Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I have Adio Trojan annoying Help Pls


  • Please log in to reply

#1
alhawi

alhawi

    Member

  • Member
  • PipPipPip
  • 123 posts
Hi,
My computer acting weird there is an audio from commercials, I don't see any program running and I don't know the origin of these commercials. by the way I have an old version of OTL I don't know it works or not.
I ran OTL and this is the log:

OTL Extras logfile created on: Monday 12 30 2013 11:56:56 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dddd M/d/yyyy

3.80 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 41.62% Memory free
7.60 Gb Paging File | 5.08 Gb Available in Paging File | 66.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.20 Gb Total Space | 353.66 Gb Free Space | 79.26% Space Free | Partition Type: NTFS
Drive D: | 19.26 Gb Total Space | 2.80 Gb Free Space | 14.51% Space Free | Partition Type: NTFS

Computer Name: OWNER-HP | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079B6450-6348-488D-967D-115F27F10943}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1019F563-07A1-4461-BE65-3B22DE80E53C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{117AABBC-9AA5-4D23-8147-769C495E3150}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2590C3AA-EDB1-42C8-8743-C6DBEB9FF1B5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F68B35D-9C54-496E-BB75-043052F2A70E}" = lport=137 | protocol=17 | dir=in | app=system |
"{3B8F8239-02E7-41A6-9F59-173E2CDB8988}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CC858A2-B900-4576-ADF7-C6E6452244B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{42FE78EE-88A7-4B11-B70E-9E5288098713}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4B394D30-03E3-420B-A245-E063FF1CEB96}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DC02456-127B-44E7-942F-2F0F85E449F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63B0365F-8410-4B43-900F-3D7E310668B8}" = rport=138 | protocol=17 | dir=out | app=system |
"{65045BE6-F40E-4062-8706-7A776DB6BE19}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E16D0E9-B6B5-4759-B7F5-9A5110BF01EB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{7D50EE50-C1D2-48F0-8BB9-20735C302C33}" = lport=138 | protocol=17 | dir=in | app=system |
"{960A1A09-0F7B-44AA-9BB8-512A8CB048EC}" = rport=139 | protocol=6 | dir=out | app=system |
"{98D31AD4-53C7-4575-8887-900A286803E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A46D3A02-4BBF-4F82-BB88-1E2F5CAEB24D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0D8B349-E26E-45F7-AF11-4E24875161F9}" = rport=137 | protocol=17 | dir=out | app=system |
"{B4304C2A-2992-4917-917B-465FD3E44644}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B6B9AC35-3DDA-4811-A4E3-B437C0E0DF01}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B864E690-D93B-40CF-ADB5-100EC086A289}" = lport=445 | protocol=6 | dir=in | app=system |
"{BB57C71E-99EF-4ECA-ACEC-FB5D328E54C1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C2C5B95A-A707-46D8-AF37-D14930113D18}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DA248C82-CA51-43AA-B98F-A6AEC7705F89}" = lport=10777 | protocol=17 | dir=in | name=passware kit enterprise 9.7 |
"{DADFA3A2-1DFC-4BB2-ABB0-AAD564E0A522}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E36A49D8-FFA0-4981-B072-99F7782588BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6B86F1B-1397-4613-85B3-1AC895E0AE0D}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{EC334DD5-BFA0-4279-9E4B-D841C18EBCEE}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E4F2F4-4F15-4269-B4C9-14056E8BD639}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{01A386E2-4A58-4B02-B7D4-166E3BBE217E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{02A1E053-3891-45E3-A739-8EF9630EEA13}" = protocol=1 | dir=in | [email protected],-28543 |
"{033894EE-C75F-4809-A77F-99B1C82792DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0738FF13-AF46-4029-8C53-977DCBCF0F6A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{082E278E-5E6D-498A-B1E3-91A5F1572425}" = dir=in | app=c:\users\owner\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{09E3F106-1204-4817-9AAE-B9D7A20F00C2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{0EBF909F-8D87-4E49-B29D-F33467B8D5D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17E53114-FDF7-4C79-8156-E4ADEE46BCA1}" = protocol=6 | dir=out | app=system |
"{19783A48-DC85-4B3C-8398-00CDE5DCF599}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1EACA801-1AD5-4509-8125-9CED4237B844}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{214B5E7B-D1ED-4238-9281-C430A3963BE2}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{23DAACCA-1D58-4CEA-95F3-7517C0298E0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2F921200-4290-4A65-9EFA-7EE093F82C16}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{32B7839C-1A31-4DFA-B963-1AF271E10B34}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{3CD149B9-39A5-4F5A-85D5-9D5554C4FB23}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{42D9957A-1DDD-4268-8D39-FBDBDE6345BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{52A61C09-A5AC-4F5E-810E-B82F44C04585}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63DE6946-893F-481A-8337-CCF62D993377}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{6CA431BB-F3CE-4150-891C-2C4145DC7BB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E7BB145-11CD-4A3D-9778-2D6D50746DDF}" = dir=in | app=e:\setup\hpznui40.exe |
"{72326C24-16B6-43CE-BFE7-786BBB50439E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{783D05B9-951C-468F-9C29-9AFBE200AEF1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{799BD0B3-CEC9-401F-BCB0-18D56142971C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7B7C0C62-787E-4CD2-86C1-FBD347D646E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7BBC6D79-9DCE-4440-9CC3-DA6964D9F466}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{7C3D68DE-F0E3-421F-BC00-C218FE04A9E2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{7E1B04F6-DC05-4DF0-88FA-EC882B32FC67}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{7F2F1155-8E1E-4D24-9250-FF1DB007C9A6}" = protocol=58 | dir=in | [email protected],-28545 |
"{88A87DBE-2298-4A9D-B30C-867760A3EB9A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{8D9D1FBF-0C94-486F-9961-AF1D66E9DFB1}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{ADE9B8A3-721E-4478-961D-08350DC08D33}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B3C21FA0-E319-4935-BAC7-991DDB05C1EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{B45CF53C-223B-4050-93D1-FF6AE7FA2FD9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B480BB2A-F10C-4873-BF65-E2B752C2C82F}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{B93690C2-26C0-4EFA-954B-A1491DB73B7F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B936F3F6-10C2-4FD6-8B50-EAAF5BFC6507}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{BE678E29-9682-4B94-AE63-FBCE98C0BF8F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C273C8C4-7EE1-4AFA-8DE0-49B55733BDEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3C89DAC-B0F1-47C0-B8CF-D5A338CDB2B7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8982F5D-91DE-4BAD-BC90-6BFE8AB87196}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{C9B9AB32-6AC8-4927-957C-6FD0242A7CA4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D0C87859-7521-4AAA-9C69-B3111D91BF35}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D23F2545-59FE-4B03-9597-B5781A2129DC}" = protocol=58 | dir=out | [email protected],-28546 |
"{D566DAB4-1AD8-425E-BE2B-BB631593B39C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8B06BDE-F2D5-4176-9FC6-042D5515C8DB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{DD9972D6-EB98-4657-8299-DA06A4518A6B}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{DDBEE5C8-7CCF-4723-A057-E497DF5FF30A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E3E58C0D-8CB9-4CC5-9F4E-09AC2D5EA4B8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E709389D-4A66-46A0-A711-1EF949DEC433}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3A060B6-DE99-4535-8433-C8ABD20065B0}" = protocol=1 | dir=out | [email protected],-28544 |
"{FD3512E8-6944-4EA4-84AB-A5984AA08771}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FF3F547B-E622-4CFF-9F13-1B0200026617}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"TCP Query User{0A1E760F-F9FC-4A92-9E76-0F900809CD02}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{117F13F0-9652-467B-841F-5665CD9D8F08}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{50C0A3B3-4C31-4413-8875-650F73C14936}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{99094BF3-97EE-41A9-879A-F944BE8144C1}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |
"TCP Query User{B6B8C36C-4CF5-4EE4-A3D0-32AEC10F5365}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |
"TCP Query User{E193A027-83F3-4A9D-8450-0A8F46294CC3}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{07CE17C2-87EB-4ADB-A9F8-AE3C139C7DE8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{12986575-B154-4B3D-BFB3-B2C5E1C12C5E}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |
"UDP Query User{288DF05A-370E-4CCA-94BA-3822FCBC6856}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{67CA7ED8-F37E-42B5-A167-23FE8816BE4C}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{69E45420-FD1E-43DC-B29C-1C34529A705E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{D1598875-F089-4460-9C9D-944630455228}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F145F5B-EB12-4132-9D5D-0D8B61E2A0F6}" = Windows 7 Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07E49BC1-24FF-4D7A-AC74-727BE95801AF}" = LightScribe System Software
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1" = BusinessCards MX
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{132234A4-9362-4829-957F-FF11715F7815}" = HP Documentation
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 5
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{31EEA563-3544-4EA1-8773-BCBF83F9627A}" = HP Software Framework
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1" = YouTube Song Downloader
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F1A88C-5322-4DF7-BDCF-9AB8F5F4041C}" = HP MediaSmart/TouchSmart Netflix
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A0C65E65-5CF2-4C16-8023-950BA678FE15}" = XTNDConnect Blue Manager 1.0.8
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF41D6B8-6A76-4F95-8AFC-D53503808167}" = YAMAHA Tyros2 Voice Editor
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{E9B6202B-7B7F-5F3C-3CFA-05C3CE978BAB}" = Ayat
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{EC582A43-F524-4018-B4A5-D2A981B6AE70}" = Payroll Accounting 2010
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE6CC1A6-D898-4D34-99B8-4D5F29E8DC91}" = Passware Kit Enterprise 9.7
"AccmeWare FileBulldog Toolbar" = AccmeWare FileBulldog Toolbar
"AD Sound Recorder_is1" = AD Sound Recorder 5.4.4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Flash Player_is1" = Adobe Flash Player 9.0.45.0
"dBpoweramp Ogg Vorbis Codec" = dBpoweramp Ogg Vorbis Codec
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JetMP3" = JetMP3
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 10.0 (x86 en-US)" = Mozilla Firefox 10.0 (x86 en-US)
"My HP Game Console" = HP Game Console
"Nimbuzz" = Nimbuzz 2.2.1
"PROPLUS" = Microsoft Office Professional Plus 2007
"RCA Detective™_is1" = RCA Detective™ 2.0.0.99
"RCA Digital Voice Manager_is1" = RCA Digital Voice Manager 5.1.1.2
"RealPlayer 15.0" = RealPlayer
"sa.edu.ksa.ayat" = Ayat
"ST6UNST #1" = Producer
"Stellarium_is1" = Stellarium 0.11.0
"Style Format 2 Converter_is1" = Style Format 2 Converter 1.17
"Style ReMixer_is1" = Style ReMixer 1.11
"Style Works 2000 Universal v1.99" = Style Works 2000 Universal v1.99
"USB Disk Security_is1" = USB Disk Security
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"3b826b783ab170b8" = Tyros Registration Memory Editor
"6c2290d276fa0f0d" = RabbitTV
"ad808331ea904e32" = Tyros Registration File Composer
"e77f897b48967c41" = Tyros Global Registration Bank Changer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - Monday 10 1 2012 11:06:16 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1045

Error - Monday 10 1 2012 11:06:17 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - Monday 10 1 2012 11:06:17 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - Monday 10 1 2012 11:06:17 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - Monday 10 1 2012 11:06:18 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - Monday 10 1 2012 11:06:18 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3104

Error - Monday 10 1 2012 11:06:18 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3104

Error - Monday 10 1 2012 11:06:19 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - Monday 10 1 2012 11:06:19 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4103

Error - Monday 10 1 2012 11:06:19 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4103

[ HP Wireless Assistant Events ]
Error - Monday 9 24 2012 1:40:29 PM | Computer Name = owner-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - Friday 11 16 2012 11:16:41 AM | Computer Name = owner-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Unexpected error at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

at HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ System Events ]
Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Event Log service failed to start due to the following
error: %%1069

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7038
Description = The DcomLaunch service was unable to log on as NT AUTHORITY\SYSTEM
with the currently configured password due to the following error: %%50 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The DCOM Server Process Launcher service failed to start due to the
following error: %%1069

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7038
Description = The AudioSrv service was unable to log on as NT AUTHORITY\LocalService
with the currently configured password due to the following error: %%50 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Audio service failed to start due to the following error:
%%1069

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7038
Description = The PlugPlay service was unable to log on as NT AUTHORITY\SYSTEM with
the currently configured password due to the following error: %%50 To ensure that
the service is configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The Plug and Play service failed to start due to the following error:
%%1069

Error - Tuesday 12 31 2013 1:04:34 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203

Error - Tuesday 12 31 2013 1:09:58 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203

Error - Tuesday 12 31 2013 1:45:31 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Please post your OTL log. You posted the Extras log.


Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#3
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Hi, Rkinner
Thanks for resonding I waited long and my computer has an annoying Audio commercials which is mixed and broadcasting in the same time together :help:
anyways I have an old version of OTL, I don't know does that work? this is the report:

OTL logfile created on: Saturday 1 4 2014 10:29:23 PM - Run 2
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dddd M/d/yyyy

3.80 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 32.69% Memory free
7.60 Gb Paging File | 4.62 Gb Available in Paging File | 60.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.20 Gb Total Space | 354.13 Gb Free Space | 79.36% Space Free | Partition Type: NTFS
Drive D: | 19.26 Gb Total Space | 2.80 Gb Free Space | 14.51% Space Free | Partition Type: NTFS

Computer Name: OWNER-HP | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013 05 11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013 03 22 05:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012 09 07 16:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012 09 07 16:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012 09 07 16:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012 07 11 15:06:24 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012 05 22 20:28:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Downloads\OTL (1).exe
PRC - [2012 05 20 12:35:20 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2010 11 09 14:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010 11 09 14:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010 06 24 23:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010 06 12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010 04 30 19:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010 04 30 19:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012 02 20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012 02 20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010 06 16 13:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010 06 16 13:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010 06 16 13:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2013 10 23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013 10 23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011 05 13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011 03 22 20:14:02 | 000,263,168 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011 03 22 20:14:02 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010 06 18 17:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009 07 13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013 12 11 13:45:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013 05 11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013 03 22 05:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012 09 07 16:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012 09 07 16:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012 07 13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010 11 09 14:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010 10 22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010 06 12 19:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010 04 30 19:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010 04 30 19:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010 04 03 17:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010 03 18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009 06 10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013 09 27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012 12 13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012 09 07 16:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012 08 21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012 03 01 00:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011 05 13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011 05 13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011 03 22 20:14:02 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011 03 11 00:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011 03 11 00:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011 02 22 11:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010 12 17 01:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010 07 28 20:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010 06 24 23:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010 06 23 11:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010 04 30 19:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2010 04 13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010 02 26 18:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010 02 03 08:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010 01 11 16:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009 07 13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009 07 13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009 07 13 19:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009 07 13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009 07 13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009 07 13 17:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009 06 10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009 06 10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009 06 10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009 06 10 14:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009 06 10 14:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009 06 10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009 06 10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009 06 10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009 06 10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008 11 11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008 11 11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008 11 11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2007 05 14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009 07 13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{3CA026A1-6A14-4038-AEBD-9667871280ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{A17295BF-43EA-4F03-828A-2F905AC612A3}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{B8718F99-9E98-47D3-875B-B78F150EA9E1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3CA026A1-6A14-4038-AEBD-9667871280ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{A17295BF-43EA-4F03-828A-2F905AC612A3}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{B8718F99-9E98-47D3-875B-B78F150EA9E1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}: "URL" = http://en.wikipedia....h={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://elearning.ki...edu/default.asp
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{3CA026A1-6A14-4038-AEBD-9667871280ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{A17295BF-43EA-4F03-828A-2F905AC612A3}: "URL" = http://search.yahoo....15,17118,0,18,0
IE - HKCU\..\SearchScopes\{B8718F99-9E98-47D3-875B-B78F150EA9E1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://elearning.ki...du/default.asp"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011 05 27 12:21:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012 05 20 12:35:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012 02 17 07:09:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011 05 27 12:21:43 | 000,000,000 | ---D | M]

[2013 08 16 16:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions
[2013 08 16 16:42:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013 12 13 11:06:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\extensions
[2012 05 20 09:15:48 | 000,000,000 | ---D | M] (JetMP3) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\extensions\jetmp3@jetpack
[2012 09 20 14:55:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\jetpack\[email protected]
[2012 09 20 15:00:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\jetpack\[email protected]\simple-storage
[2012 03 14 20:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012 03 14 20:19:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2013 05 20 21:42:27 | 000,005,341 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CVEA1G3C.DEFAULT\EXTENSIONS\[email protected]
[2012 01 29 09:55:53 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012 01 29 07:36:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012 01 29 07:36:35 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Google Wallet = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012 09 22 09:08:44 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {8A86D350-37AB-410A-8531-7D1363F317B3} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BTUSRBDG] C:\Windows\SysWow64\BtUsrBdg.exe (Extended Systems, Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKCU..\Run: [Nimbuzz] C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe ()
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk = C:\Users\owner\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} http://67.228.181.207:1990/inc/bmc.cab (BMC Control)
O16 - DPF: {7253A666-804A-1108-A3DC-00E04C504788} http://67.228.181.20.../inc/bmchat.cab (BMChat Control)
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} http://67.228.181.20.../inc/bmchat.cab (BMChat Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.183.164 97.64.209.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA233D39-C340-45C6-A10C-EF0D78ACE0F2}: DhcpNameServer = 97.64.183.164 97.64.209.37
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014 01 04 22:22:17 | 002,627,880 | ---- | C] (Premium Installer ) -- C:\Users\owner\Desktop\Setup.exe
[2014 01 01 23:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2014 01 01 23:05:24 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
[2014 01 01 23:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2013 12 31 12:00:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013 12 31 11:35:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013 12 31 11:35:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013 12 31 11:35:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013 12 31 11:35:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013 12 31 11:29:57 | 005,160,176 | R--- | C] (Swearware) -- C:\Users\owner\Desktop\ComboFix.exe
[2013 12 31 10:43:39 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013 12 31 10:26:50 | 000,389,120 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys.bak
[2013 12 31 10:26:49 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013 12 31 10:26:48 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013 12 31 10:26:47 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013 12 31 10:26:45 | 001,485,312 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS.bak
[2013 12 31 10:26:44 | 000,740,864 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS.bak
[2013 12 31 10:26:44 | 000,292,864 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS.bak
[2013 12 31 10:26:43 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013 12 31 10:26:41 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013 12 31 10:26:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013 12 31 10:26:40 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013 12 31 10:26:39 | 000,054,784 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys.bak
[2013 12 31 10:26:39 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013 12 31 10:26:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013 12 31 10:26:36 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013 12 31 10:26:35 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013 12 31 10:26:34 | 001,403,440 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2013 12 31 10:26:34 | 000,515,584 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys.bak
[2013 12 31 10:26:33 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013 12 31 10:26:33 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013 12 31 10:26:33 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013 12 31 10:26:32 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013 12 31 10:26:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013 12 31 10:26:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serscan.sys.bak
[2013 12 31 10:26:28 | 000,171,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013 12 31 10:26:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys.bak
[2013 12 31 10:26:27 | 000,344,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2013 12 31 10:26:27 | 000,232,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys.bak
[2013 12 31 10:26:26 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013 12 31 10:26:26 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013 12 31 10:26:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013 12 31 10:26:25 | 000,027,520 | ---- | C] (Research In Motion Limited) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys.bak
[2013 12 31 10:26:21 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013 12 31 10:26:20 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013 12 31 10:26:17 | 000,134,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2013 12 31 10:26:16 | 005,434,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\netw5v64.sys.bak
[2013 12 31 10:26:15 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013 12 31 10:26:07 | 000,117,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys.bak
[2013 12 31 10:26:07 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys.bak
[2013 12 31 10:26:07 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013 12 31 10:26:06 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013 12 31 10:26:06 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013 12 31 10:26:04 | 000,033,792 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgx64modem.sys.bak
[2013 12 31 10:26:04 | 000,027,136 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgx64diag.sys.bak
[2013 12 31 10:26:04 | 000,017,920 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgx64bus.sys.bak
[2013 12 31 10:26:02 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013 12 31 10:26:00 | 000,271,872 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2013 12 31 10:26:00 | 000,158,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys.bak
[2013 12 31 10:25:58 | 010,610,400 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2013 12 31 10:25:58 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2013 12 31 10:25:57 | 000,077,888 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013 12 31 10:25:57 | 000,030,008 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\hpdskflt.sys.bak
[2013 12 31 10:25:56 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013 12 31 10:25:56 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013 12 31 10:25:55 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2013 12 31 10:25:54 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.bak
[2013 12 31 10:25:54 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013 12 31 10:25:53 | 000,287,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013 12 31 10:25:52 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013 12 31 10:25:50 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013 12 31 10:25:49 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013 12 31 10:25:49 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013 12 31 10:25:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013 12 31 10:25:48 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013 12 31 10:25:48 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013 12 31 10:25:48 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013 12 31 10:25:48 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013 12 31 10:25:47 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013 12 31 10:25:45 | 000,178,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013 12 31 10:25:45 | 000,032,880 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\clwvd.sys.bak
[2013 12 31 10:25:44 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013 12 31 10:25:41 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013 12 31 10:25:41 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013 12 31 10:25:40 | 002,736,640 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2013 12 31 10:25:40 | 000,155,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013 12 31 10:25:39 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013 12 31 10:25:39 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013 12 31 10:25:38 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013 12 31 10:25:35 | 000,043,320 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\Accelerometer.sys.bak
[2013 12 31 10:25:34 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\16170844.sys.bak
[2013 12 31 10:25:32 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013 12 31 09:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013 12 31 09:56:00 | 000,089,304 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013 12 31 09:55:53 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\mbar
[2013 12 31 09:54:08 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Users\owner\Desktop\mbar-1.07.0.1008.exe
[2013 12 31 00:06:15 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\owner\Desktop\aswmbr.exe
[2013 12 30 23:18:43 | 000,208,216 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\16170844.sys
[2013 12 13 20:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013 12 13 20:58:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013 12 13 20:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013 12 13 20:58:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013 12 13 20:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

========== Files - Modified Within 30 Days ==========

[2014 01 04 22:30:31 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
[2014 01 04 22:28:50 | 000,000,085 | ---- | M] () -- C:\Windows\SysNative\qodul.clq
[2014 01 04 22:27:02 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
[2014 01 04 22:25:28 | 001,233,962 | ---- | M] () -- C:\Users\owner\Desktop\AdwCleaner.exe
[2014 01 04 22:25:05 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014 01 04 22:22:17 | 002,627,880 | ---- | M] (Premium Installer ) -- C:\Users\owner\Desktop\Setup.exe
[2014 01 04 22:18:31 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
[2014 01 04 22:18:09 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014 01 04 22:17:53 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
[2014 01 04 22:17:53 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014 01 04 22:17:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014 01 03 23:12:45 | 000,779,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014 01 03 23:12:45 | 000,660,546 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014 01 03 23:12:45 | 000,121,442 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014 01 03 15:38:27 | 000,987,410 | ---- | M] () -- C:\Users\owner\Desktop\SecurityCheck.exe
[2014 01 03 15:13:44 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014 01 03 15:13:44 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014 01 03 15:06:05 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2014 01 03 14:49:25 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014 01 02 01:14:11 | 000,000,039 | RH-- | M] () -- C:\Users\owner\Desktop\stinger.opt
[2014 01 01 23:05:24 | 000,003,205 | ---- | M] () -- C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
[2013 12 31 11:34:25 | 005,160,176 | R--- | M] (Swearware) -- C:\Users\owner\Desktop\ComboFix.exe
[2013 12 31 10:26:51 | 000,389,120 | ---- | M] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys.bak
[2013 12 31 10:26:49 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013 12 31 10:26:48 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013 12 31 10:26:47 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013 12 31 10:26:45 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS.bak
[2013 12 31 10:26:45 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS.bak
[2013 12 31 10:26:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS.bak
[2013 12 31 10:26:43 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013 12 31 10:26:41 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013 12 31 10:26:41 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013 12 31 10:26:40 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013 12 31 10:26:39 | 000,054,784 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys.bak
[2013 12 31 10:26:39 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013 12 31 10:26:39 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013 12 31 10:26:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013 12 31 10:26:35 | 001,403,440 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2013 12 31 10:26:35 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013 12 31 10:26:34 | 000,515,584 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys.bak
[2013 12 31 10:26:34 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013 12 31 10:26:33 | 000,187,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013 12 31 10:26:33 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013 12 31 10:26:32 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013 12 31 10:26:32 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013 12 31 10:26:30 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serscan.sys.bak
[2013 12 31 10:26:29 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys.bak
[2013 12 31 10:26:28 | 000,171,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013 12 31 10:26:27 | 000,344,680 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2013 12 31 10:26:27 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys.bak
[2013 12 31 10:26:26 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013 12 31 10:26:26 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013 12 31 10:26:26 | 000,027,520 | ---- | M] (Research In Motion Limited) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys.bak
[2013 12 31 10:26:26 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013 12 31 10:26:21 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013 12 31 10:26:20 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013 12 31 10:26:17 | 000,134,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2013 12 31 10:26:16 | 005,434,368 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\netw5v64.sys.bak
[2013 12 31 10:26:16 | 000,374,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013 12 31 10:26:07 | 000,117,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys.bak
[2013 12 31 10:26:07 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys.bak
[2013 12 31 10:26:07 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013 12 31 10:26:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013 12 31 10:26:06 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013 12 31 10:26:05 | 000,033,792 | ---- | M] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgx64modem.sys.bak
[2013 12 31 10:26:04 | 000,027,136 | ---- | M] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgx64diag.sys.bak
[2013 12 31 10:26:04 | 000,017,920 | ---- | M] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgx64bus.sys.bak
[2013 12 31 10:26:02 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013 12 31 10:26:00 | 000,271,872 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2013 12 31 10:26:00 | 000,158,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys.bak
[2013 12 31 10:25:59 | 010,610,400 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2013 12 31 10:25:58 | 000,540,696 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2013 12 31 10:25:57 | 000,077,888 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013 12 31 10:25:57 | 000,030,008 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\hpdskflt.sys.bak
[2013 12 31 10:25:56 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013 12 31 10:25:56 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013 12 31 10:25:55 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2013 12 31 10:25:54 | 000,287,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013 12 31 10:25:54 | 000,033,240 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.bak
[2013 12 31 10:25:54 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013 12 31 10:25:53 | 000,022,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013 12 31 10:25:50 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013 12 31 10:25:50 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013 12 31 10:25:49 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013 12 31 10:25:49 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013 12 31 10:25:49 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013 12 31 10:25:48 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013 12 31 10:25:48 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013 12 31 10:25:48 | 000,027,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013 12 31 10:25:47 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013 12 31 10:25:45 | 000,178,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013 12 31 10:25:45 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\clwvd.sys.bak
[2013 12 31 10:25:44 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013 12 31 10:25:41 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013 12 31 10:25:41 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013 12 31 10:25:40 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2013 12 31 10:25:40 | 000,155,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013 12 31 10:25:39 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013 12 31 10:25:39 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013 12 31 10:25:39 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013 12 31 10:25:35 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\16170844.sys.bak
[2013 12 31 10:25:35 | 000,043,320 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\Accelerometer.sys.bak
[2013 12 31 10:25:34 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013 12 31 09:55:37 | 012,582,688 | ---- | M] (Malwarebytes Corp.) -- C:\Users\owner\Desktop\mbar-1.07.0.1008.exe
[2013 12 31 00:49:10 | 000,000,512 | ---- | M] () -- C:\Users\owner\Desktop\MBR.dat
[2013 12 31 00:06:16 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\owner\Desktop\aswmbr.exe
[2013 12 30 23:18:43 | 000,208,216 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\16170844.sys
[2013 12 30 21:54:55 | 000,037,376 | ---- | M] () -- C:\Windows\SysNative\hgwzmhy.wlb
[2013 12 30 21:54:55 | 000,000,102 | ---- | M] () -- C:\Windows\SysNative\mxcwnah.fft
[2013 12 30 21:44:16 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\oznb.gbq
[2013 12 30 21:28:46 | 000,219,314 | --S- | M] () -- C:\Windows\SysNative\bfjsv.ezv
[2013 12 17 00:23:04 | 000,314,334 | ---- | M] () -- C:\Users\owner\Desktop\TyRegCom_1.1.0.0.zip
[2013 12 14 11:16:19 | 000,001,976 | ---- | M] () -- C:\Users\owner\Desktop\Style Format 2 Converter.lnk
[2013 12 13 20:59:55 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013 12 11 22:13:04 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForowner.job
[2013 12 11 13:45:24 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013 12 11 13:45:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013 12 10 11:51:16 | 000,061,708 | ---- | M] () -- C:\Users\owner\Documents\Amira Project.rtf
[2013 12 06 15:10:41 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2014 01 04 22:25:28 | 001,233,962 | ---- | C] () -- C:\Users\owner\Desktop\AdwCleaner.exe
[2014 01 03 15:38:24 | 000,987,410 | ---- | C] () -- C:\Users\owner\Desktop\SecurityCheck.exe
[2014 01 01 23:05:24 | 000,003,205 | ---- | C] () -- C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
[2013 12 31 11:35:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013 12 31 11:35:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013 12 31 11:35:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013 12 31 11:35:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013 12 31 11:35:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013 12 30 21:54:55 | 000,037,376 | ---- | C] () -- C:\Windows\SysNative\hgwzmhy.wlb
[2013 12 30 21:44:54 | 000,000,085 | ---- | C] () -- C:\Windows\SysNative\qodul.clq
[2013 12 30 21:44:16 | 000,000,102 | ---- | C] () -- C:\Windows\SysNative\mxcwnah.fft
[2013 12 30 21:44:16 | 000,000,064 | ---- | C] () -- C:\Windows\SysNative\oznb.gbq
[2013 12 30 21:28:46 | 000,219,314 | --S- | C] () -- C:\Windows\SysNative\bfjsv.ezv
[2013 12 17 00:22:56 | 000,314,334 | ---- | C] () -- C:\Users\owner\Desktop\TyRegCom_1.1.0.0.zip
[2013 12 13 20:59:55 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013 12 10 11:15:11 | 000,061,708 | ---- | C] () -- C:\Users\owner\Documents\Amira Project.rtf
[2013 01 19 10:33:26 | 000,000,105 | ---- | C] () -- C:\Users\owner\AppData\Local\ZDManager.ini
[2012 05 20 09:16:43 | 000,669,416 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2012 05 20 09:16:43 | 000,003,071 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
[2012 03 04 07:01:39 | 000,000,288 | ---- | C] () -- C:\Users\owner\AppData\Roaming\.backup.dm

========== Files - Unicode (All) ==========
[2013 12 19 10:58:07 | 000,000,162 | -H-- | M] ()(C:\Users\owner\Documents\~$??? ????? ????????.docx) -- C:\Users\owner\Documents\~$فية برمجة الياماها.docx
[2013 12 19 10:58:07 | 000,000,162 | -H-- | C] ()(C:\Users\owner\Documents\~$??? ????? ????????.docx) -- C:\Users\owner\Documents\~$فية برمجة الياماها.docx
[2013 09 19 19:39:19 | 000,011,164 | ---- | M] ()(C:\Users\owner\Documents\????? ????? ??????? ????? ????????.docx) -- C:\Users\owner\Documents\روابط لتعلم أساسيات للغات االبرمجة.docx
[2013 09 19 19:39:18 | 000,011,164 | ---- | C] ()(C:\Users\owner\Documents\????? ????? ??????? ????? ????????.docx) -- C:\Users\owner\Documents\روابط لتعلم أساسيات للغات االبرمجة.docx
[2013 06 10 09:18:59 | 000,012,686 | ---- | M] ()(C:\Users\owner\Documents\????.docx) -- C:\Users\owner\Documents\بيوت.docx
[2013 06 10 09:18:59 | 000,012,686 | ---- | C] ()(C:\Users\owner\Documents\????.docx) -- C:\Users\owner\Documents\بيوت.docx
[2013 04 14 10:49:45 | 000,017,958 | ---- | M] ()(C:\Users\owner\Documents\??? ??? ???? ???? ??????.docx) -- C:\Users\owner\Documents\إنا لله وإنا إليه راجعون.docx
[2013 02 05 10:33:29 | 008,113,051 | ---- | M] ()(C:\Users\owner\Desktop\????? ?????..??????? ? ??????? ? ?????? ? ?????.pdf) -- C:\Users\owner\Desktop\موريس بوكاى..التوراه و الانجيل و القران و العلم.pdf
[2013 02 05 10:33:21 | 008,113,051 | ---- | C] ()(C:\Users\owner\Desktop\????? ?????..??????? ? ??????? ? ?????? ? ?????.pdf) -- C:\Users\owner\Desktop\موريس بوكاى..التوراه و الانجيل و القران و العلم.pdf
[2013 02 01 11:43:00 | 110,869,198 | ---- | M] ()(C:\Users\owner\Desktop\Ayat-v1.2.0_standard????.zip) -- C:\Users\owner\Desktop\Ayat-v1.2.0_standardقران.zip
[2013 02 01 11:31:22 | 110,869,198 | ---- | C] ()(C:\Users\owner\Desktop\Ayat-v1.2.0_standard????.zip) -- C:\Users\owner\Desktop\Ayat-v1.2.0_standardقران.zip
[2013 01 06 23:57:34 | 000,014,358 | ---- | M] ()(C:\Users\owner\Documents\????? ???? ????.docx) -- C:\Users\owner\Documents\اسرار الكي بورد.docx
[2013 01 06 23:57:33 | 000,014,358 | ---- | C] ()(C:\Users\owner\Documents\????? ???? ????.docx) -- C:\Users\owner\Documents\اسرار الكي بورد.docx
[2012 12 07 11:13:03 | 003,312,266 | ---- | C] ()(C:\Users\owner\Documents\?????.rar) -- C:\Users\owner\Documents\كاسبر.rar
[2012 10 08 17:14:28 | 000,010,272 | ---- | M] ()(C:\Users\owner\Documents\????? ??????.docx) -- C:\Users\owner\Documents\الغسل الشرعى.docx
[2012 10 08 17:14:28 | 000,010,272 | ---- | C] ()(C:\Users\owner\Documents\????? ??????.docx) -- C:\Users\owner\Documents\الغسل الشرعى.docx
[2012 07 14 20:43:41 | 000,019,412 | ---- | M] ()(C:\Users\owner\Documents\???? ??????? ??.docx) -- C:\Users\owner\Documents\ديون السودان كم.docx
[2012 07 14 20:43:40 | 000,019,412 | ---- | C] ()(C:\Users\owner\Documents\???? ??????? ??.docx) -- C:\Users\owner\Documents\ديون السودان كم.docx
[2012 05 21 00:57:14 | 000,017,958 | ---- | C] ()(C:\Users\owner\Documents\??? ??? ???? ???? ??????.docx) -- C:\Users\owner\Documents\إنا لله وإنا إليه راجعون.docx
[2012 05 09 10:23:09 | 000,000,000 | ---D | M](C:\Users\owner\Desktop\???? ??? ???? ??? ???) -- C:\Users\owner\Desktop\جوجل لیس محرك بحث فقط
[2012 05 09 10:23:09 | 000,000,000 | ---D | C](C:\Users\owner\Desktop\???? ??? ???? ??? ???) -- C:\Users\owner\Desktop\جوجل لیس محرك بحث فقط
[2012 01 31 17:21:31 | 000,000,162 | -H-- | M] ()(C:\Users\owner\Documents\~$??????.docx) -- C:\Users\owner\Documents\~$مقامات.docx
[2012 01 31 17:21:31 | 000,000,162 | -H-- | C] ()(C:\Users\owner\Documents\~$??????.docx) -- C:\Users\owner\Documents\~$مقامات.docx
[2011 11 06 09:29:05 | 000,016,068 | ---- | M] ()(C:\Users\owner\Documents\?? ?????????????.docx) -- C:\Users\owner\Documents\عن سودانيزونلاين.docx
[2011 10 14 00:48:42 | 000,013,262 | ---- | M] ()(C:\Users\owner\Documents\??? ????? ????? ???? ???????? ?????.docx) -- C:\Users\owner\Documents\دوب يادوب ولازم نرضى بالمكتوب يالله.docx
[2011 10 14 00:48:42 | 000,013,262 | ---- | C] ()(C:\Users\owner\Documents\??? ????? ????? ???? ???????? ?????.docx) -- C:\Users\owner\Documents\دوب يادوب ولازم نرضى بالمكتوب يالله.docx
[2011 10 10 01:16:38 | 000,016,068 | ---- | C] ()(C:\Users\owner\Documents\?? ?????????????.docx) -- C:\Users\owner\Documents\عن سودانيزونلاين.docx
[2011 09 23 09:20:33 | 000,436,721 | ---- | M] ()(C:\Users\owner\Documents\????????.docx) -- C:\Users\owner\Documents\المقامات.docx
[2011 09 20 00:36:07 | 000,436,721 | ---- | C] ()(C:\Users\owner\Documents\????????.docx) -- C:\Users\owner\Documents\المقامات.docx
[2011 09 06 18:13:27 | 002,738,098 | ---- | M] ()(C:\Users\owner\Desktop\????? ????? ????? ??????2.rar) -- C:\Users\owner\Desktop\طريقة تثبيت تحديث تايروس2.rar
[2011 09 06 18:13:11 | 002,738,098 | ---- | C] ()(C:\Users\owner\Desktop\????? ????? ????? ??????2.rar) -- C:\Users\owner\Desktop\طريقة تثبيت تحديث تايروس2.rar
[2011 08 29 04:37:04 | 000,016,857 | ---- | M] ()(C:\Users\owner\Documents\??????.docx) -- C:\Users\owner\Documents\المريخ.docx
[2011 08 29 04:37:03 | 000,016,857 | ---- | C] ()(C:\Users\owner\Documents\??????.docx) -- C:\Users\owner\Documents\المريخ.docx
[2011 07 08 16:57:53 | 000,024,012 | ---- | M] ()(C:\Users\owner\Documents\???? ?????? ????? ???????.docx) -- C:\Users\owner\Documents\قوقل سيريال وكراك للبرامج.docx
[2011 07 06 14:39:01 | 000,012,912 | ---- | M] ()(C:\Users\owner\Documents\????? ????? ????????.docx) -- C:\Users\owner\Documents\كيفية برمجة الياماها.docx
[2011 07 06 14:39:00 | 000,012,912 | ---- | C] ()(C:\Users\owner\Documents\????? ????? ????????.docx) -- C:\Users\owner\Documents\كيفية برمجة الياماها.docx
[2011 07 04 19:19:04 | 003,312,266 | ---- | M] ()(C:\Users\owner\Documents\?????.rar) -- C:\Users\owner\Documents\كاسبر.rar
[2011 07 03 18:17:25 | 000,024,012 | ---- | C] ()(C:\Users\owner\Documents\???? ?????? ????? ???????.docx) -- C:\Users\owner\Documents\قوقل سيريال وكراك للبرامج.docx
[2011 06 22 14:13:14 | 001,567,241 | ---- | M] ()(C:\Users\owner\Documents\TVI 3 ???? ????.pptx) -- C:\Users\owner\Documents\TVI 3 عربي ريال.pptx
[2011 06 22 14:13:12 | 001,567,241 | ---- | C] ()(C:\Users\owner\Documents\TVI 3 ???? ????.pptx) -- C:\Users\owner\Documents\TVI 3 عربي ريال.pptx
[2011 04 15 15:25:32 | 001,300,970 | ---- | M] ()(C:\Users\owner\Desktop\??????.rar) -- C:\Users\owner\Desktop\بعامات.rar
[2011 04 15 15:25:31 | 001,300,970 | ---- | C] ()(C:\Users\owner\Desktop\??????.rar) -- C:\Users\owner\Desktop\بعامات.rar

< End of report >
  • 0

#4
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
# AdwCleaner v3.016 - Report created 04/01/2014 at 22:52:14
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : owner - OWNER-HP
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476


-\\ Mozilla Firefox v10.0 (en-US)

[ File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2446 octets] - [31/12/2013 10:45:33]
AdwCleaner[R1].txt - [1000 octets] - [31/12/2013 11:17:36]
AdwCleaner[R2].txt - [1121 octets] - [31/12/2013 18:05:01]
AdwCleaner[R3].txt - [1241 octets] - [31/12/2013 18:22:35]
AdwCleaner[R4].txt - [1361 octets] - [02/01/2014 01:15:28]
AdwCleaner[R5].txt - [1482 octets] - [03/01/2014 15:04:29]
AdwCleaner[R6].txt - [1602 octets] - [04/01/2014 22:50:58]
AdwCleaner[S0].txt - [2496 octets] - [31/12/2013 10:48:09]
AdwCleaner[S1].txt - [1061 octets] - [31/12/2013 11:18:45]
AdwCleaner[S2].txt - [1183 octets] - [31/12/2013 18:06:06]
AdwCleaner[S3].txt - [1303 octets] - [31/12/2013 18:24:01]
AdwCleaner[S4].txt - [1423 octets] - [02/01/2014 01:56:03]
AdwCleaner[S5].txt - [1543 octets] - [03/01/2014 15:05:32]
AdwCleaner[S6].txt - [1523 octets] - [04/01/2014 22:52:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1583 octets] ##########
  • 0

#5
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by owner on Sat 01/04/2014 at 23:04:53.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\theseaapp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\owner\appdata\local\jetmp3"
Successfully deleted: [Folder] "C:\Users\owner\appdata\locallow\somototoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\cvea1g3c.default\extensions\[email protected] [Tracur]
Successfully deleted: [Folder] C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\cvea1g3c.default\extensions\jetmp3@jetpack
Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\cvea1g3c.default\minidumps [14 files]



~~~ Chrome

Dumping contents of C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf\background.js
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf\ContentScript.js
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf\manifest.json

Successfully deleted: [Folder] C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/04/2014 at 23:12:41.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by owner (administrator) on OWNER-HP on 04-01-2014 23:23:18
Running from C:\Users\owner\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Audiovox Electronics Corp.) C:\Users\owner\Documents\RCA Detective\RCADetective.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2011-03-22] (IDT, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BTUSRBDG] - C:\Windows\\SysWOW64\BtUsrBdg.exe [53248 2002-06-19] (Extended Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296056 2012-05-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company)
HKCU\...\Run: [Nimbuzz] - C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe [12549632 2012-04-19] ()
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk
ShortcutTarget: RCA Detective.lnk -> C:\Users\owner\Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://elearning.ki...edu/default.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A17295BF-43EA-4F03-828A-2F905AC612A3} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {B8718F99-9E98-47D3-875B-B78F150EA9E1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM - {E62B7ADD-C6FD-402C-BBAE-230ADD1D4166} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {A17295BF-43EA-4F03-828A-2F905AC612A3} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {B8718F99-9E98-47D3-875B-B78F150EA9E1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {A17295BF-43EA-4F03-828A-2F905AC612A3} URL = http://search.yahoo....15,17118,0,18,0
SearchScopes: HKCU - {B8718F99-9E98-47D3-875B-B78F150EA9E1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10} URL = http://www.bing.com/...eferrer:source}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {8A86D350-37AB-410A-8531-7D1363F317B3} - No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {7253A666-804A-1107-A4DC-00E04C504788} http://67.228.181.207:1990/inc/bmc.cab
DPF: HKLM-x32 {7253A666-804A-1108-A3DC-00E04C504788} http://67.228.181.20.../inc/bmchat.cab
DPF: HKLM-x32 {7253A666-804A-1108-A4DC-00E04C504788} http://67.228.181.20.../inc/bmchat.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 97.64.183.164 97.64.209.37

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default
FF Homepage: https://elearning.ki...edu/default.asp
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Fantapper - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\Extensions\[email protected]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432 2012-09-07] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [676936 2012-09-07] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2012-09-07] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S1 eqslbbxm; \??\C:\Windows\system32\drivers\eqslbbxm.sys [x]
S1 falumhtz; \??\C:\Windows\system32\drivers\falumhtz.sys [x]
S1 ggwewglw; \??\C:\Windows\system32\drivers\ggwewglw.sys [x]
S1 shrudhfs; \??\C:\Windows\system32\drivers\shrudhfs.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 23:23 - 2014-01-04 23:23 - 00021322 _____ C:\Users\owner\Desktop\FRST.txt
2014-01-04 23:12 - 2014-01-04 23:12 - 00002396 _____ C:\Users\owner\Desktop\JRT.txt
2014-01-04 23:04 - 2014-01-04 23:04 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 23:03 - 2014-01-04 23:03 - 00000000 ____D C:\FRST
2014-01-04 23:00 - 2014-01-04 23:01 - 01931368 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2014-01-04 22:50 - 2014-01-04 22:50 - 01036305 _____ (Thisisu) C:\Users\owner\Desktop\JRT.exe
2014-01-04 22:25 - 2014-01-04 22:44 - 01233962 _____ C:\Users\owner\Desktop\AdwCleaner.exe
2014-01-04 22:22 - 2014-01-04 22:22 - 02627880 _____ (Premium Installer ) C:\Users\owner\Desktop\Setup.exe
2014-01-03 15:41 - 2014-01-03 15:41 - 00001358 _____ C:\Users\owner\Desktop\checkup.txt
2014-01-03 15:38 - 2014-01-03 15:38 - 00987410 _____ C:\Users\owner\Desktop\SecurityCheck.exe
2014-01-02 00:58 - 2014-01-02 00:58 - 00008408 _____ C:\Users\owner\Desktop\SophosVirusRemovalTool.log
2014-01-01 23:05 - 2014-01-01 23:05 - 00003205 _____ C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\ProgramData\Sophos
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Program Files (x86)\Sophos
2014-01-01 22:50 - 2014-01-01 22:51 - 04101441 _____ C:\Users\owner\Downloads\tdsskiller.zip
2013-12-31 14:14 - 2013-12-31 14:14 - 00005514 _____ C:\Users\owner\Desktop\Results.log
2013-12-31 12:20 - 2013-12-31 12:20 - 00377856 _____ C:\Users\owner\Downloads\e8mw2nz9.exe
2013-12-31 11:59 - 2013-12-31 11:59 - 00019448 _____ C:\ComboFix.txt
2013-12-31 11:35 - 2013-12-31 12:00 - 00000000 ____D C:\Qoobox
2013-12-31 11:35 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-31 11:35 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-31 11:35 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-31 11:29 - 2013-12-31 11:34 - 05160176 ____R (Swearware) C:\Users\owner\Desktop\ComboFix.exe
2013-12-31 10:54 - 2013-12-31 10:54 - 00002496 _____ C:\Users\owner\Desktop\AdwCleaner[S0].txt
2013-12-31 10:43 - 2014-01-04 22:52 - 00000000 ____D C:\AdwCleaner
2013-12-31 10:26 - 2013-12-31 10:30 - 00001637 _____ C:\Users\owner\Desktop\RKreport[0]_S_12312013_102659.txt
2013-12-31 10:26 - 2013-12-31 10:26 - 05434368 _____ (Intel Corporation) C:\Windows\system32\Drivers\netw5v64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01485312 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01403440 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00389120 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00344680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00271872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00232992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033792 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027520 _____ (Research In Motion Limited) C:\Windows\system32\Drivers\RimUsb_AMD64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027136 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-31 10:25 - 2013-12-31 10:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 10610400 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 02736640 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00043320 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032880 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\clwvd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030008 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-31 10:20 - 2013-12-31 10:20 - 04406784 _____ C:\Users\owner\Downloads\RogueKillerX64.exe
2013-12-31 09:57 - 2014-01-03 15:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-31 09:56 - 2014-01-03 14:49 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-31 09:55 - 2014-01-03 15:03 - 00000000 ____D C:\Users\owner\Desktop\mbar
2013-12-31 09:54 - 2013-12-31 09:55 - 12582688 _____ (Malwarebytes Corp.) C:\Users\owner\Desktop\mbar-1.07.0.1008.exe
2013-12-31 00:06 - 2013-12-31 00:06 - 04745728 _____ (AVAST Software) C:\Users\owner\Desktop\aswmbr.exe
2013-12-30 23:18 - 2013-12-30 23:18 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys
2013-12-30 21:54 - 2013-12-30 21:54 - 00037376 _____ C:\Windows\system32\hgwzmhy.wlb
2013-12-30 21:44 - 2014-01-04 22:28 - 00000085 _____ C:\Windows\system32\qodul.clq
2013-12-30 21:44 - 2013-12-30 21:54 - 00000102 _____ C:\Windows\system32\mxcwnah.fft
2013-12-30 21:44 - 2013-12-30 21:44 - 00000064 _____ C:\Windows\system32\oznb.gbq
2013-12-30 21:28 - 2013-12-30 21:28 - 00219314 ____S C:\Windows\system32\bfjsv.ezv
2013-12-20 10:30 - 2013-12-20 10:30 - 00000756 _____ C:\Users\owner\Downloads\T4Pianos.zip
2013-12-17 00:22 - 2013-12-17 00:23 - 00314334 _____ C:\Users\owner\Desktop\TyRegCom_1.1.0.0.zip
2013-12-16 09:45 - 2013-12-16 09:45 - 00306805 _____ C:\Users\owner\Downloads\Gems9.ZIP
2013-12-14 11:14 - 2013-12-14 11:14 - 00329757 _____ ( ) C:\Users\owner\Downloads\sf2csetup.exe
2013-12-13 20:59 - 2013-12-13 20:59 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-13 20:58 - 2013-12-13 20:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-13 20:58 - 2013-12-13 20:59 - 00000000 ____D C:\Program Files\iTunes
2013-12-13 20:58 - 2013-12-13 20:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-13 20:58 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-01-04 23:23 - 2014-01-04 23:23 - 00021322 _____ C:\Users\owner\Desktop\FRST.txt
2014-01-04 23:13 - 2013-01-04 10:04 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
2014-01-04 23:12 - 2014-01-04 23:12 - 00002396 _____ C:\Users\owner\Desktop\JRT.txt
2014-01-04 23:04 - 2014-01-04 23:04 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 23:03 - 2014-01-04 23:03 - 00000000 ____D C:\FRST
2014-01-04 23:01 - 2014-01-04 23:00 - 01931368 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2014-01-04 23:00 - 2009-07-13 22:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 23:00 - 2009-07-13 22:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 22:58 - 2009-07-13 23:13 - 00779306 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 22:56 - 2010-08-19 02:44 - 01362870 _____ C:\Windows\WindowsUpdate.log
2014-01-04 22:53 - 2012-09-14 20:42 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 22:53 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 22:53 - 2009-07-13 22:51 - 00113983 _____ C:\Windows\setupact.log
2014-01-04 22:52 - 2013-12-31 10:43 - 00000000 ____D C:\AdwCleaner
2014-01-04 22:50 - 2014-01-04 22:50 - 01036305 _____ (Thisisu) C:\Users\owner\Desktop\JRT.exe
2014-01-04 22:45 - 2012-09-21 14:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 22:44 - 2014-01-04 22:25 - 01233962 _____ C:\Users\owner\Desktop\AdwCleaner.exe
2014-01-04 22:35 - 2012-05-22 20:32 - 00139930 _____ C:\Users\owner\Downloads\OTL.Txt
2014-01-04 22:30 - 2012-04-05 21:01 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
2014-01-04 22:28 - 2013-12-30 21:44 - 00000085 _____ C:\Windows\system32\qodul.clq
2014-01-04 22:27 - 2013-01-04 10:04 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
2014-01-04 22:22 - 2014-01-04 22:22 - 02627880 _____ (Premium Installer ) C:\Users\owner\Desktop\Setup.exe
2014-01-04 22:18 - 2012-09-14 20:42 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 22:17 - 2012-04-05 21:01 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
2014-01-03 15:41 - 2014-01-03 15:41 - 00001358 _____ C:\Users\owner\Desktop\checkup.txt
2014-01-03 15:38 - 2014-01-03 15:38 - 00987410 _____ C:\Users\owner\Desktop\SecurityCheck.exe
2014-01-03 15:03 - 2013-12-31 09:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-03 15:03 - 2013-12-31 09:55 - 00000000 ____D C:\Users\owner\Desktop\mbar
2014-01-03 14:49 - 2013-12-31 09:56 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-02 01:14 - 2012-11-20 11:51 - 00000039 ___RH C:\Users\owner\Desktop\stinger.opt
2014-01-02 01:14 - 2012-11-20 11:44 - 00000000 ____D C:\Program Files (x86)\stinger
2014-01-02 00:58 - 2014-01-02 00:58 - 00008408 _____ C:\Users\owner\Desktop\SophosVirusRemovalTool.log
2014-01-01 23:05 - 2014-01-01 23:05 - 00003205 _____ C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\ProgramData\Sophos
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Program Files (x86)\Sophos
2014-01-01 22:51 - 2014-01-01 22:50 - 04101441 _____ C:\Users\owner\Downloads\tdsskiller.zip
2013-12-31 18:01 - 2010-08-19 02:47 - 00235480 _____ C:\Windows\PFRO.log
2013-12-31 14:14 - 2013-12-31 14:14 - 00005514 _____ C:\Users\owner\Desktop\Results.log
2013-12-31 12:20 - 2013-12-31 12:20 - 00377856 _____ C:\Users\owner\Downloads\e8mw2nz9.exe
2013-12-31 12:00 - 2013-12-31 11:35 - 00000000 ____D C:\Qoobox
2013-12-31 12:00 - 2011-04-15 12:45 - 00000000 ____D C:\Users\owner\AppData\Local\Apps\2.0
2013-12-31 11:59 - 2013-12-31 11:59 - 00019448 _____ C:\ComboFix.txt
2013-12-31 11:47 - 2009-07-13 20:34 - 00000215 _____ C:\Windows\system.ini
2013-12-31 11:34 - 2013-12-31 11:29 - 05160176 ____R (Swearware) C:\Users\owner\Desktop\ComboFix.exe
2013-12-31 11:34 - 2012-09-21 14:46 - 00000000 ____D C:\Windows\erdnt
2013-12-31 10:54 - 2013-12-31 10:54 - 00002496 _____ C:\Users\owner\Desktop\AdwCleaner[S0].txt
2013-12-31 10:41 - 2012-12-11 23:46 - 00000000 ____D C:\Users\owner\Desktop\RK_Quarantine
2013-12-31 10:30 - 2013-12-31 10:26 - 00001637 _____ C:\Users\owner\Desktop\RKreport[0]_S_12312013_102659.txt
2013-12-31 10:26 - 2013-12-31 10:26 - 05434368 _____ (Intel Corporation) C:\Windows\system32\Drivers\netw5v64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01485312 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01403440 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00389120 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00344680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00271872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00232992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033792 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027520 _____ (Research In Motion Limited) C:\Windows\system32\Drivers\RimUsb_AMD64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027136 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-31 10:26 - 2013-12-31 10:25 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 10610400 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 02736640 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00043320 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032880 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\clwvd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030008 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-31 10:20 - 2013-12-31 10:20 - 04406784 _____ C:\Users\owner\Downloads\RogueKillerX64.exe
2013-12-31 09:55 - 2013-12-31 09:54 - 12582688 _____ (Malwarebytes Corp.) C:\Users\owner\Desktop\mbar-1.07.0.1008.exe
2013-12-31 00:49 - 2012-09-19 18:58 - 00003940 _____ C:\Users\owner\Desktop\aswMBR.txt
2013-12-31 00:49 - 2012-09-19 18:58 - 00000512 _____ C:\Users\owner\Desktop\MBR.dat
2013-12-31 00:06 - 2013-12-31 00:06 - 04745728 _____ (AVAST Software) C:\Users\owner\Desktop\aswmbr.exe
2013-12-31 00:03 - 2012-05-22 20:32 - 00089244 _____ C:\Users\owner\Downloads\Extras.Txt
2013-12-30 23:18 - 2013-12-30 23:18 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys
2013-12-30 21:54 - 2013-12-30 21:54 - 00037376 _____ C:\Windows\system32\hgwzmhy.wlb
2013-12-30 21:54 - 2013-12-30 21:44 - 00000102 _____ C:\Windows\system32\mxcwnah.fft
2013-12-30 21:44 - 2013-12-30 21:44 - 00000064 _____ C:\Windows\system32\oznb.gbq
2013-12-30 21:28 - 2013-12-30 21:28 - 00219314 ____S C:\Windows\system32\bfjsv.ezv
2013-12-30 21:28 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-12-20 10:32 - 2011-04-15 12:45 - 00000000 ____D C:\Users\owner\AppData\Local\Deployment
2013-12-20 10:30 - 2013-12-20 10:30 - 00000756 _____ C:\Users\owner\Downloads\T4Pianos.zip
2013-12-17 12:01 - 2013-10-29 14:50 - 00000000 ____D C:\Users\owner\AppData\Local\Ndrics
2013-12-17 00:23 - 2013-12-17 00:22 - 00314334 _____ C:\Users\owner\Desktop\TyRegCom_1.1.0.0.zip
2013-12-17 00:23 - 2011-04-15 12:45 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tyros Utility
2013-12-16 09:45 - 2013-12-16 09:45 - 00306805 _____ C:\Users\owner\Downloads\Gems9.ZIP
2013-12-15 09:56 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 09:53 - 2010-11-21 13:33 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 11:16 - 2011-09-21 08:53 - 00001976 _____ C:\Users\owner\Desktop\Style Format 2 Converter.lnk
2013-12-14 11:16 - 2011-09-21 08:53 - 00000000 ____D C:\Program Files (x86)\StyleFormat2Converter
2013-12-14 11:14 - 2013-12-14 11:14 - 00329757 _____ ( ) C:\Users\owner\Downloads\sf2csetup.exe
2013-12-13 20:59 - 2013-12-13 20:59 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-13 20:59 - 2013-12-13 20:58 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-13 20:59 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files\iTunes
2013-12-13 20:59 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-13 20:58 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files\iPod
2013-12-13 20:07 - 2010-11-21 13:48 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-12-12 21:42 - 2012-10-27 12:10 - 00000000 ____D C:\Users\owner\AppData\Local\Abelssoft
2013-12-12 17:00 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-12 03:01 - 2011-05-19 12:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 22:13 - 2011-07-22 09:34 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForowner
2013-12-11 22:13 - 2011-07-22 09:34 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForowner.job
2013-12-11 13:45 - 2012-09-21 14:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 13:45 - 2012-05-21 14:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 13:45 - 2011-05-17 10:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-08 12:17 - 2012-10-16 12:34 - 00000000 ____D C:\Users\owner\AppData\Local\Windows Live
2013-12-06 15:10 - 2012-09-14 20:43 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-06 15:08 - 2013-01-04 10:04 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA
2013-12-06 15:08 - 2013-01-04 10:04 - 00003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core

Some content of TEMP:
====================
C:\Users\owner\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-07-13 18:00] - [2009-07-13 19:41] - 0510464 ____A (Microsoft Corporation) DEE32A34A46EFD97ADADABAE8D97B20D

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 15:56

==================== End Of Log ============================
  • 0

#7
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by owner at 2014-01-04 23:24:05
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AccmeWare FileBulldog Toolbar (x32 Version: - )
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
AD Sound Recorder 5.4.4 (x32 Version: - Adrosoft)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 9.0.45.0 (x32 Version: - All Software By 3PEHR)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609 - Adobe Systems, Inc)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (x32 Version: 9.2 - Atheros)
Ayat (x32 Version: 1.2.0 - UNKNOWN)
Ayat (x32 Version: 1.2.0 - UNKNOWN) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BusinessCards MX (x32 Version: 4.74 - MOJOSOFT)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (x32 Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp Ogg Vorbis Codec (x32 Version: Release 21 (Vorbis v1.3.2) - Illustrate)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth (x32 Version: 6.0.3.2197 - Google)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (x32 Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (Version: 14.0 - HP)
HP Documentation (x32 Version: 1.1.1.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (x32 Version: 1.0.1.3 - WildTangent)
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4215 - Hewlett-Packard) Hidden
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.9.0 - Hewlett-Packard)
HP Photo Creations (x32 Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0 - HP)
HP Power Manager (x32 Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.1.4186.3400 - Hewlett-Packard)
HP Smart Web Printing 4.60 (Version: 4.60 - HP)
HP Software Framework (x32 Version: 4.1.8.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Support Assistant (x32 Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HP Wireless Assistant (Version: 4.0.9.0 - Hewlett-Packard Company)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (Version: 3.0.2.163 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6292.0 - IDT)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2141 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 20 (64-bit) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java™ 6 Update 31 (x32 Version: 6.0.310 - Oracle)
Java™ 7 Update 5 (x32 Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
JetMP3 (x32 Version: 1.0517.1205 - JetMP3)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4 - )
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LG USB Modem driver (x32 Version: - )
LightScribe System Software (x32 Version: 1.18.16.1 - LightScribe)
Malwarebytes Anti-Malware version 1.65.0.1400 (x32 Version: 1.65.0.1400 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 10.0 (x86 en-US) (x32 Version: 10.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nimbuzz 2.2.1 (x32 Version: 2.2.1 - Nimbuzz B.V.)
Passware Kit Enterprise 9.7 (x32 Version: 9.7.1665 - Passware)
Payroll Accounting 2010 (x32 Version: 7.00.000 - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
Producer (x32 Version: - )
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RabbitTV (HKCU Version: 1.0.0.8 - RabbitTV.com)
RCA Detective™ 2.0.0.99 (x32 Version: - RCA)
RCA Digital Voice Manager 5.1.1.2 (x32 Version: - RCA)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 15.0.4 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010 - Realtek)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
SanDiskSecureAccess_Manager.exe (HKCU Version: 1.0.0 - DMAILER)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (Version: 14.0 - HP)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (x32 Version: 2.4 - Sophos Limited)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Stellarium 0.11.0 (x32 Version: - )
Style Format 2 Converter 1.17 (x32 Version: - )
Style ReMixer 1.11 (x32 Version: - )
Style Works 2000 Universal v1.99 (x32 Version: - )
Synaptics Pointing Device Driver (Version: 15.2.4.4 - Synaptics Incorporated)
TomTom HOME (x32 Version: 2.9.5 - TomTom)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Tyros Global Registration Bank Changer (HKCU Version: 1.1.3.0 - Tyros Utility)
Tyros Registration File Composer (HKCU Version: 1.1.0.0 - Tyros Utility)
Tyros Registration Memory Editor (HKCU Version: 1.0.5.0 - Tyros Utility)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
USB Disk Security (x32 Version: - Zbshareware Lab)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows 7 Manager (Version: 2.1.7 - Yamicsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR archiver (x32 Version: - )
XTNDConnect Blue Manager 1.0.8 (x32 Version: - )
YAMAHA Tyros2 Voice Editor (x32 Version: 1.0 - YAMAHA)
YouTube Song Downloader (x32 Version: 8.2 - Abelssoft)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

18-12-2013 23:24:34 Windows Update
22-12-2013 17:15:22 Windows Update
25-12-2013 18:10:05 Windows Update
29-12-2013 18:08:45 Windows Update
31-12-2013 16:18:08 Malwarebytes Anti-Rootkit Restore Point
01-01-2014 20:09:23 Windows Update
02-01-2014 05:04:12 Installed Sophos Virus Removal Tool.
05-01-2014 04:29:44 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2012-09-22 09:08 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0817E63B-71D1-4816-A1C1-CB4786639CCD} - System32\Tasks\تنظيف القرص => cleanmger.exe
Task: {2D4D33F2-177F-45C4-B092-B9D35688A12C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EB7605F-A3F1-47E4-828B-515402F302A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {2EF9A146-2484-4F6D-92F2-4C16015A8F28} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {37F2C7F7-1724-4785-A4AF-0090B2E6E0A3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3819350281-2328988450-3692428702-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {39D1D2E6-0408-48B0-B6EE-C109E590C3A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {48CC6C6B-62AE-4474-86C2-E79B95CECDA3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5688CBF9-8D38-47C5-96B9-A5B4C9A9DD0B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {8B96FCD4-4E6E-4E1B-AF6C-E22FE2EC1FB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {8E25C054-5044-4F05-B8A0-27C6FF7FD0BB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {9215A94B-6E29-4116-98B3-15716D65A4BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {A9C9F9A5-8957-4AA8-9DB6-98FBF907A9D0} - System32\Tasks\Disk cleanup => C:\Windows\System32\cleanmgr.exe [2009-07-13] (Microsoft Corporation)
Task: {ADDE07C7-C9CA-45A5-8DF5-B3B3EC3B1C88} - System32\Tasks\HPCeeScheduleForowner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {BEB256E6-D11C-497F-A843-119F3B645C2B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)
Task: {C39B27C0-BD3E-4D6C-AEE2-2F354B6D3CA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {DF8A0FA3-F5CC-430C-85F2-FF0A1BD6DB95} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3819350281-2328988450-3692428702-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForowner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-02-03 17:03 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-16 13:48 - 2010-06-16 13:48 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-06-16 13:48 - 2010-06-16 13:48 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-06-16 13:48 - 2010-06-16 13:48 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 10654208 _____ () C:\Program Files (x86)\Nimbuzz\QtWebKit4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00263680 _____ () C:\Program Files (x86)\Nimbuzz\phonon4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 07942656 _____ () C:\Program Files (x86)\Nimbuzz\QtGui4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 02256384 _____ () C:\Program Files (x86)\Nimbuzz\QtCore4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00952832 _____ () C:\Program Files (x86)\Nimbuzz\QtNetwork4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00584192 _____ () C:\Program Files (x86)\Nimbuzz\QtSql4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00336384 _____ () C:\Program Files (x86)\Nimbuzz\QtXml4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00026624 _____ () C:\Program Files (x86)\Nimbuzz\imageformats\qgif4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00193024 _____ () C:\Program Files (x86)\Nimbuzz\imageformats\qjpeg4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00219648 _____ () C:\Program Files (x86)\Nimbuzz\imageformats\qmng4.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-01-02 01:01:48.420
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SCTBootDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-01-02 01:01:48.295
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SCTBootDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-21 15:53:33.264
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-21 15:53:33.186
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 3893.86 MB
Available physical RAM: 2093.86 MB
Total Pagefile: 7785.86 MB
Available Pagefile: 5754.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.2 GB) (Free:353.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.26 GB) (Free:2.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: DF196081)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
  • 0

#8
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
My computer is infected with malware or a virus that Superantispyware, Avast Anti-virus, and AdFender cannot detect. I believe it to be the audio virus. I am not sure how it was acquired, although symptoms started soon after my son started playing on Minecraft servers and have continue for the past couple of weeks.

Audio clips play on the computer even when no windows are open and no programs are running. Many of these are commercials, but there are random sounds like cars honking. The sounds are frequent and unpredictable...sometimes playing consistently (several a couple a minute for hours) and sometimes not playing at all for an hour.
Also when I ran Sophos antivirus tool it detected two trojan horses,
Troj/Zbot-DHN
Mal/JNPL-A
:confused:
  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 20 (64-bit)
Java™ 6 Update 31
Java™ 7 Update 5
JavaFX 2.1.1

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that then reboot. Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.



Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html

:!: Turn off your screen saver so you can see what is going on

Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
You should get a log when it finishes. If not this may mean you have the new version of Zero Access malware so run Combofix a second time.
If you still don't get a log search for Combofix.txt. It is usually at => C:\Combofix\Combofix.txt. I'll need to see that in your reply.
If you get an error about a registry value when you try to run a program, then just reboot to clear it.

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it by right clicking and Run As Admin.


If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
  • 0

#10
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-01-2014
Ran by owner at 2014-01-05 01:14:35 Run:1
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {B8718F99-9E98-47D3-875B-B78F150EA9E1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {B8718F99-9E98-47D3-875B-B78F150EA9E1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {B8718F99-9E98-47D3-875B-B78F150EA9E1} URL = http://www.ask.com/w...}&l=dis&o=ushpl
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {8A86D350-37AB-410A-8531-7D1363F317B3} - No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
S1 eqslbbxm; \??\C:\Windows\system32\drivers\eqslbbxm.sys [x]
S1 falumhtz; \??\C:\Windows\system32\drivers\falumhtz.sys [x]
S1 ggwewglw; \??\C:\Windows\system32\drivers\ggwewglw.sys [x]
S1 shrudhfs; \??\C:\Windows\system32\drivers\shrudhfs.sys [x]
C:\Windows\system32\hgwzmhy.wlb
C:\Windows\system32\qodul.clq
C:\Windows\system32\mxcwnah.fft
C:\Windows\system32\oznb.gbq
C:\Windows\system32\bfjsv.ezv

*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B8718F99-9E98-47D3-875B-B78F150EA9E1} => Key deleted successfully.
HKCR\CLSID\{B8718F99-9E98-47D3-875B-B78F150EA9E1} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B8718F99-9E98-47D3-875B-B78F150EA9E1} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B8718F99-9E98-47D3-875B-B78F150EA9E1} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B8718F99-9E98-47D3-875B-B78F150EA9E1} => Key deleted successfully.
HKCR\CLSID\{B8718F99-9E98-47D3-875B-B78F150EA9E1} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A86D350-37AB-410A-8531-7D1363F317B3} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8A86D350-37AB-410A-8531-7D1363F317B3} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} not found.
eqslbbxm => Service deleted successfully.
falumhtz => Service deleted successfully.
ggwewglw => Service deleted successfully.
shrudhfs => Service deleted successfully.
C:\Windows\system32\hgwzmhy.wlb => Moved successfully.
C:\Windows\system32\qodul.clq => Moved successfully.
Could not move "C:\Windows\system32\mxcwnah.fft" => Scheduled to move on reboot.
C:\Windows\system32\oznb.gbq => Moved successfully.
Could not move "C:\Windows\system32\bfjsv.ezv" => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-05 01:17:09)<=

"C:\Windows\system32\mxcwnah.fft" => File could not move.
"C:\Windows\system32\bfjsv.ezv" => File could not move.

==== End of Fixlog ====
  • 0

Advertisements


#11
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by owner (administrator) on OWNER-HP on 05-01-2014 01:22:46
Running from C:\Users\owner\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Audiovox Electronics Corp.) C:\Users\owner\Documents\RCA Detective\RCADetective.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2011-03-22] (IDT, Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BTUSRBDG] - C:\Windows\\SysWOW64\BtUsrBdg.exe [53248 2002-06-19] (Extended Systems, Inc.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296056 2012-05-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company)
HKCU\...\Run: [Nimbuzz] - C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe [12549632 2012-04-19] ()
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-03-22] (TomTom)
HKCU\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RCA Detective.lnk
ShortcutTarget: RCA Detective.lnk -> C:\Users\owner\Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://elearning.ki...edu/default.asp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {A17295BF-43EA-4F03-828A-2F905AC612A3} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {E62B7ADD-C6FD-402C-BBAE-230ADD1D4166} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {A17295BF-43EA-4F03-828A-2F905AC612A3} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKCU - {A17295BF-43EA-4F03-828A-2F905AC612A3} URL = http://search.yahoo....15,17118,0,18,0
SearchScopes: HKCU - {BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10} URL = http://www.bing.com/...eferrer:source}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {7253A666-804A-1107-A4DC-00E04C504788} http://67.228.181.207:1990/inc/bmc.cab
DPF: HKLM-x32 {7253A666-804A-1108-A3DC-00E04C504788} http://67.228.181.20.../inc/bmchat.cab
DPF: HKLM-x32 {7253A666-804A-1108-A4DC-00E04C504788} http://67.228.181.20.../inc/bmchat.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 97.64.183.164 97.64.209.37

FireFox:
========
FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default
FF Homepage: https://elearning.ki...edu/default.asp
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Fantapper - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\Extensions\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [399432 2012-09-07] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [676936 2012-09-07] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2012-09-07] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-05 01:16 - 2014-01-05 01:16 - 00000087 _____ C:\Windows\system32\qodul.clq
2014-01-05 01:16 - 2014-01-05 01:16 - 00000064 _____ C:\Windows\system32\oznb.gbq
2014-01-04 23:24 - 2014-01-04 23:24 - 00031910 _____ C:\Users\owner\Desktop\Addition.txt
2014-01-04 23:23 - 2014-01-05 01:22 - 00020020 _____ C:\Users\owner\Desktop\FRST.txt
2014-01-04 23:12 - 2014-01-04 23:12 - 00002396 _____ C:\Users\owner\Desktop\JRT.txt
2014-01-04 23:04 - 2014-01-04 23:04 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 23:03 - 2014-01-05 01:17 - 00000000 ____D C:\FRST
2014-01-04 23:00 - 2014-01-04 23:01 - 01931368 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2014-01-04 22:50 - 2014-01-04 22:50 - 01036305 _____ (Thisisu) C:\Users\owner\Desktop\JRT.exe
2014-01-04 22:25 - 2014-01-04 22:44 - 01233962 _____ C:\Users\owner\Desktop\AdwCleaner.exe
2014-01-03 15:41 - 2014-01-03 15:41 - 00001358 _____ C:\Users\owner\Desktop\checkup.txt
2014-01-03 15:38 - 2014-01-03 15:38 - 00987410 _____ C:\Users\owner\Desktop\SecurityCheck.exe
2014-01-02 00:58 - 2014-01-02 00:58 - 00008408 _____ C:\Users\owner\Desktop\SophosVirusRemovalTool.log
2014-01-01 23:05 - 2014-01-01 23:05 - 00003205 _____ C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\ProgramData\Sophos
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Program Files (x86)\Sophos
2014-01-01 22:50 - 2014-01-01 22:51 - 04101441 _____ C:\Users\owner\Downloads\tdsskiller.zip
2013-12-31 14:14 - 2013-12-31 14:14 - 00005514 _____ C:\Users\owner\Desktop\Results.log
2013-12-31 12:20 - 2013-12-31 12:20 - 00377856 _____ C:\Users\owner\Downloads\e8mw2nz9.exe
2013-12-31 11:59 - 2013-12-31 11:59 - 00019448 _____ C:\ComboFix.txt
2013-12-31 11:35 - 2013-12-31 12:00 - 00000000 ____D C:\Qoobox
2013-12-31 11:35 - 2011-06-26 00:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-31 11:35 - 2010-11-07 11:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-31 11:35 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-31 11:35 - 2000-08-30 18:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-31 11:29 - 2013-12-31 11:34 - 05160176 ____R (Swearware) C:\Users\owner\Desktop\ComboFix.exe
2013-12-31 10:54 - 2013-12-31 10:54 - 00002496 _____ C:\Users\owner\Desktop\AdwCleaner[S0].txt
2013-12-31 10:43 - 2014-01-04 22:52 - 00000000 ____D C:\AdwCleaner
2013-12-31 10:26 - 2013-12-31 10:30 - 00001637 _____ C:\Users\owner\Desktop\RKreport[0]_S_12312013_102659.txt
2013-12-31 10:26 - 2013-12-31 10:26 - 05434368 _____ (Intel Corporation) C:\Windows\system32\Drivers\netw5v64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01485312 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01403440 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00389120 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00344680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00271872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00232992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033792 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027520 _____ (Research In Motion Limited) C:\Windows\system32\Drivers\RimUsb_AMD64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027136 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-31 10:25 - 2013-12-31 10:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 10610400 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 02736640 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00043320 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032880 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\clwvd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030008 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-31 10:20 - 2013-12-31 10:20 - 04406784 _____ C:\Users\owner\Downloads\RogueKillerX64.exe
2013-12-31 09:57 - 2014-01-03 15:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-31 09:56 - 2014-01-03 14:49 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-31 09:55 - 2014-01-03 15:03 - 00000000 ____D C:\Users\owner\Desktop\mbar
2013-12-31 09:54 - 2013-12-31 09:55 - 12582688 _____ (Malwarebytes Corp.) C:\Users\owner\Desktop\mbar-1.07.0.1008.exe
2013-12-31 00:06 - 2013-12-31 00:06 - 04745728 _____ (AVAST Software) C:\Users\owner\Desktop\aswmbr.exe
2013-12-30 23:18 - 2013-12-30 23:18 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys
2013-12-30 21:44 - 2014-01-05 01:16 - 00000000 _____ C:\Windows\system32\mxcwnah.fft
2013-12-30 21:44 - 2013-12-30 21:54 - 00000102 _____ C:\Users\owner\Desktop\㩃䙜卒屔畑牡湡楴敮Ȁ
2013-12-30 21:28 - 2013-12-30 21:28 - 00219314 _____ C:\Windows\system32\bfjsv.ezv
2013-12-20 10:30 - 2013-12-20 10:30 - 00000756 _____ C:\Users\owner\Downloads\T4Pianos.zip
2013-12-17 00:22 - 2013-12-17 00:23 - 00314334 _____ C:\Users\owner\Desktop\TyRegCom_1.1.0.0.zip
2013-12-16 09:45 - 2013-12-16 09:45 - 00306805 _____ C:\Users\owner\Downloads\Gems9.ZIP
2013-12-14 11:14 - 2013-12-14 11:14 - 00329757 _____ ( ) C:\Users\owner\Downloads\sf2csetup.exe
2013-12-13 20:59 - 2013-12-13 20:59 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-13 20:58 - 2013-12-13 20:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-13 20:58 - 2013-12-13 20:59 - 00000000 ____D C:\Program Files\iTunes
2013-12-13 20:58 - 2013-12-13 20:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-13 20:58 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-01-05 01:22 - 2014-01-04 23:23 - 00020020 _____ C:\Users\owner\Desktop\FRST.txt
2014-01-05 01:20 - 2009-07-13 23:13 - 00779306 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 01:19 - 2010-08-19 02:44 - 01372447 _____ C:\Windows\WindowsUpdate.log
2014-01-05 01:17 - 2014-01-04 23:03 - 00000000 ____D C:\FRST
2014-01-05 01:16 - 2014-01-05 01:16 - 00000087 _____ C:\Windows\system32\qodul.clq
2014-01-05 01:16 - 2014-01-05 01:16 - 00000064 _____ C:\Windows\system32\oznb.gbq
2014-01-05 01:16 - 2013-12-30 21:44 - 00000000 _____ C:\Windows\system32\mxcwnah.fft
2014-01-05 01:16 - 2012-09-14 20:42 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 01:16 - 2010-08-19 02:47 - 00235812 _____ C:\Windows\PFRO.log
2014-01-05 01:16 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 01:16 - 2009-07-13 22:51 - 00114039 _____ C:\Windows\setupact.log
2014-01-05 01:13 - 2013-01-04 10:04 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
2014-01-05 01:11 - 2012-04-05 21:01 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
2014-01-05 00:53 - 2012-09-14 20:42 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-05 00:45 - 2012-09-21 14:45 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 23:24 - 2014-01-04 23:24 - 00031910 _____ C:\Users\owner\Desktop\Addition.txt
2014-01-04 23:12 - 2014-01-04 23:12 - 00002396 _____ C:\Users\owner\Desktop\JRT.txt
2014-01-04 23:04 - 2014-01-04 23:04 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 23:01 - 2014-01-04 23:00 - 01931368 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2014-01-04 23:00 - 2009-07-13 22:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 23:00 - 2009-07-13 22:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 22:52 - 2013-12-31 10:43 - 00000000 ____D C:\AdwCleaner
2014-01-04 22:50 - 2014-01-04 22:50 - 01036305 _____ (Thisisu) C:\Users\owner\Desktop\JRT.exe
2014-01-04 22:44 - 2014-01-04 22:25 - 01233962 _____ C:\Users\owner\Desktop\AdwCleaner.exe
2014-01-04 22:35 - 2012-05-22 20:32 - 00139930 _____ C:\Users\owner\Downloads\OTL.Txt
2014-01-04 22:30 - 2012-04-05 21:01 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
2014-01-04 22:27 - 2013-01-04 10:04 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
2014-01-03 15:41 - 2014-01-03 15:41 - 00001358 _____ C:\Users\owner\Desktop\checkup.txt
2014-01-03 15:38 - 2014-01-03 15:38 - 00987410 _____ C:\Users\owner\Desktop\SecurityCheck.exe
2014-01-03 15:03 - 2013-12-31 09:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-03 15:03 - 2013-12-31 09:55 - 00000000 ____D C:\Users\owner\Desktop\mbar
2014-01-03 14:49 - 2013-12-31 09:56 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-02 01:14 - 2012-11-20 11:51 - 00000039 ___RH C:\Users\owner\Desktop\stinger.opt
2014-01-02 01:14 - 2012-11-20 11:44 - 00000000 ____D C:\Program Files (x86)\stinger
2014-01-02 00:58 - 2014-01-02 00:58 - 00008408 _____ C:\Users\owner\Desktop\SophosVirusRemovalTool.log
2014-01-01 23:05 - 2014-01-01 23:05 - 00003205 _____ C:\Users\owner\Desktop\Sophos Virus Removal Tool.lnk
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-01-01 23:05 - 2014-01-01 23:05 - 00000000 ____D C:\ProgramData\Sophos
2014-01-01 23:04 - 2014-01-01 23:04 - 00000000 ____D C:\Program Files (x86)\Sophos
2014-01-01 22:51 - 2014-01-01 22:50 - 04101441 _____ C:\Users\owner\Downloads\tdsskiller.zip
2013-12-31 14:14 - 2013-12-31 14:14 - 00005514 _____ C:\Users\owner\Desktop\Results.log
2013-12-31 12:20 - 2013-12-31 12:20 - 00377856 _____ C:\Users\owner\Downloads\e8mw2nz9.exe
2013-12-31 12:00 - 2013-12-31 11:35 - 00000000 ____D C:\Qoobox
2013-12-31 12:00 - 2011-04-15 12:45 - 00000000 ____D C:\Users\owner\AppData\Local\Apps\2.0
2013-12-31 11:59 - 2013-12-31 11:59 - 00019448 _____ C:\ComboFix.txt
2013-12-31 11:47 - 2009-07-13 20:34 - 00000215 _____ C:\Windows\system.ini
2013-12-31 11:34 - 2013-12-31 11:29 - 05160176 ____R (Swearware) C:\Users\owner\Desktop\ComboFix.exe
2013-12-31 11:34 - 2012-09-21 14:46 - 00000000 ____D C:\Windows\erdnt
2013-12-31 10:54 - 2013-12-31 10:54 - 00002496 _____ C:\Users\owner\Desktop\AdwCleaner[S0].txt
2013-12-31 10:41 - 2012-12-11 23:46 - 00000000 ____D C:\Users\owner\Desktop\RK_Quarantine
2013-12-31 10:30 - 2013-12-31 10:26 - 00001637 _____ C:\Users\owner\Desktop\RKreport[0]_S_12312013_102659.txt
2013-12-31 10:26 - 2013-12-31 10:26 - 05434368 _____ (Intel Corporation) C:\Windows\system32\Drivers\netw5v64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01485312 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 01403440 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00947776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00389120 _____ (Marvell) C:\Windows\system32\Drivers\yk62x64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00374664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00367168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00363584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00344680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00292864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL6.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00271872 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00232992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00224832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00217680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00214096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00187264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00183872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00171600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00155216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00140352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00134944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00104016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00071760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054784 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033792 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00030080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027520 _____ (Research In Motion Limited) C:\Windows\system32\Drivers\RimUsb_AMD64.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00027136 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serscan.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-31 10:26 - 2013-12-31 10:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-31 10:26 - 2013-12-31 10:25 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 10610400 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 02736640 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00751616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00334416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00290368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00178752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00155728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00077888 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00043320 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\Accelerometer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00032880 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\clwvd.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00030008 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\hpdskflt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00014416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-31 10:25 - 2013-12-31 10:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-31 10:20 - 2013-12-31 10:20 - 04406784 _____ C:\Users\owner\Downloads\RogueKillerX64.exe
2013-12-31 09:55 - 2013-12-31 09:54 - 12582688 _____ (Malwarebytes Corp.) C:\Users\owner\Desktop\mbar-1.07.0.1008.exe
2013-12-31 00:49 - 2012-09-19 18:58 - 00003940 _____ C:\Users\owner\Desktop\aswMBR.txt
2013-12-31 00:49 - 2012-09-19 18:58 - 00000512 _____ C:\Users\owner\Desktop\MBR.dat
2013-12-31 00:06 - 2013-12-31 00:06 - 04745728 _____ (AVAST Software) C:\Users\owner\Desktop\aswmbr.exe
2013-12-31 00:03 - 2012-05-22 20:32 - 00089244 _____ C:\Users\owner\Downloads\Extras.Txt
2013-12-30 23:18 - 2013-12-30 23:18 - 00208216 _____ (Kaspersky Lab, GERT) C:\Windows\system32\Drivers\16170844.sys
2013-12-30 21:54 - 2013-12-30 21:44 - 00000102 _____ C:\Users\owner\Desktop\㩃䙜卒屔畑牡湡楴敮Ȁ
2013-12-30 21:28 - 2013-12-30 21:28 - 00219314 _____ C:\Windows\system32\bfjsv.ezv
2013-12-30 21:28 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-12-20 10:32 - 2011-04-15 12:45 - 00000000 ____D C:\Users\owner\AppData\Local\Deployment
2013-12-20 10:30 - 2013-12-20 10:30 - 00000756 _____ C:\Users\owner\Downloads\T4Pianos.zip
2013-12-17 12:01 - 2013-10-29 14:50 - 00000000 ____D C:\Users\owner\AppData\Local\Ndrics
2013-12-17 00:23 - 2013-12-17 00:22 - 00314334 _____ C:\Users\owner\Desktop\TyRegCom_1.1.0.0.zip
2013-12-17 00:23 - 2011-04-15 12:45 - 00000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tyros Utility
2013-12-16 09:45 - 2013-12-16 09:45 - 00306805 _____ C:\Users\owner\Downloads\Gems9.ZIP
2013-12-15 09:56 - 2013-08-14 02:01 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 09:53 - 2010-11-21 13:33 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 11:16 - 2011-09-21 08:53 - 00001976 _____ C:\Users\owner\Desktop\Style Format 2 Converter.lnk
2013-12-14 11:16 - 2011-09-21 08:53 - 00000000 ____D C:\Program Files (x86)\StyleFormat2Converter
2013-12-14 11:14 - 2013-12-14 11:14 - 00329757 _____ ( ) C:\Users\owner\Downloads\sf2csetup.exe
2013-12-13 20:59 - 2013-12-13 20:59 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-13 20:59 - 2013-12-13 20:58 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-13 20:59 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files\iTunes
2013-12-13 20:59 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-13 20:58 - 2013-12-13 20:58 - 00000000 ____D C:\Program Files\iPod
2013-12-13 20:07 - 2010-11-21 13:48 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-12-12 21:42 - 2012-10-27 12:10 - 00000000 ____D C:\Users\owner\AppData\Local\Abelssoft
2013-12-12 17:00 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-12 03:01 - 2011-05-19 12:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 22:13 - 2011-07-22 09:34 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForowner
2013-12-11 22:13 - 2011-07-22 09:34 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForowner.job
2013-12-11 13:45 - 2012-09-21 14:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 13:45 - 2012-05-21 14:04 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 13:45 - 2011-05-17 10:16 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-08 12:17 - 2012-10-16 12:34 - 00000000 ____D C:\Users\owner\AppData\Local\Windows Live
2013-12-06 15:10 - 2012-09-14 20:43 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-06 15:08 - 2013-01-04 10:04 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA
2013-12-06 15:08 - 2013-01-04 10:04 - 00003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core

Some content of TEMP:
====================
C:\Users\owner\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-07-13 18:00] - [2009-07-13 19:41] - 0510464 ____A (Microsoft Corporation) DEE32A34A46EFD97ADADABAE8D97B20D

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-20 15:56

==================== End Of Log ============================
  • 0

#12
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by owner at 2014-01-05 01:23:57
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AccmeWare FileBulldog Toolbar (x32 Version: - )
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
AD Sound Recorder 5.4.4 (x32 Version: - Adrosoft)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 9.0.45.0 (x32 Version: - All Software By 3PEHR)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609 - Adobe Systems, Inc)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (x32 Version: 9.2 - Atheros)
Ayat (x32 Version: 1.2.0 - UNKNOWN)
Ayat (x32 Version: 1.2.0 - UNKNOWN) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
BusinessCards MX (x32 Version: 4.74 - MOJOSOFT)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (x32 Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dBpoweramp Ogg Vorbis Codec (x32 Version: Release 21 (Vorbis v1.3.2) - Illustrate)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth (x32 Version: 6.0.3.2197 - Google)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (x32 Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (Version: 14.0 - HP)
HP Documentation (x32 Version: 1.1.1.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (x32 Version: 1.0.1.3 - WildTangent)
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4215 - Hewlett-Packard) Hidden
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.9.0 - Hewlett-Packard)
HP Photo Creations (x32 Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0 - HP)
HP Power Manager (x32 Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.1.4186.3400 - Hewlett-Packard)
HP Smart Web Printing 4.60 (Version: 4.60 - HP)
HP Software Framework (x32 Version: 4.1.8.1 - Hewlett-Packard Company)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Support Assistant (x32 Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HP Wireless Assistant (Version: 4.0.9.0 - Hewlett-Packard Company)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
iCloud (Version: 3.0.2.163 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6292.0 - IDT)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2141 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001 - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
JetMP3 (x32 Version: 1.0517.1205 - JetMP3)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (x32 Version: 6.0.4 - )
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LG USB Modem driver (x32 Version: - )
LightScribe System Software (x32 Version: 1.18.16.1 - LightScribe)
Malwarebytes Anti-Malware version 1.65.0.1400 (x32 Version: 1.65.0.1400 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 10.0 (x86 en-US) (x32 Version: 10.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nimbuzz 2.2.1 (x32 Version: 2.2.1 - Nimbuzz B.V.)
Passware Kit Enterprise 9.7 (x32 Version: 9.7.1665 - Passware)
Payroll Accounting 2010 (x32 Version: 7.00.000 - )
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
Producer (x32 Version: - )
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RabbitTV (HKCU Version: 1.0.0.8 - RabbitTV.com)
RCA Detective™ 2.0.0.99 (x32 Version: - RCA)
RCA Digital Voice Manager 5.1.1.2 (x32 Version: - RCA)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 15.0.4 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010 - Realtek)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
SanDiskSecureAccess_Manager.exe (HKCU Version: 1.0.0 - DMAILER)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (Version: 14.0 - HP)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (x32 Version: 2.4 - Sophos Limited)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Stellarium 0.11.0 (x32 Version: - )
Style Format 2 Converter 1.17 (x32 Version: - )
Style ReMixer 1.11 (x32 Version: - )
Style Works 2000 Universal v1.99 (x32 Version: - )
Synaptics Pointing Device Driver (Version: 15.2.4.4 - Synaptics Incorporated)
TomTom HOME (x32 Version: 2.9.5 - TomTom)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Tyros Global Registration Bank Changer (HKCU Version: 1.1.3.0 - Tyros Utility)
Tyros Registration File Composer (HKCU Version: 1.1.0.0 - Tyros Utility)
Tyros Registration Memory Editor (HKCU Version: 1.0.5.0 - Tyros Utility)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
USB Disk Security (x32 Version: - Zbshareware Lab)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows 7 Manager (Version: 2.1.7 - Yamicsoft)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR archiver (x32 Version: - )
XTNDConnect Blue Manager 1.0.8 (x32 Version: - )
YAMAHA Tyros2 Voice Editor (x32 Version: 1.0 - YAMAHA)
YouTube Song Downloader (x32 Version: 8.2 - Abelssoft)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

22-12-2013 17:15:22 Windows Update
25-12-2013 18:10:05 Windows Update
29-12-2013 18:08:45 Windows Update
31-12-2013 16:18:08 Malwarebytes Anti-Rootkit Restore Point
01-01-2014 20:09:23 Windows Update
02-01-2014 05:04:12 Installed Sophos Virus Removal Tool.
05-01-2014 04:29:44 Windows Update
05-01-2014 06:44:39 Removed Java™ 6 Update 20 (64-bit)
05-01-2014 06:45:42 Removed Java™ 6 Update 31
05-01-2014 06:46:41 Removed Java™ 7 Update 5
05-01-2014 06:48:15 Removed JavaFX 2.1.1

==================== Hosts content: ==========================

2009-07-13 20:34 - 2012-09-22 09:08 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0817E63B-71D1-4816-A1C1-CB4786639CCD} - System32\Tasks\تنظيف القرص => cleanmger.exe
Task: {2D4D33F2-177F-45C4-B092-B9D35688A12C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EB7605F-A3F1-47E4-828B-515402F302A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {2EF9A146-2484-4F6D-92F2-4C16015A8F28} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {37F2C7F7-1724-4785-A4AF-0090B2E6E0A3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3819350281-2328988450-3692428702-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {39D1D2E6-0408-48B0-B6EE-C109E590C3A5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {48CC6C6B-62AE-4474-86C2-E79B95CECDA3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5688CBF9-8D38-47C5-96B9-A5B4C9A9DD0B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {8B96FCD4-4E6E-4E1B-AF6C-E22FE2EC1FB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {8E25C054-5044-4F05-B8A0-27C6FF7FD0BB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {9215A94B-6E29-4116-98B3-15716D65A4BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14] (Google Inc.)
Task: {A9C9F9A5-8957-4AA8-9DB6-98FBF907A9D0} - System32\Tasks\Disk cleanup => C:\Windows\System32\cleanmgr.exe [2009-07-13] (Microsoft Corporation)
Task: {ADDE07C7-C9CA-45A5-8DF5-B3B3EC3B1C88} - System32\Tasks\HPCeeScheduleForowner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {BEB256E6-D11C-497F-A843-119F3B645C2B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)
Task: {C39B27C0-BD3E-4D6C-AEE2-2F354B6D3CA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {DF8A0FA3-F5CC-430C-85F2-FF0A1BD6DB95} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3819350281-2328988450-3692428702-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job => C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForowner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2011-02-03 17:03 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-16 13:48 - 2010-06-16 13:48 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-06-16 13:48 - 2010-06-16 13:48 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-06-16 13:48 - 2010-06-16 13:48 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 10654208 _____ () C:\Program Files (x86)\Nimbuzz\QtWebKit4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00263680 _____ () C:\Program Files (x86)\Nimbuzz\phonon4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 07942656 _____ () C:\Program Files (x86)\Nimbuzz\QtGui4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 02256384 _____ () C:\Program Files (x86)\Nimbuzz\QtCore4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00952832 _____ () C:\Program Files (x86)\Nimbuzz\QtNetwork4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00584192 _____ () C:\Program Files (x86)\Nimbuzz\QtSql4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00336384 _____ () C:\Program Files (x86)\Nimbuzz\QtXml4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00026624 _____ () C:\Program Files (x86)\Nimbuzz\imageformats\qgif4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00193024 _____ () C:\Program Files (x86)\Nimbuzz\imageformats\qjpeg4.dll
2012-02-28 07:53 - 2012-02-28 07:53 - 00219648 _____ () C:\Program Files (x86)\Nimbuzz\imageformats\qmng4.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/05/2014 01:16:18 AM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (01/05/2014 00:34:21 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-01-02 01:01:48.420
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SCTBootDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-01-02 01:01:48.295
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SCTBootDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-21 15:53:33.264
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-21 15:53:33.186
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 3893.86 MB
Available physical RAM: 1830.63 MB
Total Pagefile: 7785.86 MB
Available Pagefile: 5521.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.2 GB) (Free:354.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.26 GB) (Free:2.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: DF196081)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
  • 0

#13
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-05 01:30:40
-----------------------------
01:30:40.303 OS Version: Windows x64 6.1.7600
01:30:40.303 Number of processors: 4 586 0x2502
01:30:40.304 ComputerName: OWNER-HP UserName: owner
01:30:43.903 Initialize success
01:32:47.740 AVAST engine defs: 14010300
01:34:34.652 The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"
  • 0

#14
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
ComboFix 14-01-04.03 - owner 01/05/2014 1:55.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3894.1444 [GMT -6:00]
Running from: c:\users\owner\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Files Created from 2013-12-05 to 2014-01-05 )))))))))))))))))))))))))))))))
.
.
2014-01-05 08:07 . 2014-01-05 08:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-05 08:07 . 2014-01-05 08:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-05 07:17 . 2014-01-05 07:17 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4AD1367-EACB-4DB4-A117-5A4639C3374B}\offreg.dll
2014-01-05 05:33 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4AD1367-EACB-4DB4-A117-5A4639C3374B}\mpengine.dll
2014-01-05 05:04 . 2014-01-05 05:04 -------- d-----w- c:\windows\ERUNT
2014-01-05 05:03 . 2014-01-05 07:17 -------- d-----w- C:\FRST
2014-01-03 17:36 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-02 05:05 . 2014-01-02 05:05 -------- d-----w- c:\programdata\Sophos
2014-01-02 05:05 . 2014-01-02 05:05 73728 ----a-r- c:\users\owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-01-02 05:05 . 2014-01-02 05:05 73728 ----a-r- c:\users\owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-01-02 05:05 . 2014-01-02 05:05 73728 ----a-r- c:\users\owner\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-01-02 05:04 . 2014-01-02 05:04 -------- d-----w- c:\program files (x86)\Sophos
2013-12-31 16:43 . 2014-01-05 04:52 -------- d-----w- C:\AdwCleaner
2013-12-31 16:25 . 2013-12-31 16:25 10610400 ----a-w- c:\windows\system32\drivers\igdkmd64.sys.bak
2013-12-31 15:57 . 2014-01-03 21:03 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-12-31 15:56 . 2014-01-03 20:49 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-12-31 05:18 . 2013-12-31 05:18 208216 ----a-w- c:\windows\system32\drivers\16170844.sys
2013-12-14 02:58 . 2013-12-14 02:58 -------- d-----w- c:\program files\iPod
2013-12-14 02:58 . 2013-12-14 02:59 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-14 02:58 . 2013-12-14 02:59 -------- d-----w- c:\program files\iTunes
2013-12-14 02:58 . 2013-12-14 02:59 -------- d-----w- c:\program files (x86)\iTunes
2013-12-06 21:27 . 2013-10-19 17:16 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E81A5DEB-6F97-48F4-89EE-1600054DB558}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-15 15:53 . 2010-11-21 19:33 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 19:45 . 2012-09-21 20:45 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:45 . 2011-05-17 16:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-19 10:21 . 2010-11-21 19:34 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-19 17:16 . 2011-08-11 12:53 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[7] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\erdnt\cache64\rpcss.dll
[7] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[-] 2009-07-14 . DEE32A34A46EFD97ADADABAE8D97B20D . 510464 . . [6.1.7600.16385] .. c:\windows\system32\rpcss.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-10 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-06-16 2736128]
"Nimbuzz"="c:\program files (x86)\Nimbuzz\Nimbuzz.exe" [2012-04-19 12549632]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"BTUSRBDG"="BtUsrBdg.exe" [2002-06-19 53248]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-05-20 296056]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-14 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 20:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 21:08 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-21 19:45]
.
2014-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
- c:\users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-06 21:06]
.
2014-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
- c:\users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-06 21:06]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-15 02:42]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-15 02:42]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000Core.job
- c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-04 02:47]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3819350281-2328988450-3692428702-1000UA.job
- c:\users\owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-04 02:47]
.
2013-12-12 c:\windows\Tasks\HPCeeScheduleForowner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-23 487424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-29 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-29 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-29 415256]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uStart Page = https://elearning.ki...edu/default.asp
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 97.64.183.164 97.64.209.37
DPF: {7253A666-804A-1107-A4DC-00E04C504788} - hxxp://67.228.181.207:1990/inc/bmc.cab
DPF: {7253A666-804A-1108-A3DC-00E04C504788} - hxxp://67.228.181.207:1990/inc/bmchat.cab
DPF: {7253A666-804A-1108-A4DC-00E04C504788} - hxxp://67.228.181.207:1990/inc/bmchat.cab
FF - ProfilePath - c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\cvea1g3c.default\
FF - prefs.js: browser.startup.homepage - hxxps://elearning.kirkwood.edu/default.asp
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2011-05-27 13:21; [email protected]; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-dBpoweramp Ogg Vorbis Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-JetMP3 - c:\users\owner\AppData\Local\jetmp3\uninst.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-05 02:22:42
ComboFix-quarantined-files.txt 2014-01-05 08:22
ComboFix2.txt 2013-12-31 17:59
.
Pre-Run: 379,581,284,352 bytes free
Post-Run: 379,717,840,896 bytes free
.
- - End Of File - - 677A08DE163965B7236215C2D979B06F
  • 0

#15
alhawi

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
02:36:43.0291 0x15dc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
02:36:50.0992 0x15dc ============================================================
02:36:50.0992 0x15dc Current date / time: 2014/01/05 02:36:50.0992
02:36:50.0992 0x15dc SystemInfo:
02:36:50.0992 0x15dc
02:36:50.0992 0x15dc OS Version: 6.1.7600 ServicePack: 0.0
02:36:50.0992 0x15dc Product type: Workstation
02:36:50.0993 0x15dc ComputerName: OWNER-HP
02:36:50.0993 0x15dc UserName: owner
02:36:50.0993 0x15dc Windows directory: C:\Windows
02:36:50.0993 0x15dc System windows directory: C:\Windows
02:36:50.0993 0x15dc Running under WOW64
02:36:50.0993 0x15dc Processor architecture: Intel x64
02:36:50.0993 0x15dc Number of processors: 4
02:36:50.0993 0x15dc Page size: 0x1000
02:36:50.0993 0x15dc Boot type: Normal boot
02:36:50.0993 0x15dc ============================================================
02:36:53.0197 0x15dc KLMD registered as C:\Windows\system32\drivers\77636457.sys
02:36:53.0790 0x15dc System UUID: {9CB73429-80D2-A68D-DD84-8E65CDABD9C2}
02:36:55.0173 0x15dc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:36:55.0303 0x15dc ============================================================
02:36:55.0303 0x15dc \Device\Harddisk0\DR0:
02:36:55.0305 0x15dc MBR partitions:
02:36:55.0305 0x15dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
02:36:55.0305 0x15dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C68800
02:36:55.0305 0x15dc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37CCC800, BlocksNum 0x2685800
02:36:55.0305 0x15dc \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
02:36:55.0305 0x15dc ============================================================
02:36:55.0371 0x15dc C: <-> \Device\Harddisk0\DR0\Partition2
02:36:55.0422 0x15dc D: <-> \Device\Harddisk0\DR0\Partition3
02:36:55.0423 0x15dc ============================================================
02:36:55.0423 0x15dc Initialize success
02:36:55.0423 0x15dc ============================================================
02:38:31.0150 0x0370 ============================================================
02:38:31.0150 0x0370 Scan started
02:38:31.0150 0x0370 Mode: Manual; SigCheck; TDLFS;
02:38:31.0150 0x0370 ============================================================
02:38:31.0150 0x0370 KSN ping started
02:38:34.0052 0x0370 KSN ping finished: true
02:38:34.0858 0x0370 ================ Scan system memory ========================
02:38:34.0858 0x0370 System memory - ok
02:38:34.0859 0x0370 ================ Scan services =============================
02:38:35.0061 0x0370 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
02:38:35.0168 0x0370 1394ohci - ok
02:38:35.0250 0x0370 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
02:38:35.0276 0x0370 Accelerometer - ok
02:38:35.0351 0x0370 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
02:38:35.0387 0x0370 ACPI - ok
02:38:35.0410 0x0370 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
02:38:35.0457 0x0370 AcpiPmi - ok
02:38:35.0553 0x0370 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:38:35.0574 0x0370 AdobeARMservice - ok
02:38:35.0711 0x0370 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:38:35.0731 0x0370 AdobeFlashPlayerUpdateSvc - ok
02:38:35.0812 0x0370 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
02:38:35.0859 0x0370 adp94xx - ok
02:38:35.0896 0x0370 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
02:38:35.0946 0x0370 adpahci - ok
02:38:35.0999 0x0370 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
02:38:36.0024 0x0370 adpu320 - ok
02:38:36.0074 0x0370 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
02:38:36.0150 0x0370 AeLookupSvc - ok
02:38:36.0241 0x0370 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
02:38:36.0279 0x0370 AESTFilters - ok
02:38:36.0353 0x0370 [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
02:38:36.0445 0x0370 AFD - ok
02:38:36.0500 0x0370 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
02:38:36.0520 0x0370 agp440 - ok
02:38:36.0556 0x0370 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
02:38:36.0641 0x0370 ALG - ok
02:38:36.0678 0x0370 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
02:38:36.0694 0x0370 aliide - ok
02:38:36.0731 0x0370 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
02:38:36.0750 0x0370 amdide - ok
02:38:36.0789 0x0370 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
02:38:36.0843 0x0370 AmdK8 - ok
02:38:36.0863 0x0370 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
02:38:36.0894 0x0370 AmdPPM - ok
02:38:36.0938 0x0370 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata C:\Windows\system32\drivers\amdsata.sys
02:38:36.0957 0x0370 amdsata - ok
02:38:37.0010 0x0370 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
02:38:37.0036 0x0370 amdsbs - ok
02:38:37.0060 0x0370 [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata C:\Windows\system32\drivers\amdxata.sys
02:38:37.0078 0x0370 amdxata - ok
02:38:37.0133 0x0370 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
02:38:37.0176 0x0370 AppID - ok
02:38:37.0203 0x0370 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
02:38:37.0282 0x0370 AppIDSvc - ok
02:38:37.0305 0x0370 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
02:38:37.0332 0x0370 Appinfo - ok
02:38:37.0413 0x0370 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:38:37.0430 0x0370 Apple Mobile Device - ok
02:38:37.0475 0x0370 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
02:38:37.0494 0x0370 arc - ok
02:38:37.0519 0x0370 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
02:38:37.0537 0x0370 arcsas - ok
02:38:37.0622 0x0370 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:38:37.0641 0x0370 aspnet_state - ok
02:38:37.0673 0x0370 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
02:38:37.0746 0x0370 AsyncMac - ok
02:38:37.0776 0x0370 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
02:38:37.0796 0x0370 atapi - ok
02:38:37.0935 0x0370 [ 40734F3A5EEC4C4AC6A1FAF10B293714, 069885A5EED99E51E5D8621CF5174DCCC6C56B3F950A11C14A3A97A8DADD9D5C ] athr C:\Windows\system32\DRIVERS\athrx.sys
02:38:38.0122 0x0370 athr - ok
02:38:38.0195 0x0370 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
02:38:38.0323 0x0370 AudioEndpointBuilder - ok
02:38:38.0362 0x0370 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
02:38:38.0435 0x0370 AudioSrv - ok
02:38:38.0491 0x0370 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
02:38:38.0519 0x0370 AxInstSV - ok
02:38:38.0559 0x0370 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
02:38:38.0650 0x0370 b06bdrv - ok
02:38:38.0686 0x0370 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
02:38:38.0730 0x0370 b57nd60a - ok
02:38:38.0754 0x0370 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
02:38:38.0789 0x0370 BDESVC - ok
02:38:38.0807 0x0370 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
02:38:38.0870 0x0370 Beep - ok
02:38:38.0931 0x0370 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
02:38:39.0026 0x0370 BFE - ok
02:38:39.0096 0x0370 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\system32\qmgr.dll
02:38:39.0242 0x0370 BITS - ok
02:38:39.0266 0x0370 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
02:38:39.0299 0x0370 blbdrive - ok
02:38:39.0364 0x0370 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
02:38:39.0401 0x0370 Bonjour Service - ok
02:38:39.0444 0x0370 [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
02:38:39.0484 0x0370 bowser - ok
02:38:39.0513 0x0370 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:38:39.0546 0x0370 BrFiltLo - ok
02:38:39.0563 0x0370 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:38:39.0586 0x0370 BrFiltUp - ok
02:38:39.0621 0x0370 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
02:38:39.0701 0x0370 BridgeMP - ok
02:38:39.0731 0x0370 [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser C:\Windows\System32\browser.dll
02:38:39.0772 0x0370 Browser - ok
02:38:39.0795 0x0370 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
02:38:39.0856 0x0370 Brserid - ok
02:38:39.0870 0x0370 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
02:38:39.0928 0x0370 BrSerWdm - ok
02:38:39.0953 0x0370 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
02:38:39.0999 0x0370 BrUsbMdm - ok
02:38:40.0017 0x0370 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
02:38:40.0046 0x0370 BrUsbSer - ok
02:38:40.0101 0x0370 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
02:38:40.0166 0x0370 BthEnum - ok
02:38:40.0186 0x0370 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
02:38:40.0223 0x0370 BTHMODEM - ok
02:38:40.0253 0x0370 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
02:38:40.0290 0x0370 BthPan - ok
02:38:40.0333 0x0370 [ D59773C7FDD3D795D6FE402EEEA8D71E, 9A26A1A3254D7BCDFADFFC9FD5D1A53A3DF12AC874FB2525AD33B87E42EFC5B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
02:38:40.0379 0x0370 BTHPORT - ok
02:38:40.0424 0x0370 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
02:38:40.0495 0x0370 bthserv - ok
02:38:40.0513 0x0370 [ 8504842634DD144C075B6B0C982CCEC4, BFBB8D67F146FBD4813BB8B29A3865C222966DA2B043732A5BCD759A40F4E5CE ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
02:38:40.0544 0x0370 BTHUSB - ok
02:38:40.0582 0x0370 catchme - ok
02:38:40.0607 0x0370 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
02:38:40.0691 0x0370 cdfs - ok
02:38:40.0720 0x0370 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
02:38:40.0781 0x0370 cdrom - ok
02:38:40.0835 0x0370 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
02:38:40.0906 0x0370 CertPropSvc - ok
02:38:40.0951 0x0370 [ EA3333DB9AB03106EEC0D6D9D487ED01, 4102A1D212221800CD83DCAFAF54BA55140AAB4A490F3779624F1EE832B04441 ] CinemaNow Service C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
02:38:41.0009 0x0370 CinemaNow Service - ok
02:38:41.0042 0x0370 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
02:38:41.0079 0x0370 circlass - ok
02:38:41.0102 0x0370 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
02:38:41.0138 0x0370 CLFS - ok
02:38:41.0191 0x0370 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:38:41.0207 0x0370 clr_optimization_v2.0.50727_32 - ok
02:38:41.0250 0x0370 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:38:41.0266 0x0370 clr_optimization_v2.0.50727_64 - ok
02:38:41.0340 0x0370 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:38:41.0418 0x0370 clr_optimization_v4.0.30319_32 - ok
02:38:41.0442 0x0370 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:38:41.0481 0x0370 clr_optimization_v4.0.30319_64 - ok
02:38:41.0516 0x0370 [ 9573E8C7C3B3D1625FD941841FD0859C, FDAB4FA6F6C249D6BC7BA73DBB70CBD99CA62BB4989A73A3A01929FC8DF26D62 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
02:38:41.0545 0x0370 clwvd - ok
02:38:41.0577 0x0370 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
02:38:41.0608 0x0370 CmBatt - ok
02:38:41.0646 0x0370 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
02:38:41.0662 0x0370 cmdide - ok
02:38:41.0704 0x0370 [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG C:\Windows\system32\Drivers\cng.sys
02:38:41.0775 0x0370 CNG - ok
02:38:41.0789 0x0370 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
02:38:41.0807 0x0370 Compbatt - ok
02:38:41.0839 0x0370 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
02:38:41.0878 0x0370 CompositeBus - ok
02:38:41.0895 0x0370 COMSysApp - ok
02:38:41.0914 0x0370 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
02:38:41.0932 0x0370 crcdisk - ok
02:38:41.0971 0x0370 [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc C:\Windows\system32\cryptsvc.dll
02:38:42.0022 0x0370 CryptSvc - ok
02:38:42.0074 0x0370 [ DEE32A34A46EFD97ADADABAE8D97B20D, F513E56AF9AC83D7015C1755CBA8C6711B05EA9FB15030A817C3218172C37533 ] DcomLaunch C:\Windows\system32\rpcss.dll
02:38:42.0129 0x0370 DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
02:38:45.0168 0x0370 Object is SCO, delete is not allowed
02:38:45.0168 0x0370 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
02:38:59.0388 0x0370 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
02:38:59.0467 0x0370 defragsvc - ok
02:38:59.0516 0x0370 [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
02:38:59.0553 0x0370 DfsC - ok
02:38:59.0590 0x0370 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
02:38:59.0677 0x0370 Dhcp - ok
02:38:59.0696 0x0370 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
02:38:59.0758 0x0370 discache - ok
02:38:59.0797 0x0370 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
02:38:59.0819 0x0370 Disk - ok
02:38:59.0857 0x0370 [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
02:38:59.0891 0x0370 Dnscache - ok
02:38:59.0916 0x0370 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
02:39:00.0008 0x0370 dot3svc - ok
02:39:00.0050 0x0370 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
02:39:00.0116 0x0370 DPS - ok
02:39:00.0143 0x0370 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
02:39:00.0180 0x0370 drmkaud - ok
02:39:00.0247 0x0370 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
02:39:00.0325 0x0370 DXGKrnl - ok
02:39:00.0350 0x0370 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
02:39:00.0427 0x0370 EapHost - ok
02:39:00.0559 0x0370 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
02:39:00.0800 0x0370 ebdrv - ok
02:39:00.0890 0x0370 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
02:39:00.0936 0x0370 EFS - ok
02:39:01.0011 0x0370 [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
02:39:01.0075 0x0370 ehRecvr - ok
02:39:01.0120 0x0370 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
02:39:01.0164 0x0370 ehSched - ok
02:39:01.0217 0x0370 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
02:39:01.0295 0x0370 elxstor - ok
02:39:01.0326 0x0370 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
02:39:01.0359 0x0370 ErrDev - ok
02:39:01.0424 0x0370 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
02:39:01.0511 0x0370 EventSystem - ok
02:39:01.0549 0x0370 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
02:39:01.0608 0x0370 exfat - ok
02:39:01.0646 0x0370 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
02:39:01.0710 0x0370 fastfat - ok
02:39:01.0755 0x0370 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
02:39:01.0848 0x0370 Fax - ok
02:39:01.0872 0x0370 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
02:39:01.0914 0x0370 fdc - ok
02:39:01.0955 0x0370 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
02:39:02.0007 0x0370 fdPHost - ok
02:39:02.0025 0x0370 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
02:39:02.0087 0x0370 FDResPub - ok
02:39:02.0097 0x0370 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
02:39:02.0115 0x0370 FileInfo - ok
02:39:02.0132 0x0370 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
02:39:02.0225 0x0370 Filetrace - ok
02:39:02.0246 0x0370 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
02:39:02.0279 0x0370 flpydisk - ok
02:39:02.0312 0x0370 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
02:39:02.0356 0x0370 FltMgr - ok
02:39:02.0438 0x0370 [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache C:\Windows\system32\FntCache.dll
02:39:02.0545 0x0370 FontCache - ok
02:39:02.0577 0x0370 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:39:02.0589 0x0370 FontCache3.0.0.0 - ok
02:39:02.0635 0x0370 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
02:39:02.0695 0x0370 FsDepends - ok
02:39:02.0723 0x0370 [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
02:39:02.0740 0x0370 Fs_Rec - ok
02:39:02.0795 0x0370 [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
02:39:02.0835 0x0370 fvevol - ok
02:39:02.0861 0x0370 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
02:39:02.0882 0x0370 gagp30kx - ok
02:39:03.0121 0x0370 [ CE16683CFD11FE70BDE435DDA5EA1FCA, 43D850361F2B5C9389F7FABC3C62BD1517349C03834F436579DD01CFD09919F4 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
02:39:03.0143 0x0370 GameConsoleService - ok
02:39:03.0232 0x0370 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:39:03.0245 0x0370 GEARAspiWDM - ok
02:39:03.0290 0x0370 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
02:39:03.0372 0x0370 gpsvc - ok
02:39:03.0459 0x0370 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:39:03.0478 0x0370 gupdate - ok
02:39:03.0500 0x0370 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:39:03.0517 0x0370 gupdatem - ok
02:39:03.0567 0x0370 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:39:03.0581 0x0370 gusvc - ok
02:39:03.0616 0x0370 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
02:39:03.0652 0x0370 hcw85cir - ok
02:39:03.0680 0x0370 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
02:39:03.0727 0x0370 HdAudAddService - ok
02:39:03.0761 0x0370 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
02:39:03.0804 0x0370 HDAudBus - ok
02:39:03.0851 0x0370 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
02:39:03.0871 0x0370 HECIx64 - ok
02:39:03.0901 0x0370 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
02:39:03.0973 0x0370 HidBatt - ok
02:39:04.0009 0x0370 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
02:39:04.0042 0x0370 HidBth - ok
02:39:04.0066 0x0370 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
02:39:04.0103 0x0370 HidIr - ok
02:39:04.0142 0x0370 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
02:39:04.0206 0x0370 hidserv - ok
02:39:04.0259 0x0370 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
02:39:04.0307 0x0370 HidUsb - ok
02:39:04.0340 0x0370 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
02:39:04.0406 0x0370 hkmsvc - ok
02:39:04.0447 0x0370 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
02:39:04.0494 0x0370 HomeGroupListener - ok
02:39:04.0527 0x0370 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
02:39:04.0598 0x0370 HomeGroupProvider - ok
02:39:04.0658 0x0370 [ 3A09322A8AA8B0C79036686A0EBE7B4C, A110ECBBD9A0EDAA134B95F9FB3428F33F7629480ABCF36F58891837EE1B04C0 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
02:39:04.0716 0x0370 HP Wireless Assistant Service - ok
02:39:04.0749 0x0370 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
02:39:04.0798 0x0370 hpdskflt - ok
02:39:04.0883 0x0370 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
02:39:04.0905 0x0370 hpqcxs08 - ok
02:39:04.0943 0x0370 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
02:39:04.0961 0x0370 hpqddsvc - ok
02:39:05.0088 0x0370 [ 0955C23C041451FB4E7099D6B2CF1C06, AF63822F24865D8B549C1CF213602EBA605D87BEC1D6E2F769CFA598D0B00818 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
02:39:05.0430 0x0370 hpqwmiex - ok
02:39:05.0481 0x0370 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
02:39:05.0503 0x0370 HpSAMD - ok
02:39:05.0584 0x0370 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
02:39:05.0698 0x0370 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
02:39:08.0536 0x0370 Detect skipped due to KSN trusted
02:39:08.0536 0x0370 HPSLPSVC - ok
02:39:08.0556 0x0370 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
02:39:08.0573 0x0370 hpsrv - ok
02:39:08.0625 0x0370 [ F630DD7564EBB7248A13B1CC774D9EA6, 53BDFDB7177606DCBB5098A417542F181487227FB73C5C93BE1275752D2C002A ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
02:39:08.0678 0x0370 HPWMISVC - ok
02:39:08.0757 0x0370 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
02:39:08.0890 0x0370 HTTP - ok
02:39:08.0906 0x0370 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
02:39:08.0924 0x0370 hwpolicy - ok
02:39:08.0962 0x0370 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
02:39:08.0984 0x0370 i8042prt - ok
02:39:09.0037 0x0370 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
02:39:09.0070 0x0370 iaStor - ok
02:39:09.0122 0x0370 [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
02:39:09.0159 0x0370 iaStorV - ok
02:39:09.0243 0x0370 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:39:09.0290 0x0370 idsvc - ok
02:39:09.0770 0x0370 [ 1BE8D9CA4F2363B8E8015621878E0043, 695B5F88A6F6943156D033DAA86188F50308AD71FCF26CF0AEDF7E23F774FB56 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
02:39:10.0395 0x0370 igfx - ok
02:39:10.0430 0x0370 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
02:39:10.0448 0x0370 iirsp - ok
02:39:10.0498 0x0370 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
02:39:10.0597 0x0370 IKEEXT - ok
02:39:10.0643 0x0370 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
02:39:10.0687 0x0370 Impcd - ok
02:39:10.0729 0x0370 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
02:39:10.0798 0x0370 IntcDAud - ok
02:39:10.0831 0x0370 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
02:39:10.0845 0x0370 intelide - ok
02:39:10.0873 0x0370 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
02:39:10.0905 0x0370 intelppm - ok
02:39:10.0915 0x0370 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
02:39:10.0974 0x0370 IPBusEnum - ok
02:39:10.0991 0x0370 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:39:11.0055 0x0370 IpFilterDriver - ok
02:39:11.0087 0x0370 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
02:39:11.0184 0x0370 iphlpsvc - ok
02:39:11.0203 0x0370 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
02:39:11.0238 0x0370 IPMIDRV - ok
02:39:11.0263 0x0370 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
02:39:11.0352 0x0370 IPNAT - ok
02:39:11.0434 0x0370 [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
02:39:11.0482 0x0370 iPod Service - ok
02:39:11.0503 0x0370 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
02:39:11.0540 0x0370 IRENUM - ok
02:39:11.0558 0x0370 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
02:39:11.0576 0x0370 isapnp - ok
02:39:11.0600 0x0370 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
02:39:11.0633 0x0370 iScsiPrt - ok
02:39:11.0659 0x0370 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
02:39:11.0678 0x0370 kbdclass - ok
02:39:11.0721 0x0370 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
02:39:11.0753 0x0370 kbdhid - ok
02:39:11.0773 0x0370 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
02:39:11.0816 0x0370 KeyIso - ok
02:39:11.0849 0x0370 [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
02:39:11.0867 0x0370 KSecDD - ok
02:39:11.0884 0x0370 [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
02:39:11.0917 0x0370 KSecPkg - ok
02:39:11.0935 0x0370 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
02:39:12.0003 0x0370 ksthunk - ok
02:39:12.0038 0x0370 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
02:39:12.0137 0x0370 KtmRm - ok
02:39:12.0174 0x0370 [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\System32\srvsvc.dll
02:39:12.0236 0x0370 LanmanServer - ok
02:39:12.0260 0x0370 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
02:39:12.0340 0x0370 LanmanWorkstation - ok
02:39:12.0408 0x0370 [ 07B1888209C54B675FFCCBDE9F06D2C6, F80DA304CEFC062D4E604C0A7A2B60361161F259FBE8E94332F6BAD640630D23 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
02:39:12.0497 0x0370 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
02:39:15.0537 0x0370 Detect skipped due to KSN trusted
02:39:15.0537 0x0370 LightScribeService - ok
02:39:15.0583 0x0370 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
02:39:15.0648 0x0370 lltdio - ok
02:39:15.0682 0x0370 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
02:39:15.0774 0x0370 lltdsvc - ok
02:39:15.0795 0x0370 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
02:39:15.0847 0x0370 lmhosts - ok
02:39:15.0922 0x0370 [ 6D515466AB8BFE61184092B635AE6EB4, 86CEF8700AF4D848DCF5DF217A7588C04F7F0BCEEB10B971E7C0368D8F8E1FAC ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
02:39:15.0955 0x0370 LMS - ok
02:39:15.0995 0x0370 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
02:39:16.0016 0x0370 LSI_FC - ok
02:39:16.0038 0x0370 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
02:39:16.0061 0x0370 LSI_SAS - ok
02:39:16.0077 0x0370 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:39:16.0098 0x0370 LSI_SAS2 - ok
02:39:16.0117 0x0370 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:39:16.0140 0x0370 LSI_SCSI - ok
02:39:16.0172 0x0370 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
02:39:16.0258 0x0370 luafv - ok
02:39:16.0293 0x0370 [ B9FC4CCE5758B816F27DD4D1EED11841, 0EDA4AA5850C516B3E49C3CF7872E34B0B9CA813B449FB49351E3E8AD2D4A189 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
02:39:16.0310 0x0370 MBAMProtector - ok
02:39:16.0373 0x0370 [ 0DCF16B1449811EFA47AB52CAC84093C, B4B918676836ABB1E300AD8F887A7C6A793EB124A681C94758027B96702F6B5A ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
02:39:16.0415 0x0370 MBAMScheduler - ok
02:39:16.0453 0x0370 [ 9EAABA4D601004BEA4DAA6E146E19A96, 2AA2EB2E1C6B292269BBC896CBFFF2B630A4BA832630A159B5B1B36B52A53D6F ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
02:39:16.0505 0x0370 MBAMService - ok
02:39:16.0525 0x0370 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
02:39:16.0557 0x0370 Mcx2Svc - ok
02:39:16.0588 0x0370 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
02:39:16.0610 0x0370 megasas - ok
02:39:16.0662 0x0370 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
02:39:16.0695 0x0370 MegaSR - ok
02:39:16.0726 0x0370 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
02:39:16.0787 0x0370 MMCSS - ok
02:39:16.0816 0x0370 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
02:39:16.0890 0x0370 Modem - ok
02:39:16.0919 0x0370 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
02:39:16.0958 0x0370 monitor - ok
02:39:16.0979 0x0370 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
02:39:16.0996 0x0370 mouclass - ok
02:39:17.0025 0x0370 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
02:39:17.0062 0x0370 mouhid - ok
02:39:17.0084 0x0370 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
02:39:17.0107 0x0370 mountmgr - ok
02:39:17.0150 0x0370 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
02:39:17.0197 0x0370 MpFilter - ok
02:39:17.0219 0x0370 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
02:39:17.0241 0x0370 mpio - ok
02:39:17.0257 0x0370 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
02:39:17.0317 0x0370 mpsdrv - ok
02:39:17.0376 0x0370 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
02:39:17.0488 0x0370 MpsSvc - ok
02:39:17.0506 0x0370 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
02:39:17.0545 0x0370 MRxDAV - ok
02:39:17.0579 0x0370 [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
02:39:17.0620 0x0370 mrxsmb - ok
02:39:17.0673 0x0370 [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:39:17.0787 0x0370 mrxsmb10 - ok
02:39:17.0810 0x0370 [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:39:17.0864 0x0370 mrxsmb20 - ok
02:39:17.0890 0x0370 [ 5E939CF91EA4A841DBAFE4627E0292BB, C6C132215ABF7BE46BEC4222E4255CA210A972AC3C6E14B636BB291AC3243E8E ] msahci C:\Windows\system32\DRIVERS\msahci.sys
02:39:17.0922 0x0370 msahci - ok
02:39:17.0949 0x0370 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
02:39:17.0989 0x0370 msdsm - ok
02:39:18.0020 0x0370 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
02:39:18.0052 0x0370 MSDTC - ok
02:39:18.0082 0x0370 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
02:39:18.0143 0x0370 Msfs - ok
02:39:18.0161 0x0370 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
02:39:18.0220 0x0370 mshidkmdf - ok
02:39:18.0240 0x0370 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
02:39:18.0259 0x0370 msisadrv - ok
02:39:18.0299 0x0370 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
02:39:18.0407 0x0370 MSiSCSI - ok
02:39:18.0412 0x0370 msiserver - ok
02:39:18.0438 0x0370 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
02:39:18.0527 0x0370 MSKSSRV - ok
02:39:18.0607 0x0370 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
02:39:18.0629 0x0370 MsMpSvc - ok
02:39:18.0648 0x0370 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
02:39:18.0720 0x0370 MSPCLOCK - ok
02:39:18.0736 0x0370 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
02:39:18.0804 0x0370 MSPQM - ok
02:39:18.0833 0x0370 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
02:39:18.0885 0x0370 MsRPC - ok
02:39:18.0905 0x0370 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
02:39:18.0922 0x0370 mssmbios - ok
02:39:18.0933 0x0370 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
02:39:18.0999 0x0370 MSTEE - ok
02:39:19.0011 0x0370 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
02:39:19.0045 0x0370 MTConfig - ok
02:39:19.0071 0x0370 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
02:39:19.0093 0x0370 Mup - ok
02:39:19.0133 0x0370 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
02:39:19.0241 0x0370 napagent - ok
02:39:19.0279 0x0370 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
02:39:19.0362 0x0370 NativeWifiP - ok
02:39:19.0421 0x0370 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
02:39:19.0492 0x0370 NDIS - ok
02:39:19.0511 0x0370 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
02:39:19.0569 0x0370 NdisCap - ok
02:39:19.0601 0x0370 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
02:39:19.0651 0x0370 NdisTapi - ok
02:39:19.0685 0x0370 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
02:39:19.0738 0x0370 Ndisuio - ok
02:39:19.0755 0x0370 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
02:39:19.0818 0x0370 NdisWan - ok
02:39:19.0837 0x0370 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
02:39:19.0900 0x0370 NDProxy - ok
02:39:19.0937 0x0370 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
02:39:19.0982 0x0370 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:39:23.0014 0x0370 Detect skipped due to KSN trusted
02:39:23.0014 0x0370 Net Driver HPZ12 - ok
02:39:23.0034 0x0370 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
02:39:23.0110 0x0370 NetBIOS - ok
02:39:23.0134 0x0370 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
02:39:23.0225 0x0370 NetBT - ok
02:39:23.0242 0x0370 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
02:39:23.0257 0x0370 Netlogon - ok
02:39:23.0291 0x0370 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
02:39:23.0404 0x0370 Netman - ok
02:39:23.0440 0x0370 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:39:23.0462 0x0370 NetMsmqActivator - ok
02:39:23.0470 0x0370 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:39:23.0486 0x0370 NetPipeActivator - ok
02:39:23.0520 0x0370 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
02:39:23.0612 0x0370 netprofm - ok
02:39:23.0621 0x0370 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:39:23.0636 0x0370 NetTcpActivator - ok
02:39:23.0643 0x0370 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:39:23.0657 0x0370 NetTcpPortSharing - ok
02:39:23.0897 0x0370 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
02:39:24.0267 0x0370 netw5v64 - ok
02:39:24.0306 0x0370 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
02:39:24.0324 0x0370 nfrd960 - ok
02:39:24.0375 0x0370 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
02:39:24.0399 0x0370 NisDrv - ok
02:39:24.0446 0x0370 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
02:39:24.0476 0x0370 NisSrv - ok
02:39:24.0507 0x0370 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
02:39:24.0587 0x0370 NlaSvc - ok
02:39:24.0633 0x0370 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
02:39:24.0750 0x0370 Npfs - ok
02:39:24.0778 0x0370 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
02:39:24.0831 0x0370 nsi - ok
02:39:24.0847 0x0370 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
02:39:24.0920 0x0370 nsiproxy - ok
02:39:25.0020 0x0370 [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
02:39:25.0138 0x0370 Ntfs - ok
02:39:25.0159 0x0370 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
02:39:25.0223 0x0370 Null - ok
02:39:25.0258 0x0370 [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid C:\Windows\system32\drivers\nvraid.sys
02:39:25.0278 0x0370 nvraid - ok
02:39:25.0322 0x0370 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor C:\Windows\system32\drivers\nvstor.sys
02:39:25.0355 0x0370 nvstor - ok
02:39:25.0376 0x0370 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
02:39:25.0408 0x0370 nv_agp - ok
02:39:25.0475 0x0370 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
02:39:25.0504 0x0370 odserv - ok
02:39:25.0530 0x0370 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
02:39:25.0568 0x0370 ohci1394 - ok
02:39:25.0618 0x0370 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:39:25.0638 0x0370 ose - ok
02:39:25.0698 0x0370 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
02:39:25.0766 0x0370 p2pimsvc - ok
02:39:25.0790 0x0370 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
02:39:25.0835 0x0370 p2psvc - ok
02:39:25.0853 0x0370 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
02:39:25.0878 0x0370 Parport - ok
02:39:25.0910 0x0370 [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr C:\Windows\system32\drivers\partmgr.sys
02:39:25.0926 0x0370 partmgr - ok
02:39:25.0947 0x0370 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
02:39:26.0000 0x0370 PcaSvc - ok
02:39:26.0027 0x0370 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
02:39:26.0063 0x0370 pci - ok
02:39:26.0080 0x0370 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
02:39:26.0094 0x0370 pciide - ok
02:39:26.0133 0x0370 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
02:39:26.0163 0x0370 pcmcia - ok
02:39:26.0200 0x0370 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
02:39:26.0227 0x0370 pcw - ok
02:39:26.0265 0x0370 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
02:39:26.0385 0x0370 PEAUTH - ok
02:39:26.0444 0x0370 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
02:39:26.0475 0x0370 PerfHost - ok
02:39:26.0559 0x0370 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
02:39:26.0710 0x0370 pla - ok
02:39:26.0756 0x0370 [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
02:39:26.0821 0x0370 PlugPlay - ok
02:39:26.0871 0x0370 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
02:39:26.0895 0x0370 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
02:39:29.0897 0x0370 Detect skipped due to KSN trusted
02:39:29.0897 0x0370 Pml Driver HPZ12 - ok
02:39:29.0919 0x0370 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
02:39:29.0989 0x0370 PNRPAutoReg - ok
02:39:30.0020 0x0370 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
02:39:30.0054 0x0370 PNRPsvc - ok
02:39:30.0090 0x0370 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
02:39:30.0183 0x0370 PolicyAgent - ok
02:39:30.0218 0x0370 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
02:39:30.0293 0x0370 Power - ok
02:39:30.0331 0x0370 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
02:39:30.0385 0x0370 PptpMiniport - ok
02:39:30.0407 0x0370 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
02:39:30.0440 0x0370 Processor - ok
02:39:30.0487 0x0370 [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc C:\Windows\system32\profsvc.dll
02:39:30.0579 0x0370 ProfSvc - ok
02:39:30.0602 0x0370 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
02:39:30.0619 0x0370 ProtectedStorage - ok
02:39:30.0674 0x0370 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
02:39:30.0739 0x0370 Psched - ok
02:39:30.0820 0x0370 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
02:39:30.0932 0x0370 ql2300 - ok
02:39:30.0955 0x0370 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
02:39:30.0978 0x0370 ql40xx - ok
02:39:31.0021 0x0370 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
02:39:31.0089 0x0370 QWAVE - ok
02:39:31.0113 0x0370 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
02:39:31.0155 0x0370 QWAVEdrv - ok
02:39:31.0167 0x0370 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
02:39:31.0265 0x0370 RasAcd - ok
02:39:31.0293 0x0370 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
02:39:31.0366 0x0370 RasAgileVpn - ok
02:39:31.0386 0x0370 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
02:39:31.0468 0x0370 RasAuto - ok
02:39:31.0487 0x0370 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
02:39:31.0590 0x0370 Rasl2tp - ok
02:39:31.0634 0x0370 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
02:39:31.0736 0x0370 RasMan - ok
02:39:31.0747 0x0370 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
02:39:31.0810 0x0370 RasPppoe - ok
02:39:31.0829 0x0370 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
02:39:31.0908 0x0370 RasSstp - ok
02:39:31.0949 0x0370 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
02:39:32.0033 0x0370 rdbss - ok
02:39:32.0065 0x0370 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
02:39:32.0095 0x0370 rdpbus - ok
02:39:32.0113 0x0370 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
02:39:32.0163 0x0370 RDPCDD - ok
02:39:32.0183 0x0370 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
02:39:32.0259 0x0370 RDPENCDD - ok
02:39:32.0281 0x0370 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
02:39:32.0332 0x0370 RDPREFMP - ok
02:39:32.0363 0x0370 [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
02:39:32.0429 0x0370 RDPWD - ok
02:39:32.0460 0x0370 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
02:39:32.0492 0x0370 rdyboost - ok
02:39:32.0528 0x0370 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
02:39:32.0617 0x0370 RemoteAccess - ok
02:39:32.0645 0x0370 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
02:39:32.0737 0x0370 RemoteRegistry - ok
02:39:32.0771 0x0370 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
02:39:32.0822 0x0370 RFCOMM - ok
02:39:32.0868 0x0370 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
02:39:32.0908 0x0370 RimUsb - ok
02:39:32.0928 0x0370 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
02:39:32.0985 0x0370 RpcEptMapper - ok
02:39:33.0017 0x0370 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
02:39:33.0064 0x0370 RpcLocator - ok
02:39:33.0130 0x0370 [ DEE32A34A46EFD97ADADABAE8D97B20D, F513E56AF9AC83D7015C1755CBA8C6711B05EA9FB15030A817C3218172C37533 ] RpcSs C:\Windows\System32\rpcss.dll
02:39:33.0162 0x0370 RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
02:39:33.0162 0x0370 Object is SCO, delete is not allowed
02:39:33.0162 0x0370 RpcSs ( UnsignedFile.Multi.Generic ) - warning
02:39:36.0041 0x0370 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
02:39:36.0120 0x0370 rspndr - ok
02:39:36.0159 0x0370 [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
02:39:36.0188 0x0370 RSUSBSTOR - ok
02:39:36.0218 0x0370 [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
02:39:36.0253 0x0370 RTL8167 - ok
02:39:36.0270 0x0370 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
02:39:36.0288 0x0370 SamSs - ok
02:39:36.0310 0x0370 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
02:39:36.0330 0x0370 sbp2port - ok
02:39:36.0363 0x0370 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
02:39:36.0447 0x0370 SCardSvr - ok
02:39:36.0465 0x0370 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
02:39:36.0533 0x0370 scfilter - ok
02:39:36.0603 0x0370 [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
02:39:36.0731 0x0370 Schedule - ok
02:39:36.0760 0x0370 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
02:39:36.0840 0x0370 SCPolicySvc - ok
02:39:36.0896 0x0370 [ 54E47AD086782D3AE9417C155CDCEB9B, 5143DC43B89F9143A56505FA20841AF15E7785A87F88195B08B3E09B87472A07 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
02:39:36.0959 0x0370 sdbus - ok
02:39:36.0997 0x0370 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
02:39:37.0050 0x0370 SDRSVC - ok
02:39:37.0070 0x0370 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
02:39:37.0132 0x0370 secdrv - ok
02:39:37.0147 0x0370 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
02:39:37.0250 0x0370 seclogon - ok
02:39:37.0270 0x0370 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
02:39:37.0334 0x0370 SENS - ok
02:39:37.0372 0x0370 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
02:39:37.0404 0x0370 SensrSvc - ok
02:39:37.0430 0x0370 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
02:39:37.0448 0x0370 Serenum - ok
02:39:37.0470 0x0370 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
02:39:37.0492 0x0370 Serial - ok
02:39:37.0509 0x0370 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
02:39:37.0539 0x0370 sermouse - ok
02:39:37.0573 0x0370 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
02:39:37.0629 0x0370 SessionEnv - ok
02:39:37.0649 0x0370 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
02:39:37.0689 0x0370 sffdisk - ok
02:39:37.0710 0x0370 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
02:39:37.0740 0x0370 sffp_mmc - ok
02:39:37.0758 0x0370 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
02:39:37.0791 0x0370 sffp_sd - ok
02:39:37.0812 0x0370 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
02:39:37.0829 0x0370 sfloppy - ok
02:39:37.0879 0x0370 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
02:39:37.0973 0x0370 SharedAccess - ok
02:39:38.0015 0x0370 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
02:39:38.0089 0x0370 ShellHWDetection - ok
02:39:38.0110 0x0370 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:39:38.0128 0x0370 SiSRaid2 - ok
02:39:38.0146 0x0370 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
02:39:38.0165 0x0370 SiSRaid4 - ok
02:39:38.0233 0x0370 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
02:39:38.0254 0x0370 SkypeUpdate - ok
02:39:38.0273 0x0370 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
02:39:38.0351 0x0370 Smb - ok
02:39:38.0389 0x0370 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
02:39:38.0420 0x0370 SNMPTRAP - ok
02:39:38.0435 0x0370 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
02:39:38.0451 0x0370 spldr - ok
02:39:38.0499 0x0370 [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler C:\Windows\System32\spoolsv.exe
02:39:38.0561 0x0370 Spooler - ok
02:39:38.0715 0x0370 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
02:39:38.0940 0x0370 sppsvc - ok
02:39:38.0966 0x0370 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
02:39:39.0055 0x0370 sppuinotify - ok
02:39:39.0102 0x0370 [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys
02:39:39.0156 0x0370 srv - ok
02:39:39.0176 0x0370 [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
02:39:39.0223 0x0370 srv2 - ok
02:39:39.0269 0x0370 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
02:39:39.0347 0x0370 SrvHsfHDA - ok
02:39:39.0424 0x0370 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
02:39:39.0544 0x0370 SrvHsfV92 - ok
02:39:39.0585 0x0370 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
02:39:39.0671 0x0370 SrvHsfWinac - ok
02:39:39.0708 0x0370 [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
02:39:39.0763 0x0370 srvnet - ok
02:39:39.0792 0x0370 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
02:39:39.0876 0x0370 SSDPSRV - ok
02:39:39.0904 0x0370 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
02:39:39.0972 0x0370 SstpSvc - ok
02:39:40.0054 0x0370 [ B00068BA94F5F306911B14B425AAEB56, E340DFD70776D70C12FC93CBE5E9D594A8C7C80A8E5FD06541558E27260B6D8F ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
02:39:40.0094 0x0370 STacSV - ok
02:39:40.0125 0x0370 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
02:39:40.0143 0x0370 stexstor - ok
02:39:40.0180 0x0370 [ DA40D9C9CCB9836D6ABD1706935A2277, 743BC896974BA79EDE353F0AF2272591EAAAAFB27D6F498F58AFC7A0BADD9AEA ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
02:39:40.0241 0x0370 STHDA - ok
02:39:40.0265 0x0370 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
02:39:40.0289 0x0370 StillCam - ok
02:39:40.0334 0x0370 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
02:39:40.0397 0x0370 stisvc - ok
02:39:40.0430 0x0370 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
02:39:40.0444 0x0370 swenum - ok
02:39:40.0480 0x0370 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
02:39:40.0580 0x0370 swprv - ok
02:39:40.0698 0x0370 [ 33E6A285DAA5134D8EA2247914C86C09, 927A99CB3598F6F8F52ADDE125B72AFF011CBEC8F2EC0BC3569ED3899C4FBFC9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
02:39:40.0839 0x0370 SynTP - ok
02:39:40.0923 0x0370 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
02:39:41.0056 0x0370 SysMain - ok
02:39:41.0080 0x0370 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
02:39:41.0117 0x0370 TabletInputService - ok
02:39:41.0144 0x0370 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
02:39:41.0243 0x0370 TapiSrv - ok
02:39:41.0267 0x0370 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
02:39:41.0321 0x0370 TBS - ok
02:39:41.0416 0x0370 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
02:39:41.0529 0x0370 Tcpip - ok
02:39:41.0632 0x0370 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
02:39:41.0730 0x0370 TCPIP6 - ok
02:39:41.0763 0x0370 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
02:39:41.0830 0x0370 tcpipreg - ok
02:39:41.0848 0x0370 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
02:39:41.0890 0x0370 TDPIPE - ok
02:39:41.0917 0x0370 [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
02:39:41.0979 0x0370 TDTCP - ok
02:39:42.0003 0x0370 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
02:39:42.0088 0x0370 tdx - ok
02:39:42.0112 0x0370 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
02:39:42.0129 0x0370 TermDD - ok
02:39:42.0177 0x0370 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
02:39:42.0295 0x0370 TermService - ok
02:39:42.0316 0x0370 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
02:39:42.0353 0x0370 Themes - ok
02:39:42.0378 0x0370 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
02:39:42.0435 0x0370 THREADORDER - ok
02:39:42.0496 0x0370 [ 0765EE4A7A0D6609BF91CA2E4700E885, 5E2459639CE5D100B15CD5E6077C4D8C0ECD66DD94DA1881B5722B22AA906853 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
02:39:42.0514 0x0370 TomTomHOMEService - ok
02:39:42.0534 0x0370 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
02:39:42.0626 0x0370 TrkWks - ok
02:39:42.0679 0x0370 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
02:39:42.0705 0x0370 TrustedInstaller - ok
02:39:42.0718 0x0370 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
02:39:42.0776 0x0370 tssecsrv - ok
02:39:42.0811 0x0370 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
02:39:42.0878 0x0370 tunnel - ok
02:39:42.0925 0x0370 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
02:39:42.0943 0x0370 uagp35 - ok
02:39:42.0979 0x0370 [ C06E6F4679CEB8F430B90A51D76D8D3C, A403592780F75425F40F8E443EBE83CEF9FA8A20EB9597FBFF691298CE323B57 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
02:39:43.0055 0x0370 udfs - ok
02:39:43.0077 0x0370 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
02:39:43.0113 0x0370 UI0Detect - ok
02:39:43.0133 0x0370 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
02:39:43.0157 0x0370 uliagpkx - ok
02:39:43.0183 0x0370 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
02:39:43.0236 0x0370 umbus - ok
02:39:43.0264 0x0370 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
02:39:43.0295 0x0370 UmPass - ok
02:39:43.0437 0x0370 [ 0FADD949576A164B4E51E716F46B6C33, 34B33EC767FFCF58647090F5293DD1942BA9CDC5AB9976528DE3793EF327D48E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
02:39:43.0538 0x0370 UNS - ok
02:39:43.0566 0x0370 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
02:39:43.0700 0x0370 upnphost - ok
02:39:43.0749 0x0370 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
02:39:43.0820 0x0370 USBAAPL64 - ok
02:39:43.0870 0x0370 [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
02:39:43.0965 0x0370 usbaudio - ok
02:39:43.0997 0x0370 [ 5FCC71487888589A9244AF54CFEFAB29, 26ABD7B15B92231CB3090E888B15673964DC50BEDF65583A3FEA74DD315D5088 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
02:39:44.0029 0x0370 usbbus - ok
02:39:44.0062 0x0370 [ 537A4E03D7103C12D42DFD8FFDB5BDC9, 4E6F43A27E629C9769FAEF305BDCD3D7EDBEE1A98B919AF95CF045407A4297D6 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
02:39:44.0128 0x0370 usbccgp - ok
02:39:44.0166 0x0370 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
02:39:44.0206 0x0370 usbcir - ok
02:39:44.0238 0x0370 [ 3FB6E423F7567C92C32EA786F5FD0C69, E9914DCCC0898497B4300D3D5ED424670551A4C8CB8F4DBF860BB86DBFCEF71A ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
02:39:44.0280 0x0370 UsbDiag - ok
02:39:44.0300 0x0370 [ FBB21EBE49F6D560DB37AC25FBC68E66, 0F7B2F9BB4062FE24698FF6E5738E83B7FDA9E7FDE9206BEF18C8818627FF2CC ] usbehci C:\Windows\system32\drivers\usbehci.sys
02:39:44.0333 0x0370 usbehci - ok
02:39:44.0378 0x0370 [ 6B7A8A99C4A459E73C286A6763EA24CC, 3A8D6AE1D970AAEC4E08B76DB1B2C06AC003AF4F50339416072973E89F660EE2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
02:39:44.0418 0x0370 usbhub - ok
02:39:44.0454 0x0370 [ 78D551F5B93488B4666F5FC8DD4815F3, 04036C917AB2F5ADD556C29BDD767859D48812EAC6081EC6EF510AF2167BE967 ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
02:39:44.0482 0x0370 USBModem - ok
02:39:44.0506 0x0370 [ 8C88AA7617B4CBC2E4BED61D26B33A27, 4575F0DDFF68C5632CBB7BE93A66FFEDD85BD4D4AEE79C44B2EDA4F8642C6EBF ] usbohci C:\Windows\system32\drivers\usbohci.sys
02:39:44.0529 0x0370 usbohci - ok
02:39:44.0558 0x0370 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
02:39:44.0578 0x0370 usbprint - ok
02:39:44.0615 0x0370 [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:39:44.0697 0x0370 USBSTOR - ok
02:39:44.0706 0x0370 [ 0B5B3B2DF3FD1709618ACFA50B8392B0, 19F040A16C86C475DD33D935E6244593EC73FF9F8C872BC060DDD8AE4F3EDB55 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
02:39:44.0731 0x0370 usbuhci - ok
02:39:44.0778 0x0370 [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
02:39:44.0840 0x0370 usbvideo - ok
02:39:44.0869 0x0370 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
02:39:44.0943 0x0370 UxSms - ok
02:39:44.0959 0x0370 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
02:39:44.0973 0x0370 VaultSvc - ok
02:39:45.0003 0x0370 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
02:39:45.0020 0x0370 vdrvroot - ok
02:39:45.0067 0x0370 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
02:39:45.0152 0x0370 vds - ok
02:39:45.0189 0x0370 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
02:39:45.0211 0x0370 vga - ok
02:39:45.0229 0x0370 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
02:39:45.0298 0x0370 VgaSave - ok
02:39:45.0330 0x0370 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
02:39:45.0361 0x0370 vhdmp - ok
02:39:45.0375 0x0370 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
02:39:45.0393 0x0370 viaide - ok
02:39:45.0412 0x0370 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
02:39:45.0433 0x0370 volmgr - ok
02:39:45.0463 0x0370 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
02:39:45.0499 0x0370 volmgrx - ok
02:39:45.0537 0x0370 [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
02:39:45.0574 0x0370 volsnap - ok
02:39:45.0607 0x0370 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
02:39:45.0626 0x0370 vsmraid - ok
02:39:45.0754 0x0370 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
02:39:45.0856 0x0370 VSS - ok
02:39:45.0878 0x0370 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
02:39:45.0912 0x0370 vwifibus - ok
02:39:45.0938 0x0370 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
02:39:45.0982 0x0370 vwififlt - ok
02:39:46.0018 0x0370 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
02:39:46.0120 0x0370 W32Time - ok
02:39:46.0147 0x0370 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
02:39:46.0177 0x0370 WacomPen - ok
02:39:46.0209 0x0370 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
02:39:46.0283 0x0370 WANARP - ok
02:39:46.0290 0x0370 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
02:39:46.0359 0x0370 Wanarpv6 - ok
02:39:46.0442 0x0370 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
02:39:46.0543 0x0370 WatAdminSvc - ok
02:39:46.0618 0x0370 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
02:39:46.0747 0x0370 wbengine - ok
02:39:46.0774 0x0370 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
02:39:46.0805 0x0370 WbioSrvc - ok
02:39:46.0837 0x0370 [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
02:39:46.0905 0x0370 wcncsvc - ok
02:39:46.0918 0x0370 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
02:39:46.0957 0x0370 WcsPlugInService - ok
02:39:46.0983 0x0370 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
02:39:47.0001 0x0370 Wd - ok
02:39:47.0061 0x0370 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
02:39:47.0124 0x0370 Wdf01000 - ok
02:39:47.0142 0x0370 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
02:39:47.0184 0x0370 WdiServiceHost - ok
02:39:47.0194 0x0370 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
02:39:47.0226 0x0370 WdiSystemHost - ok
02:39:47.0270 0x0370 [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
02:39:47.0324 0x0370 WebClient - ok
02:39:47.0347 0x0370 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
02:39:47.0424 0x0370 Wecsvc - ok
02:39:47.0440 0x0370 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
02:39:47.0526 0x0370 wercplsupport - ok
02:39:47.0547 0x0370 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
02:39:47.0617 0x0370 WerSvc - ok
02:39:47.0651 0x0370 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
02:39:47.0734 0x0370 WfpLwf - ok
02:39:47.0746 0x0370 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
02:39:47.0763 0x0370 WIMMount - ok
02:39:47.0771 0x0370 WinDefend - ok
02:39:47.0785 0x0370 WinHttpAutoProxySvc - ok
02:39:47.0828 0x0370 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
02:39:47.0930 0x0370 Winmgmt - ok
02:39:48.0030 0x0370 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
02:39:48.0248 0x0370 WinRM - ok
02:39:48.0287 0x0370 [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
02:39:48.0321 0x0370 WinUsb - ok
02:39:48.0370 0x0370 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
02:39:48.0445 0x0370 Wlansvc - ok
02:39:48.0567 0x0370 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:39:48.0690 0x0370 wlidsvc - ok
02:39:48.0715 0x0370 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
02:39:48.0731 0x0370 WmiAcpi - ok
02:39:48.0760 0x0370 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
02:39:48.0812 0x0370 wmiApSrv - ok
02:39:48.0843 0x0370 WMPNetworkSvc - ok
02:39:48.0856 0x0370 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
02:39:48.0888 0x0370 WPCSvc - ok
02:39:48.0905 0x0370 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
02:39:48.0945 0x0370 WPDBusEnum - ok
02:39:48.0951 0x0370 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
02:39:49.0004 0x0370 ws2ifsl - ok
02:39:49.0033 0x0370 [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\system32\wscsvc.dll
02:39:49.0082 0x0370 wscsvc - ok
02:39:49.0086 0x0370 WSearch - ok
02:39:49.0230 0x0370 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
02:39:49.0346 0x0370 wuauserv - ok
02:39:49.0388 0x0370 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
02:39:49.0440 0x0370 WudfPf - ok
02:39:49.0486 0x0370 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
02:39:49.0521 0x0370 WUDFRd - ok
02:39:49.0550 0x0370 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
02:39:49.0603 0x0370 wudfsvc - ok
02:39:49.0640 0x0370 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
02:39:49.0696 0x0370 WwanSvc - ok
02:39:49.0751 0x0370 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
02:39:49.0815 0x0370 yukonw7 - ok
02:39:49.0825 0x0370 ================ Scan global ===============================
02:39:49.0851 0x0370 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
02:39:49.0890 0x0370 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
02:39:49.0925 0x0370 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
02:39:49.0957 0x0370 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
02:39:49.0992 0x0370 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
02:39:50.0014 0x0370 [ Global ] - ok
02:39:50.0015 0x0370 ================ Scan MBR ==================================
02:39:50.0024 0x0370 [ 8BCB99DF6BA65F7A9FF16F899E5DB152 ] \Device\Harddisk0\DR0
02:39:50.0301 0x0370 \Device\Harddisk0\DR0 - ok
02:39:50.0303 0x0370 ================ Scan VBR ==================================
02:39:50.0306 0x0370 [ F6088F44F6DAC92C82CDEB51B02D9261 ] \Device\Harddisk0\DR0\Partition1
02:39:50.0308 0x0370 \Device\Harddisk0\DR0\Partition1 - ok
02:39:50.0334 0x0370 [ BDF0EE619803563ED647DE996F98FDBD ] \Device\Harddisk0\DR0\Partition2
02:39:50.0335 0x0370 \Device\Harddisk0\DR0\Partition2 - ok
02:39:50.0364 0x0370 [ CC1324E80B696626C4E3D8617AB0C94D ] \Device\Harddisk0\DR0\Partition3
02:39:50.0366 0x0370 \Device\Harddisk0\DR0\Partition3 - ok
02:39:50.0381 0x0370 [ 9AF3090A31498BA36FB6A96EFB7B9481 ] \Device\Harddisk0\DR0\Partition4
02:39:50.0383 0x0370 \Device\Harddisk0\DR0\Partition4 - ok
02:39:50.0384 0x0370 Waiting for KSN requests completion. In queue: 138
02:39:51.0384 0x0370 Waiting for KSN requests completion. In queue: 138
02:39:52.0384 0x0370 Waiting for KSN requests completion. In queue: 138
02:39:53.0551 0x0370 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
02:39:53.0591 0x0370 Win FW state via NFP2: enabled
02:39:56.0416 0x0370 ============================================================
02:39:56.0416 0x0370 Scan finished
02:39:56.0416 0x0370 ============================================================
02:39:56.0426 0x172c Detected object count: 2
02:39:56.0427 0x172c Actual detected object count: 2
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP