Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection...logs requested per Hamluis


  • This topic is locked This topic is locked
20 replies to this topic

#1 bobbybrantley

bobbybrantley

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 21 January 2014 - 05:33 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by Home at 17:23:54 on 2014-01-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4095.2530 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
mStart Page = about:blank
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\558df7e5-9ab9-4895-9e78-da6c846b9395.exe /check
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
Trusted Zone: localhost
TCP: NameServer = 24.247.24.53 66.189.0.100 24.178.162.3
TCP: Interfaces\{8C460E35-AB30-4969-BFEA-CAFBBE3A86C4} : DHCPNameServer = 24.247.24.53 66.189.0.100 24.178.162.3
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mStart Page = about:blank
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3qw2ck9t.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-9-3 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-9-3 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-9-3 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-9-3 422216]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-9-3 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-18 50344]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-18 79672]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-1-15 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-15 888536]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2014-1-15 689840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-10 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-7 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-12 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-7-7 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-6 1255736]
S4 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-29 881440]
S4 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-5 1494304]
S4 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-21 15129376]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S4 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2014-1-15 27768]
.
=============== Created Last 30 ================
.
2014-01-21 12:18:53    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDB275D1-6A12-43A6-891D-2A931D05E0CE}\offreg.dll
2014-01-21 11:22:15    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EDB275D1-6A12-43A6-891D-2A931D05E0CE}\mpengine.dll
2014-01-20 19:48:02    10315576    ------w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{53FC6863-477D-4065-88BF-8A6C14EE0975}\mpengine.dll
2014-01-18 02:13:59    --------    d-----w-    C:\Users\Home\.swt
2014-01-18 02:13:53    --------    d-----w-    C:\Users\Home\Incomplete
2014-01-16 03:53:11    470376    ----a-w-    C:\Windows\System32\ipcoin82.dll
2014-01-16 03:53:11    45416    ----a-w-    C:\Windows\System32\drivers\point64.sys
2014-01-16 03:53:11    1721576    ----a-w-    C:\Windows\System32\wdfcoinstaller01009.dll
2014-01-16 03:52:21    888536    ----a-w-    C:\Windows\System32\drivers\Rt64win7.sys
2014-01-16 03:52:21    73800    ----a-w-    C:\Windows\System32\RtNicProp64.dll
2014-01-16 01:47:50    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 10:30:30    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 10:30:30    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-15 10:30:30    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-15 10:30:30    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-15 10:30:30    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-15 10:30:30    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 10:30:30    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-15 10:30:29    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-01-15 10:30:29    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-10 17:30:09    --------    d-----w-    C:\Users\Home\AppData\Roaming\DVD Flick
2014-01-10 17:29:40    662288    ----a-w-    C:\Windows\SysWow64\mscomct2.ocx
2014-01-10 17:29:40    609824    ----a-w-    C:\Windows\SysWow64\comctl32.ocx
2014-01-10 17:29:40    40960    ----a-w-    C:\Windows\SysWow64\ssubtmr6.dll
2014-01-10 17:29:40    36864    ----a-w-    C:\Windows\SysWow64\trayicon_handler.ocx
2014-01-10 17:29:40    28672    ----a-w-    C:\Windows\SysWow64\mousewheel.ocx
2014-01-10 17:29:40    212240    ----a-w-    C:\Windows\SysWow64\richtx32.ocx
2014-01-10 17:29:40    164144    ----a-w-    C:\Windows\SysWow64\comct232.ocx
2014-01-10 17:29:39    --------    d-----w-    C:\Program Files (x86)\DVD Flick
2014-01-08 16:07:45    --------    d-----w-    C:\Users\Home\AppData\Local\Apple Computer
2014-01-08 16:07:40    33240    ----a-w-    C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-01-08 16:07:24    --------    d-----w-    C:\Program Files\iPod
2014-01-08 16:07:14    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-08 16:07:14    --------    d-----w-    C:\Program Files\iTunes
2014-01-08 16:07:14    --------    d-----w-    C:\Program Files (x86)\iTunes
2014-01-08 16:06:43    --------    d-----w-    C:\Users\Home\AppData\Local\Apple
2014-01-08 16:06:20    --------    d-----w-    C:\Program Files\Bonjour
2014-01-08 16:06:20    --------    d-----w-    C:\Program Files (x86)\Bonjour
2014-01-03 18:32:12    --------    d-----w-    C:\Users\Home\AppData\Local\temp
2014-01-03 18:28:50    --------    d-sh--w-    C:\$RECYCLE.BIN
.
==================== Find3M  ====================
.
2014-01-16 03:52:21    107552    ----a-w-    C:\Windows\System32\RTNUninst64.dll
2014-01-16 03:31:53    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-16 03:31:53    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-20 16:14:50    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2013-12-19 18:53:46    6671648    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-12-19 18:53:46    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-12-19 18:53:44    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-12-19 18:53:44    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-12-19 18:53:44    386336    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-12-19 17:20:22    590112    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2013-12-18 17:45:19    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-18 17:45:19    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-12-18 17:45:19    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-12-18 17:45:18    43152    ----a-w-    C:\Windows\avastSS.scr
2013-12-18 11:13:56    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2013-12-10 16:31:45    89304    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2013-12-05 08:42:30    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-12-05 08:42:26    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-12-05 08:42:26    32544    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2013-12-01 01:39:55    108760    ----a-w-    C:\Windows\System32\SET98C8.tmp
2013-11-28 13:38:22    31520    ----a-w-    C:\Windows\System32\nvhdap64.dll
2013-11-28 13:38:18    197408    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 19:26:48    1884448    ----a-w-    C:\Windows\System32\nvdispco6433193.dll
2013-11-23 19:26:48    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433193.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-22 08:36:08    1515296    ----a-w-    C:\Windows\System32\nvhdagenco6420103.dll
2013-11-14 11:55:24    1884448    ----a-w-    C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:55:24    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433182.dll
2013-11-14 11:55:22    3069608    ----a-w-    C:\Windows\System32\SET8349.tmp
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
.
============= FINISH: 17:24:17.97 ===============

 

 

 

 

Waiting on ComboFix scan for the log...don't want my PC to restart and lose my browser progress.

 

ComboFix log...

 

ComboFix 14-01-21.03 - Home 01/21/2014  17:37:32.3.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4095.2491 [GMT -5:00]
Running from: c:\users\Home\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SET3207.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-21 to 2014-01-21  )))))))))))))))))))))))))))))))
.
.
2014-01-21 22:41 . 2014-01-21 22:44    --------    d-----w-    c:\users\Home\AppData\Local\temp
2014-01-21 22:41 . 2014-01-21 22:41    --------    d-----w-    c:\users\Public\AppData\Local\temp
2014-01-21 22:41 . 2014-01-21 22:41    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-01-21 11:22 . 2013-12-16 06:54    10315576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDB275D1-6A12-43A6-891D-2A931D05E0CE}\mpengine.dll
2014-01-20 19:48 . 2013-12-16 06:54    10315576    ------w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{53FC6863-477D-4065-88BF-8A6C14EE0975}\mpengine.dll
2014-01-18 02:13 . 2014-01-18 02:13    --------    d-----w-    c:\users\Home\.swt
2014-01-18 02:13 . 2014-01-18 02:14    --------    d-----w-    c:\users\Home\Incomplete
2014-01-16 03:53 . 2014-01-16 03:53    470376    ----a-w-    c:\windows\system32\ipcoin82.dll
2014-01-16 03:53 . 2014-01-16 03:53    45416    ----a-w-    c:\windows\system32\drivers\point64.sys
2014-01-16 03:53 . 2014-01-16 03:53    1721576    ----a-w-    c:\windows\system32\wdfcoinstaller01009.dll
2014-01-16 03:52 . 2014-01-16 03:52    888536    ----a-w-    c:\windows\system32\drivers\Rt64win7.sys
2014-01-16 03:52 . 2014-01-16 03:52    73800    ----a-w-    c:\windows\system32\RtNicProp64.dll
2014-01-16 02:53 . 2014-01-16 02:53    --------    d-----w-    c:\users\Home\AppData\Roaming\ImgBurn
2014-01-16 01:47 . 2014-01-16 01:47    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-16 01:47 . 2014-01-16 01:47    --------    d-----w-    c:\program files (x86)\Java
2014-01-16 01:45 . 2014-01-16 01:45    --------    d-----w-    c:\program files (x86)\ImgBurn
2014-01-15 10:30 . 2013-11-27 01:41    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2014-01-15 10:30 . 2013-11-27 01:41    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2014-01-15 10:30 . 2013-11-27 01:41    53248    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2014-01-15 10:30 . 2013-11-27 01:41    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2014-01-15 10:30 . 2013-11-27 01:41    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2014-01-15 10:30 . 2013-11-27 01:41    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2014-01-15 10:30 . 2013-11-27 01:41    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2014-01-15 10:30 . 2013-11-26 11:40    376768    ----a-w-    c:\windows\system32\drivers\netio.sys
2014-01-15 10:30 . 2013-11-26 10:32    3156480    ----a-w-    c:\windows\system32\win32k.sys
2014-01-10 17:30 . 2014-01-17 22:33    --------    d-----w-    c:\users\Home\AppData\Roaming\DVD Flick
2014-01-10 17:29 . 2008-08-31 18:27    28672    ----a-w-    c:\windows\SysWow64\mousewheel.ocx
2014-01-10 17:29 . 2007-08-31 23:36    36864    ----a-w-    c:\windows\SysWow64\trayicon_handler.ocx
2014-01-10 17:29 . 2004-03-09 05:00    662288    ----a-w-    c:\windows\SysWow64\mscomct2.ocx
2014-01-10 17:29 . 2004-03-09 05:00    609824    ----a-w-    c:\windows\SysWow64\comctl32.ocx
2014-01-10 17:29 . 2004-03-09 05:00    212240    ----a-w-    c:\windows\SysWow64\richtx32.ocx
2014-01-10 17:29 . 2003-01-26 18:41    40960    ----a-w-    c:\windows\SysWow64\ssubtmr6.dll
2014-01-10 17:29 . 1998-06-24 05:00    164144    ----a-w-    c:\windows\SysWow64\comct232.ocx
2014-01-10 17:29 . 2014-01-10 17:29    --------    d-----w-    c:\program files (x86)\DVD Flick
2014-01-08 16:07 . 2014-01-08 19:04    --------    d-----w-    c:\users\Home\AppData\Roaming\Apple Computer
2014-01-08 16:06 . 2014-01-08 16:06    --------    d-----w-    c:\programdata\Apple
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-16 03:52 . 2013-12-01 01:39    107552    ----a-w-    c:\windows\system32\RTNUninst64.dll
2014-01-16 03:31 . 2013-12-14 23:47    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-16 03:31 . 2013-12-14 23:47    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-15 11:28 . 2013-07-07 03:42    86054176    ----a-w-    c:\windows\system32\MRT.exe
2013-12-20 16:14 . 2013-12-18 17:45    79672    ----a-w-    c:\windows\system32\drivers\aswstm.sys
2013-12-19 20:33 . 2013-09-21 14:15    61216    ----a-w-    c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-09-21 14:15    53024    ----a-w-    c:\windows\SysWow64\OpenCL.dll
2013-12-19 18:53 . 2013-09-21 14:15    6671648    ----a-w-    c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-09-21 14:15    3490080    ----a-w-    c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-09-21 14:15    922912    ----a-w-    c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-09-21 14:15    63776    ----a-w-    c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-09-21 14:15    386336    ----a-w-    c:\windows\system32\nvmctray.dll
2013-12-19 17:20 . 2013-12-19 17:20    590112    ----a-w-    c:\windows\SysWow64\nvStreaming.exe
2013-12-18 17:45 . 2013-09-04 03:40    422216    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2013-12-18 17:45 . 2013-09-04 03:40    1034464    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-12-18 17:45 . 2013-09-04 03:40    207904    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-12-18 17:45 . 2013-09-04 03:40    78648    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-12-18 17:45 . 2013-09-04 03:40    334136    ----a-w-    c:\windows\system32\aswBoot.exe
2013-12-18 17:45 . 2013-09-04 03:39    43152    ----a-w-    c:\windows\avastSS.scr
2013-12-18 11:13 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2013-12-10 16:31 . 2013-12-10 16:31    89304    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-12-01 01:39 . 2013-12-01 01:39    108760    ----a-w-    c:\windows\system32\SET98C8.tmp
2013-11-26 11:54 . 2013-12-11 01:18    23183360    ----a-w-    c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 01:18    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 01:18    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 01:18    66048    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 01:18    48640    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 01:18    2764288    ----a-w-    c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 01:18    53760    ----a-w-    c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 01:18    33792    ----a-w-    c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 01:18    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 01:18    574976    ----a-w-    c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 01:18    139264    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 01:18    111616    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 01:18    708608    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 01:18    218624    ----a-w-    c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 01:17    5769216    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 01:18    553472    ----a-w-    c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 01:17    4243968    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 01:18    1995264    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-11 01:18    12996608    ----a-w-    c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 01:18    1928192    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 01:18    2334208    ----a-w-    c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 01:18    1395200    ----a-w-    c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 01:18    817664    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 01:18    1820160    ----a-w-    c:\windows\SysWow64\wininet.dll
2013-11-23 19:26 . 2013-12-05 07:09    1884448    ----a-w-    c:\windows\system32\nvdispco6433193.dll
2013-11-23 19:26 . 2013-12-05 07:09    1511712    ----a-w-    c:\windows\system32\nvdispgenco6433193.dll
2013-11-23 18:26 . 2013-12-11 01:09    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 01:09    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-11-14 11:55 . 2013-12-05 06:59    1884448    ----a-w-    c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:55 . 2013-12-05 06:59    1511712    ----a-w-    c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:55 . 2013-12-05 06:59    3069608    ----a-w-    c:\windows\system32\SET8349.tmp
2013-11-12 02:23 . 2013-12-11 01:09    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 01:09    2048    ----a-w-    c:\windows\SysWow64\tzres.dll
2013-11-08 00:09 . 2013-11-08 00:09    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-08 00:09 . 2013-11-08 00:09    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-11-08 00:09 . 2013-11-08 00:09    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-11-08 00:09 . 2013-11-08 00:09    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-11-08 00:09 . 2013-11-08 00:09    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-11-08 00:09 . 2013-11-08 00:09    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-11-08 00:09 . 2013-11-08 00:09    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-11-08 00:09 . 2013-11-08 00:09    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-11-08 00:09 . 2013-11-08 00:09    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-11-08 00:09 . 2013-11-08 00:09    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-11-08 00:09 . 2013-11-08 00:09    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-11-08 00:09 . 2013-11-08 00:09    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-08 00:09 . 2013-11-08 00:09    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-08 00:09 . 2013-11-08 00:09    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-11-08 00:09 . 2013-11-08 00:09    626176    ----a-w-    c:\windows\system32\msfeeds.dll
2013-11-08 00:09 . 2013-11-08 00:09    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-11-08 00:09 . 2013-11-08 00:09    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-11-08 00:09 . 2013-11-08 00:09    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-11-08 00:09 . 2013-11-08 00:09    61952    ----a-w-    c:\windows\SysWow64\iesetup.dll
2013-11-08 00:09 . 2013-11-08 00:09    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-11-08 00:09 . 2013-11-08 00:09    548352    ----a-w-    c:\windows\system32\vbscript.dll
2013-11-08 00:09 . 2013-11-08 00:09    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-11-08 00:09 . 2013-11-08 00:09    51200    ----a-w-    c:\windows\SysWow64\ieetwproxystub.dll
2013-11-08 00:09 . 2013-11-08 00:09    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-11-08 00:09 . 2013-11-08 00:09    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-11-08 00:09 . 2013-11-08 00:09    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-11-08 00:09 . 2013-11-08 00:09    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-11-08 00:09 . 2013-11-08 00:09    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-11-08 00:09 . 2013-11-08 00:09    413696    ----a-w-    c:\windows\system32\html.iec
2013-11-08 00:09 . 2013-11-08 00:09    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-08 00:09 . 2013-11-08 00:09    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-11-08 00:09 . 2013-11-08 00:09    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-08 00:09 . 2013-11-08 00:09    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-11-08 00:09 . 2013-11-08 00:09    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-11-08 00:09 . 2013-11-08 00:09    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-11-08 00:09 . 2013-11-08 00:09    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-11-08 00:09 . 2013-11-08 00:09    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-11-08 00:09 . 2013-11-08 00:09    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-11-08 00:09 . 2013-11-08 00:09    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-11-08 00:09 . 2013-11-08 00:09    235520    ----a-w-    c:\windows\system32\url.dll
2013-11-08 00:09 . 2013-11-08 00:09    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-11-08 00:09 . 2013-11-08 00:09    195584    ----a-w-    c:\windows\system32\msrating.dll
2013-11-08 00:09 . 2013-11-08 00:09    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-11-08 00:09 . 2013-11-08 00:09    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-11-08 00:09 . 2013-11-08 00:09    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="c:\program files (x86)\AWS\WeatherBug\Weather.exe" [2013-06-05 1653760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-18 3764024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R4 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-18 17:45    287280    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.com/
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
Trusted Zone: localhost
Trusted Zone: localhost
TCP: DhcpNameServer = 24.247.24.53 66.189.0.100 24.178.162.3
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3qw2ck9t.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Completion time: 2014-01-21  17:46:53 - machine was rebooted
ComboFix-quarantined-files.txt  2014-01-21 22:46
.
Pre-Run: 416,024,498,176 bytes free
Post-Run: 416,075,800,576 bytes free
.
- - End Of File - - 8344F4EF7C59D61C76424EB1083C624C
A36C5E4F47E84449FF07ED3517B43A31

Attached Files


Edited by bobbybrantley, 21 January 2014 - 05:52 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:42 PM

Posted 26 January 2014 - 05:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/521617 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 27 January 2014 - 09:23 AM

Was getting harrassing phone calls targeting my grandfather, they were telling me my computer was infected and sending malicious data blahblahblah. They tried getting in a couple different ways. I have Avast 2014 Free installed with all of the settings as best as they can be w/o affecting computer performance. I keep all my software up to date, regularly check for windows updates. Use good browser add ons for firefox. I see troubling things in event viewer under administrative logs and other areas that I can't explain and don't have the advanced OS knowledge to decipher what they are.

 

Windows Home Premium 64-bit SP1

 

Yes I have my OS install disc

 

Attached File  dds.txt   13.75KB   0 downloads

 

Attached File  attach.txt   5.35KB   1 downloads



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 28 January 2014 - 10:16 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your logs are clean. Let me check further.

Download correct tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===


Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#5 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 28 January 2014 - 01:44 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Home (administrator) on HOME-PC on 28-01-2014 13:19:35
Running from C:\Users\Home\Desktop\farbar
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-22] (AVAST Software)
HKCU\...\Run: [Weather] - C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653760 2013-06-05] (AWS Convergence Technologies, Inc.)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {D4C01E99-4E85-479D-88A9-D0C0C73A3CC2} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {D4C01E99-4E85-479D-88A9-D0C0C73A3CC2} URL = https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: avast! Ad Blocker - {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 24.247.24.53 66.189.0.100 24.178.162.3

FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3qw2ck9t.default
FF Homepage: https://www.google.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Extension: HTTPS-Everywhere - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3qw2ck9t.default\Extensions\https-everywhere@eff.org [2014-01-04]
FF Extension: Adblock Plus - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3qw2ck9t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-03]

==================== Services (Whitelisted) =================

S4 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-22] (AVAST Software)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-01-15] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-22] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-18] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 13:19 - 2014-01-28 13:19 - 00000000 ____D C:\FRST
2014-01-28 13:18 - 2014-01-28 13:19 - 00000000 ____D C:\Users\Home\Desktop\farbar
2014-01-28 13:06 - 2014-01-28 13:06 - 00109688 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-27 12:05 - 2014-01-27 16:00 - 00000000 ____D C:\Users\Home\Desktop\Shows
2014-01-22 21:19 - 2014-01-22 21:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-22 21:19 - 2014-01-22 21:19 - 00000000 ____D C:\Program Files\iPod
2014-01-22 21:18 - 2014-01-22 21:19 - 00000000 ____D C:\Program Files\iTunes
2014-01-22 21:18 - 2014-01-22 21:19 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-21 20:23 - 2014-01-21 20:23 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-21 17:36 - 2014-01-21 17:46 - 00000000 ____D C:\Qoobox
2014-01-21 15:45 - 2014-01-21 15:45 - 00000017 _____ C:\Users\Home\AppData\Local\resmon.resmoncfg
2014-01-15 23:14 - 2014-01-15 23:14 - 44032000 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-01-15 22:55 - 2014-01-15 22:55 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 01985024 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 01713664 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00689840 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-01-15 22:55 - 2014-01-15 22:55 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00248952 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00070776 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-01-15 22:55 - 2014-01-15 22:55 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-01-15 22:55 - 2014-01-15 22:55 - 00000000 ____D C:\Windows\system32\SRSLabs
2014-01-15 22:55 - 2014-01-15 22:55 - 00000000 ____D C:\Program Files\VIA
2014-01-15 22:54 - 2014-01-15 22:54 - 00003040 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2014-01-15 22:53 - 2014-01-15 22:53 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2014-01-15 22:53 - 2014-01-15 22:53 - 00470376 _____ (Microsoft Corporation) C:\Windows\system32\ipcoin82.dll
2014-01-15 22:53 - 2014-01-15 22:53 - 00045416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\point64.sys
2014-01-15 22:53 - 2014-01-15 22:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-01-15 22:52 - 2014-01-15 22:52 - 00888536 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-15 22:52 - 2014-01-15 22:52 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-15 22:40 - 2013-12-19 15:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-15 22:40 - 2013-12-19 15:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-15 22:40 - 2013-12-05 03:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-01-15 22:40 - 2013-12-05 03:42 - 00035104 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-01-15 22:40 - 2013-12-05 03:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-01-15 22:40 - 2013-11-28 08:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-15 22:40 - 2013-11-28 08:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-15 22:40 - 2013-11-22 03:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-15 21:53 - 2014-01-15 21:53 - 00000000 ____D C:\Users\Home\AppData\Roaming\ImgBurn
2014-01-15 20:47 - 2014-01-15 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-15 20:47 - 2014-01-15 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-15 20:47 - 2014-01-15 20:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 20:47 - 2014-01-15 20:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-15 20:47 - 2014-01-15 20:47 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-15 20:45 - 2014-01-15 21:53 - 00001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2014-01-15 20:45 - 2014-01-15 20:45 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2014-01-15 05:30 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 05:30 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 05:30 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 05:30 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 05:30 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 05:30 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 05:30 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 05:30 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 05:30 - 2013-11-26 05:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 12:30 - 2014-01-27 16:00 - 00000000 ____D C:\Users\Home\AppData\Roaming\DVD Flick
2014-01-10 12:29 - 2014-01-10 12:29 - 00000000 ____D C:\Program Files (x86)\DVD Flick
2014-01-10 12:29 - 2008-08-31 13:27 - 00028672 _____ (-) C:\Windows\SysWOW64\mousewheel.ocx
2014-01-10 12:29 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2014-01-10 12:29 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2014-01-10 12:29 - 2004-03-09 00:00 - 00609824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2014-01-10 12:29 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2014-01-10 12:29 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2014-01-10 12:29 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2014-01-08 11:07 - 2014-01-08 14:04 - 00000000 ____D C:\Users\Home\AppData\Roaming\Apple Computer
2014-01-08 11:07 - 2014-01-08 11:07 - 00000000 ____D C:\Users\Home\AppData\Local\Apple Computer
2014-01-08 11:07 - 2014-01-08 11:07 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-08 11:07 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-01-08 11:06 - 2014-01-22 21:15 - 00000000 ____D C:\ProgramData\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Users\Home\AppData\Local\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files\Bonjour
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-03 14:37 - 2014-01-03 14:41 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-03 14:37 - 2014-01-03 14:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 12613920 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00302464 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6232e.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00278016 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032e.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00229984 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\89156004.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00094208 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00008192 _____ () C:\Windows\system32\Drivers\ASACPI.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-03 14:37 - 2014-01-03 14:40 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-01 08:42 - 2014-01-01 08:42 - 00001990 _____ C:\Users\Public\Desktop\MP3 Rocket 6.4.4.lnk

==================== One Month Modified Files and Folders =======

2014-01-28 13:19 - 2014-01-28 13:19 - 00000000 ____D C:\FRST
2014-01-28 13:19 - 2014-01-28 13:18 - 00000000 ____D C:\Users\Home\Desktop\farbar
2014-01-28 13:19 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
2014-01-28 13:18 - 2013-07-07 01:01 - 01207956 _____ C:\Windows\WindowsUpdate.log
2014-01-28 13:06 - 2014-01-28 13:06 - 00109688 _____ C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-28 13:06 - 2013-07-07 06:58 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-27 16:24 - 2013-09-11 20:20 - 00000000 ____D C:\Users\Home\AppData\Local\WeatherBug
2014-01-27 16:00 - 2014-01-27 12:05 - 00000000 ____D C:\Users\Home\Desktop\Shows
2014-01-27 16:00 - 2014-01-10 12:30 - 00000000 ____D C:\Users\Home\AppData\Roaming\DVD Flick
2014-01-27 16:00 - 2013-07-16 16:35 - 00000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
2014-01-27 11:29 - 2013-07-06 22:08 - 00000000 ____D C:\Users\Home
2014-01-27 11:27 - 2013-08-21 22:46 - 00000000 ____D C:\Users\Home\AppData\Roaming\LolClient
2014-01-27 10:18 - 2013-12-14 18:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-27 10:18 - 2013-12-14 18:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-25 14:24 - 2013-11-15 17:25 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2014-01-25 12:51 - 2009-07-13 23:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 12:51 - 2009-07-13 23:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 12:49 - 2009-07-14 00:13 - 00753248 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 12:44 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-24 11:24 - 2013-07-25 03:38 - 00000000 ____D C:\Program Files\CCleaner
2014-01-24 09:12 - 2013-12-18 16:45 - 00000000 ____D C:\Users\Home\AppData\Roaming\TS3Client
2014-01-22 21:19 - 2014-01-22 21:19 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-22 21:19 - 2014-01-22 21:19 - 00000000 ____D C:\Program Files\iPod
2014-01-22 21:19 - 2014-01-22 21:18 - 00000000 ____D C:\Program Files\iTunes
2014-01-22 21:19 - 2014-01-22 21:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-22 21:15 - 2014-01-08 11:06 - 00000000 ____D C:\ProgramData\Apple
2014-01-22 21:08 - 2013-09-03 22:40 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-22 21:05 - 2013-12-18 12:45 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-22 21:05 - 2013-09-03 22:40 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-22 21:05 - 2013-09-03 22:40 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-22 21:05 - 2013-09-03 22:40 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-22 21:05 - 2013-09-03 22:40 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-22 21:05 - 2013-09-03 22:40 - 00001966 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-22 21:05 - 2013-09-03 22:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-21 20:28 - 2013-11-05 05:43 - 67534848 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-01-21 20:28 - 2013-11-05 05:43 - 00507904 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-01-21 20:28 - 2013-11-05 05:43 - 00028672 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-01-21 20:28 - 2013-11-05 05:43 - 00024576 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2014-01-21 20:23 - 2014-01-21 20:23 - 00000000 ____D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-21 20:22 - 2013-11-05 20:42 - 00000000 ____D C:\Users\Home\AppData\Roaming\MP3Rocket
2014-01-21 18:58 - 2013-07-07 01:19 - 00000000 ____D C:\Users\Home\AppData\Local\Adobe
2014-01-21 18:56 - 2013-11-05 20:42 - 00000000 ____D C:\Program Files (x86)\MP3 Rocket
2014-01-21 17:46 - 2014-01-21 17:36 - 00000000 ____D C:\Qoobox
2014-01-21 17:44 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
2014-01-21 15:45 - 2014-01-21 15:45 - 00000017 _____ C:\Users\Home\AppData\Local\resmon.resmoncfg
2014-01-16 16:20 - 2013-09-16 02:30 - 00000000 ____D C:\Program Files (x86)\IObit
2014-01-16 16:19 - 2013-07-06 22:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-16 09:59 - 2010-11-20 22:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-15 23:15 - 2013-07-06 22:14 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-15 23:14 - 2014-01-15 23:14 - 44032000 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2014-01-15 22:55 - 2014-01-15 22:55 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 01985024 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 01713664 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00689840 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-01-15 22:55 - 2014-01-15 22:55 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00248952 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00070776 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-01-15 22:55 - 2014-01-15 22:55 - 00053760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2014-01-15 22:55 - 2014-01-15 22:55 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-01-15 22:55 - 2014-01-15 22:55 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-01-15 22:55 - 2014-01-15 22:55 - 00000000 ____D C:\Windows\system32\SRSLabs
2014-01-15 22:55 - 2014-01-15 22:55 - 00000000 ____D C:\Program Files\VIA
2014-01-15 22:54 - 2014-01-15 22:54 - 00003040 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2014-01-15 22:54 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-15 22:53 - 2014-01-15 22:53 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2014-01-15 22:53 - 2014-01-15 22:53 - 00470376 _____ (Microsoft Corporation) C:\Windows\system32\ipcoin82.dll
2014-01-15 22:53 - 2014-01-15 22:53 - 00045416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\point64.sys
2014-01-15 22:53 - 2014-01-15 22:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_point64_01009.Wdf
2014-01-15 22:52 - 2014-01-15 22:52 - 00888536 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-01-15 22:52 - 2014-01-15 22:52 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-01-15 22:52 - 2013-11-30 20:39 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-01-15 22:50 - 2013-09-16 02:30 - 00000000 ____D C:\Users\Home\AppData\Roaming\IObit
2014-01-15 22:50 - 2013-09-16 02:30 - 00000000 ____D C:\ProgramData\IObit
2014-01-15 22:40 - 2013-12-05 02:03 - 00000000 ____D C:\Users\Home\AppData\Local\NVIDIA Corporation
2014-01-15 22:40 - 2013-07-06 22:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-15 21:53 - 2014-01-15 21:53 - 00000000 ____D C:\Users\Home\AppData\Roaming\ImgBurn
2014-01-15 21:53 - 2014-01-15 20:45 - 00001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2014-01-15 20:47 - 2014-01-15 20:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-15 20:47 - 2014-01-15 20:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-15 20:47 - 2014-01-15 20:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 20:47 - 2014-01-15 20:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-15 20:47 - 2014-01-15 20:47 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-15 20:45 - 2014-01-15 20:45 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2014-01-15 06:29 - 2013-07-09 17:56 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 06:28 - 2013-07-06 22:42 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-10 12:29 - 2014-01-10 12:29 - 00000000 ____D C:\Program Files (x86)\DVD Flick
2014-01-08 14:04 - 2014-01-08 11:07 - 00000000 ____D C:\Users\Home\AppData\Roaming\Apple Computer
2014-01-08 11:07 - 2014-01-08 11:07 - 00000000 ____D C:\Users\Home\AppData\Local\Apple Computer
2014-01-08 11:07 - 2014-01-08 11:07 - 00000000 ____D C:\ProgramData\Apple Computer
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Users\Home\AppData\Local\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files\Bonjour
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files (x86)\Bonjour
2014-01-08 11:06 - 2014-01-08 11:06 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2014-01-04 13:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-03 14:41 - 2014-01-03 14:37 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-03 14:41 - 2014-01-03 14:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 12613920 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00883928 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00302464 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6232e.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00278016 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1e6032e.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00229984 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\89156004.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00094208 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00008192 _____ () C:\Windows\system32\Drivers\ASACPI.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-03 14:40 - 2014-01-03 14:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-03 13:26 - 2013-09-03 23:40 - 00000000 ____D C:\Windows\erdnt
2014-01-01 09:23 - 2013-07-07 01:25 - 00000000 ____D C:\Program Files\WinRAR
2014-01-01 08:42 - 2014-01-01 08:42 - 00001990 _____ C:\Users\Public\Desktop\MP3 Rocket 6.4.4.lnk
2014-01-01 08:40 - 2013-07-07 01:26 - 00001108 _____ C:\Users\Public\Desktop\WinRAR.lnk
2014-01-01 08:40 - 2013-07-07 01:26 - 00000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 06:47

==================== End Of Log ============================

 

 

 

# AdwCleaner v3.018 - Report created 28/01/2014 at 13:24:47
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Home - HOME-PC
# Running from : C:\Users\Home\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3qw2ck9t.default\prefs.js ]


*************************

AdwCleaner[R2].txt - [767 octets] - [28/01/2014 13:23:47]
AdwCleaner[S2].txt - [689 octets] - [28/01/2014 13:24:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [748 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Home on Tue 01/28/2014 at 13:34:14.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\eusing free registry cleaner"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free registry cleaner"
Successfully deleted: [Folder] "C:\Users\Home\AppData\Roaming\microsoft\windows\start menu\programs\free registry cleaner"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\3qw2ck9t.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/28/2014 at 13:40:03.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 29 January 2014 - 08:54 AM

Looking good.
Please run this scan and let me know of any remaining issues with this computer.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

#7 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 29 January 2014 - 06:43 PM

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9016)   
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 51  
  Adobe Flash Player 12.0.0.43 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#8 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 29 January 2014 - 06:48 PM

See that says out of date, but on adobes site I have the latest version, so idk what that means.

 

Also do you think it would be wise to just go away from using free security programs and get a bitdefender or kaspersky internet suite?



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 30 January 2014 - 09:33 AM

Adobe Flash Player 12.0.0.43 Flash Player out of Date

You have the latest version. The tool needs to be updated.
===
 

Also do you think it would be wise to just go away from using free security programs and get a bitdefender or kaspersky internet suite?

It's your call. I know that you will no longer be asked to update and get the paid version.


If you decide to change make sure you remove Avast completely. Use their Uninstaller.
AVAST Uninstall Utility

http://www.avast.com/uninstall-utility
===



If all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
Ignore if ComboFix was not used.
===


Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#10 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 30 January 2014 - 11:46 AM

I do have Automatic Updates set, I also patch my system every Patch Tuesday. Also I keep all my software up-to-date and check for updates regularly. I've never really had any issues with Avast, always thought it was the best free AV when I read about different reviews and AV lab testing. I'd prefer not to use MSE, I feel it is inferior to AVG and Avast. Your thoughts?

 

Also, is there a reason you did not include Zone Alarm free firewall, and is a software firewall really needed if Windows Firewall is always turned on?

 

I do keep MBAM free on my machine and update it daily just in case.

 

I only use Firefox, very rarely IE, although I still keep it updated with updated addons.

 

Right now I've got HTTPS Everywhere 3.4.5, Adblock Plus 2.4.1 with all 4 default filters, and avast! Online Security 9.0.2013.75 with everything blocked and enabled except for SafeZone. It seems to keep everything at bay, I have considered getting NoScript in the past I just don't know what optimal settings would be like I don't want to sacrifice use and convenience to the point where I'm clicking to add exceptions or allowing content to play on every webpage. WOT I don't feel is necessary given my other current extensions.

 

Also with Spyware Blaster, I'd like to install it, but will it create processes and or services running in the background? I have a very old PC hardware wise so I try to keep it relatively not bogged down.


Edited by bobbybrantley, 30 January 2014 - 11:47 AM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 30 January 2014 - 02:03 PM


I'd prefer not to use MSE, I feel it is inferior to AVG and Avast. Your thoughts?

Very subjective. I use Norton 360 and never had a problem. Your call.

Zone Alarm free firewall, and is a software firewall really needed if Windows Firewall is always turned


Zone Alarm free comes bundled with Adware.
The main idea is to have A firewall.

===

If you have no problems with the rest of your add-ons, extensions just stay like that.

If you try anything else, test it and if having problems remove it.

#12 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 30 January 2014 - 03:31 PM

I'm just talking about free products though, everything I read and have read says that Avast and AVG are superior to MSE. Only thing MSE triumphs in is overall system resource impact.

 

I mean I'm sure using Norton, Kaspersky, or BitDefender internet suites all do relatively the same job.

 

When you say bundled with Adware you mean boxes that people have to uncheck so it doesn't come preinstalled?

 

As long as I have Windows Firewall though I should be ok? Or would you recommend the other 3 as better alternatives as far as performance and keeping bad things out?



#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 31 January 2014 - 07:56 AM

When you say bundled with Adware you mean boxes that people have to uncheck so it doesn't come preinstalled?

I do not know if you are given a chance to uncheck their installation. It may be installed without your consent.
I know that the AdwCleaner tool will remove them.
===

As long as I have Windows Firewall though I should be ok? Or would you recommend the other 3 as better alternatives as far as performance and keeping bad things out?

No programs can remove everyting. Each one of them is updated frequently. But unfortunately they are many new bad progams created every day.

As for an other Firewall you will have to test it. Just make sure you do not have two of them working/enable at any given time.

#14 bobbybrantley

bobbybrantley
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 31 January 2014 - 12:44 PM

I'm going to try your recommendation of Comodo Firewall, I've heard and read good things about it. Also I'm going to use SpywareBlaster. With using these extra programs I disable Windows Firewall and Windows Defender correct?

 

Also I'd like to thank for all the help, the wait times weren't that long and I usually get a response daily. Bleepingcomputer has been a tremendous help!



#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,521 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:42 PM

Posted 31 January 2014 - 02:13 PM

Windows Defender may work with Comodo.

If your system slows down then disable it and see if you get some improvement.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users