\System32\ipfltdrv.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\agilevpn.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00057856 _____ (Microsoft Corporation) C:\Windows\System32\ndproxy.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\modem.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\ndistapi.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00023040 _____ (Microsoft Corporation) C:\Windows\System32\asyncmac.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00021504 _____ (Microsoft Corporation) C:\Windows\System32\ws2ifsl.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00014848 _____ (Microsoft Corporation) C:\Windows\System32\rasacd.sys
2014-01-16 21:08 - 2009-07-13 16:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\rootmdm.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00145920 _____ (Microsoft Corporation) C:\Windows\System32\rmcast.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00131584 _____ (Microsoft Corporation) C:\Windows\System32\pacer.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00125440 _____ (Microsoft Corporation) C:\Windows\System32\tunnel.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00120320 _____ (Microsoft Corporation) C:\Windows\System32\irda.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00093184 _____ (Microsoft Corporation) C:\Windows\System32\smb.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00056320 _____ (Microsoft Corporation) C:\Windows\System32\ndisuio.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00046592 _____ (Microsoft Corporation) C:\Windows\System32\qwavedrv.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\tcpipreg.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\netbios.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\RNDISMP.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\usb8023.sys
2014-01-16 21:08 - 2009-07-13 16:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\wfplwf.sys
2014-01-16 21:08 - 2009-07-13 16:08 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\mpsdrv.sys
2014-01-16 21:08 - 2009-07-13 16:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\rspndr.sys
2014-01-16 21:08 - 2009-07-13 16:08 - 00060928 _____ (Microsoft Corporation) C:\Windows\System32\lltdio.sys
2014-01-16 21:08 - 2009-07-13 16:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\System32\ndiscap.sys
2014-01-16 21:08 - 2009-07-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\irenum.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00350208 _____ (Microsoft Corporation) C:\Windows\System32\HdAudio.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\usbhub.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00318976 _____ (Microsoft Corporation) C:\Windows\System32\nwifi.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00227840 _____ (Microsoft Corporation) C:\Windows\System32\1394ohci.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\vwififlt.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\vwifibus.sys
2014-01-16 21:08 - 2009-07-13 16:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\vwifimp.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00324608 _____ (Microsoft Corporation) C:\Windows\System32\usbport.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\portcls.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00172544 _____ (Microsoft Corporation) C:\Windows\System32\WUDFRd.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00122368 _____ (Microsoft Corporation) C:\Windows\System32\hdaudbus.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\hidbth.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\System32\usbcir.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\usbccgp.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\USBSTOR.SYS
2014-01-16 21:08 - 2009-07-13 16:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\hidclass.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00072832 _____ (Microsoft Corporation) C:\Windows\System32\ohci1394.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\bthmodem.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00068864 _____ (Microsoft Corporation) C:\Windows\System32\stream.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00068096 _____ (Microsoft Corporation) C:\Windows\System32\1394bus.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\usbehci.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\umbus.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00046592 _____ (Microsoft Corporation) C:\Windows\System32\hidir.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\circlass.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\USBCAMD2.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\hidparse.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\usbuhci.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\hidusb.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\usbohci.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\umpass.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00008192 _____ (Microsoft Corporation) C:\Windows\System32\mshidkmdf.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00007936 _____ (Microsoft Corporation) C:\Windows\System32\usbd.sys
2014-01-16 21:08 - 2009-07-13 16:06 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\drmkaud.sys
2014-01-16 21:08 - 2009-07-13 16:05 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPf.sys
2014-01-16 21:08 - 2009-07-13 16:02 - 00027776 _____ (Microsoft Corporation) C:\Windows\System32\wacompen.sys
2014-01-16 21:08 - 2009-07-13 16:02 - 00015360 _____ (Microsoft Corporation) C:\Windows\System32\MTConfig.sys
2014-01-16 21:08 - 2009-07-13 16:01 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\tape.sys
2014-01-16 21:08 - 2009-07-13 16:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\mcd.sys
2014-01-16 21:08 - 2009-07-13 16:01 - 00016896 _____ (Microsoft Corporation) C:\Windows\System32\sfloppy.sys
2014-01-16 21:08 - 2009-07-13 16:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\sffp_sd.sys
2014-01-16 21:08 - 2009-07-13 16:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\sffdisk.sys
2014-01-16 21:08 - 2009-07-13 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\sffp_mmc.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\ks.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\parport.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00094208 _____ (Microsoft Corporation) C:\Windows\System32\serial.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\CompositeBus.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\kbdhid.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\mouhid.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\fdc.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\sermouse.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\flpydisk.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\serenum.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\smclib.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\ksthunk.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00011136 _____ (Microsoft Corporation) C:\Windows\System32\mskssrv.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00008064 _____ (Microsoft Corporation) C:\Windows\System32\mstee.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\System32\mspclock.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00006784 _____ (Microsoft Corporation) C:\Windows\System32\mspqm.sys
2014-01-16 21:08 - 2009-07-13 16:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\beep.sys
2014-01-16 21:08 - 2009-07-13 15:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\appid.sys
2014-01-16 21:08 - 2009-07-13 15:50 - 00029696 _____ (Microsoft Corporation) C:\Windows\System32\scfilter.sys
2014-01-16 21:08 - 2009-07-13 15:47 - 00078848 _____ (Microsoft Corporation) C:\Windows\System32\IPMIDrv.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00974848 _____ (Microsoft Corporation) C:\Windows\System32\dxgkrnl.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00258048 _____ (Microsoft Corporation) C:\Windows\System32\dxgmms1.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\videoprt.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\dxg.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\monitor.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\vgapnp.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\vga.sys
2014-01-16 21:08 - 2009-07-13 15:38 - 00016896 _____ (Microsoft Corporation) C:\Windows\System32\dxapi.sys
2014-01-16 21:08 - 2009-07-13 15:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\watchdog.sys
2014-01-16 21:08 - 2009-07-13 15:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\discache.sys
2014-01-16 21:08 - 2009-07-13 15:35 - 00045056 _____ (Microsoft Corporation) C:\Windows\System32\blbdrive.sys
2014-01-16 21:08 - 2009-07-13 15:31 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\hidbatt.sys
2014-01-16 21:08 - 2009-07-13 15:31 - 00017664 _____ (Microsoft Corporation) C:\Windows\System32\CmBatt.sys
2014-01-16 21:08 - 2009-07-13 15:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\wmiacpi.sys
2014-01-16 21:08 - 2009-07-13 15:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\errdev.sys
2014-01-16 21:08 - 2009-07-13 15:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\acpipmi.sys
2014-01-16 21:08 - 2009-07-13 15:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\System32\luafv.sys
2014-01-16 21:08 - 2009-07-13 15:25 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\srv.sys
2014-01-16 21:08 - 2009-07-13 15:25 - 00407040 _____ (Microsoft Corporation) C:\Windows\System32\srv2.sys
2014-01-16 21:08 - 2009-07-13 15:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\filetrace.sys
2014-01-16 21:08 - 2009-07-13 15:24 - 00309248 _____ (Microsoft Corporation) C:\Windows\System32\rdbss.sys
2014-01-16 21:08 - 2009-07-13 15:24 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\mrxsmb10.sys
2014-01-16 21:08 - 2009-07-13 15:24 - 00162816 _____ (Microsoft Corporation) C:\Windows\System32\srvnet.sys
2014-01-16 21:08 - 2009-07-13 15:24 - 00157184 _____ (Microsoft Corporation) C:\Windows\System32\mrxsmb.sys
2014-01-16 21:08 - 2009-07-13 15:24 - 00125952 _____ (Microsoft Corporation) C:\Windows\System32\mrxsmb20.sys
2014-01-16 21:08 - 2009-07-13 15:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\System32\udfs.sys
2014-01-16 21:08 - 2009-07-13 15:23 - 00204800 _____ (Microsoft Corporation) C:\Windows\System32\fastfat.sys
2014-01-16 21:08 - 2009-07-13 15:23 - 00195072 _____ (Microsoft Corporation) C:\Windows\System32\exfat.sys
2014-01-16 21:08 - 2009-07-13 15:23 - 00140800 _____ (Microsoft Corporation) C:\Windows\System32\mrxdav.sys
2014-01-16 21:08 - 2009-07-13 15:23 - 00102400 _____ (Microsoft Corporation) C:\Windows\System32\dfsc.sys
2014-01-16 21:08 - 2009-07-13 15:23 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\bowser.sys
2014-01-16 21:08 - 2009-07-13 15:22 - 00751616 _____ (Microsoft Corporation) C:\Windows\System32\http.sys
2014-01-16 21:08 - 2009-07-13 15:21 - 00500224 _____ (Microsoft Corporation) C:\Windows\System32\afd.sys
2014-01-16 21:08 - 2009-07-13 15:21 - 00259072 _____ (Microsoft Corporation) C:\Windows\System32\netbt.sys
2014-01-16 21:08 - 2009-07-13 15:21 - 00099840 _____ (Microsoft Corporation) C:\Windows\System32\tdx.sys
2014-01-16 21:08 - 2009-07-13 15:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\tdi.sys
2014-01-16 21:08 - 2009-07-13 15:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\nsiproxy.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\System32\cdrom.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00105472 _____ (Microsoft Corporation) C:\Windows\System32\i8042prt.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\cdfs.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00064512 _____ (Microsoft Corporation) C:\Windows\System32\amdk8.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\intelppm.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00060928 _____ (Microsoft Corporation) C:\Windows\System32\amdppm.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\processr.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\npfs.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\msfs.sys
2014-01-16 21:08 - 2009-07-13 15:19 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\null.sys
2014-01-16 21:08 - 2009-06-10 12:48 - 00426496 _____ (Microsoft Corporation) C:\Windows\System32\spsys.sys
2014-01-16 21:08 - 2009-06-10 12:45 - 00000003 _____ C:\Windows\System32\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2014-01-16 21:08 - 2009-06-10 12:41 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\System32\BrSerWdm.sys
2014-01-16 21:08 - 2009-06-10 12:41 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\System32\BrFiltLo.sys
2014-01-16 21:08 - 2009-06-10 12:41 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\System32\BrUsbMdm.sys
2014-01-16 21:08 - 2009-06-10 12:41 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\System32\BrUsbSer.sys
2014-01-16 21:08 - 2009-06-10 12:41 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\System32\BrFiltUp.sys
2014-01-16 21:08 - 2009-06-10 12:37 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\secdrv.sys
2014-01-16 21:08 - 2009-06-10 12:34 - 03286016 _____ (Broadcom Corporation) C:\Windows\System32\evbda.sys
2014-01-16 21:08 - 2009-06-10 12:34 - 00468480 _____ (Broadcom Corporation) C:\Windows\System32\bxvbda.sys
2014-01-16 21:08 - 2009-06-10 12:34 - 00270848 _____ (Broadcom Corporation) C:\Windows\System32\b57nd60a.sys
2014-01-16 21:08 - 2009-06-10 12:31 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\System32\hcw85cir.sys
2014-01-16 21:08 - 2009-06-10 12:30 - 03440660 _____ C:\Windows\System32\gm.dls
2014-01-16 21:08 - 2009-06-10 12:30 - 00000646 _____ C:\Windows\System32\gmreadme.txt
 
==================== One Month Modified Files and Folders =======
 
2014-01-17 22:03 - 2014-01-17 22:03 - 00000000 ____D C:\FRST
2014-01-17 19:12 - 2014-01-17 19:12 - 00000000 ____D C:\Windows\System32\config\Newbak
2014-01-17 17:06 - 2014-01-17 18:15 - 00018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2014-01-16 21:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\drivers.old
2014-01-16 21:02 - 2014-01-17 18:15 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-01-04 22:20 - 2012-11-15 15:49 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-04 22:20 - 2012-08-11 12:02 - 00000000 ____D C:\Users\Cobraphx\AppData\Local\Akamai
2014-01-04 22:20 - 2012-06-06 09:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-04 22:20 - 2011-11-11 00:09 - 00000000 ____D C:\Windows\System32\Macromed
2014-01-04 22:20 - 2011-11-11 00:09 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2014-01-04 22:20 - 2011-11-05 07:13 - 00000000 ____D C:\users\Cobraphx
2014-01-04 22:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2014-01-04 22:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2014-01-04 19:40 - 2011-12-19 18:08 - 00000072 _____ C:\Users\Public\LMDebug.log
 
Files to move or delete:
====================
C:\ProgramData\2wibje0.dat
C:\ProgramData\dejel.pad
C:\ProgramData\jdzdo.pad
C:\Users\Cobraphx\PremiereElements_10_Content_SD1_LS15.exe
 
 
Some content of TEMP:
====================
C:\Users\Cobraphx\AppData\Local\Temp\AcDeltree.exe
C:\Users\Cobraphx\AppData\Local\Temp\air1FE3.exe
C:\Users\Cobraphx\AppData\Local\Temp\installerdll1672121224.dll
C:\Users\Cobraphx\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvStInst.exe
C:\Users\Cobraphx\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Cobraphx\AppData\Local\Temp\sonarinst.exe
C:\Users\Cobraphx\AppData\Local\Temp\vlc-2.0.5-win32.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
Restore point made on: 2013-12-07 03:37:28
Restore point made on: 2013-12-14 03:37:28
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {9e14ce34-07c7-11e1-a0e2-bce9a0f4c17d}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {9e14ce34-07c7-11e1-a0e2-bce9a0f4c17d}
nx                      OptIn
bootlog                 No
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\9e14ce36-07c7-11e1-a0e2-bce9a0f4c17d\Winre.wim,{9e14ce37-07c7-11e1-a0e2-bce9a0f4c17d}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\9e14ce36-07c7-11e1-a0e2-bce9a0f4c17d\Winre.wim,{9e14ce37-07c7-11e1-a0e2-bce9a0f4c17d}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {9e14ce34-07c7-11e1-a0e2-bce9a0f4c17d}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {9e14ce37-07c7-11e1-a0e2-bce9a0f4c17d}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\9e14ce36-07c7-11e1-a0e2-bce9a0f4c17d\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 7%
Total physical RAM: 16366.01 MB
Available physical RAM: 15142.42 MB
Total Pagefile: 16364.16 MB
Available Pagefile: 15170.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.69 GB) (Free:11.5 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:223.47 GB) (Free:171.93 GB) NTFS
Drive g: (WINBOOT) (Removable) (Total:7.44 GB) (Free:7 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 1243C088)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: 42592AB0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7 GB) (Disk ID: 088DF5DF)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)
 
 
LastRegBack: 2013-12-09 23:58
 
==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 cobraphx

cobraphx
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 19 January 2014 - 11:25 PM

Here is the FRST64 run from the new Windows 7 install for comparison. 

 

Attached File  FRST2.txt   230.66KB   0 downloads



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,669 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:01 PM

Posted 23 January 2014 - 11:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/521223 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 cobraphx

cobraphx
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 23 January 2014 - 11:02 PM

Problem still exists, Computer blue screens on windows startup. Also fails to load in safe mode, hangs after loading CLASSPNP.sys. Windows Recovery is unable to repair the installation.

 

No new hardware was added, no new software. I was away for the holidays when the issue appeared. System may have rebooted for a windows update while I was out of town. When I returned, the system was exhibiting the reboot loop issue.

 

I was able to do a clean install on a new drive without issue. But I want to recover the original install if at all possible. 

 

Due to the failing boot issue, I can't preform the DDS scan.

 

I do have the original Windows 7 Home Premium CD.



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:01 AM

Posted 26 January 2014 - 09:36 AM

Greetings cobraphx and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:01 AM

Posted 26 January 2014 - 10:20 AM

Greetings cobraphx,

Thanks again for your patience.

=================================================

Farbar's Recovery Scan Tool - Run Fix

--------------------
  • From a clean computer press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
C:\ProgramData\2wibje0.dat
C:\ProgramData\dejel.pad
C:\ProgramData\jdzdo.pad
C:\Users\Cobraphx\PremiereElements_10_Content_SD1_LS15.exe
C:\Users\Cobraphx\AppData\Local\Temp\AcDeltree.exe
C:\Users\Cobraphx\AppData\Local\Temp\air1FE3.exe
C:\Users\Cobraphx\AppData\Local\Temp\installerdll1672121224.dll
C:\Users\Cobraphx\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cobraphx\AppData\Local\Temp\nvStInst.exe
C:\Users\Cobraphx\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Cobraphx\AppData\Local\Temp\sonarinst.exe
C:\Users\Cobraphx\AppData\Local\Temp\vlc-2.0.5-win32.exe
  • Insert the USB device into your infected computer
  • Enter the System Recovery Options (press F8 during boot up) and select Command Prompt.
  • Run FRST as you did the first time and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the flashdrive (Fixlog.txt). Copy and paste that information in your reply.
  • Type the following in the Search Field
folder: c:\windows\minidump
  • Click Search File(s) button
  • A Search.txt document will be saved to your USB device
  • Copy and paste the contents of that document your reply
  • Please attempt to boot your computer into Normal Mode, or if not, Safe Mode
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Search log
  • Does your computer boot?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:01 AM

Posted 29 January 2014 - 09:54 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:01 AM

Posted 31 January 2014 - 02:04 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users