Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC power speed and inbox Toolbar won't go away


  • Please log in to reply

#1
CJDesmond

CJDesmond

    New Member

  • Member
  • Pip
  • 5 posts
Thank you in advance for any help you can give me. Dell Inspiron 1121 , Windows 7 Home Premium 64bit. I am having trouble with PC power speed, it won't uninstall. same with inbox toolbar. PC power speed uninstall fails because of missing unis000.msg. I have disabled it in MSCONFIG to stop the annoying popup scan and buy window, but I want it GONE As for inbox toolbar, i select it from the uninstall programs list, click uninstall, a little icon with a disc on it pops on the task bar for a split second, and that is it nothing else happens.It does not uninstall. I also tried the uninstall link in the inbox toolbar folder in the start programs list, a user account control box pops up, I click YES, and again little disc icon on taskbar and NOTHING!!! HELP!! I have seen some of the other topics on this. Hope i did not jump the gun but here are the 4 logs usually asked for.

Rouge Killer

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Greg Duke [Admin rights]
Mode : Scan -- Date : 01/10/2014 03:26:52
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH][DLL] rundll32.exe -- C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll [7] -> rundll32.exe KILLED [TermProc]

¤¤¤ Registry Entries : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : BackgroundContainer ("C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x]) -> FOUND
[DNS][PUM] HKLM\[...]\CCSet\[...]\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B} : NameServer (68.28.137.132 68.28.138.132 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CCSet\[...]\{67B49301-D9F1-491B-A84E-0D8D9EC514E6} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B} : NameServer (68.28.137.132 68.28.138.132 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{67B49301-D9F1-491B-A84E-0D8D9EC514E6} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B} : NameServer (68.28.137.132 68.28.138.132 [UNITED STATES (US) - UNITED STATES (US)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{67B49301-D9F1-491B-A84E-0D8D9EC514E6} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V2][SUSP PATH] BackgroundContainer Startup Task : "C:\Windows\SysWOW64\Rundll32.exe" - "C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun [7][7][x] -> FOUND
[V2][SUSP PATH] Updater26278.exe : C:\Users\Greg - Duke\AppData\Local\Updater26278\Updater26278.exe /extensionid=26278 /extensionname="Solid Savings" /chromeid=cijeeimilokkhlfjombmalgpabbonmah [x][x][x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD2500BEVT-75A23T0 +++++
--- User ---
[MBR] c841405fb684c5931da19a3a6f371657
[BSP] 5e99425481158154ceee13b65236346a : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 11142 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22900736 | Size: 227292 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_01102014_032652.txt >>




aswMBR


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-10 03:34:19
-----------------------------
03:34:19.325 OS Version: Windows x64 6.1.7601 Service Pack 1
03:34:19.325 Number of processors: 4 586 0x2505
03:34:19.325 ComputerName: MYRA-LAPTOP UserName: Greg Duke
03:34:20.480 Initialize success
03:35:06.822 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
03:35:06.822 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
03:35:07.025 Disk 0 MBR read successfully
03:35:07.040 Disk 0 MBR scan
03:35:07.040 Disk 0 Windows VISTA default MBR code
03:35:07.040 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
03:35:07.056 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 81920
03:35:07.072 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 227292 MB offset 22900736
03:35:07.103 Disk 0 scanning C:\Windows\system32\drivers
03:35:42.219 Service scanning
03:35:53.513 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
03:36:15.493 Modules scanning
03:36:15.509 Disk 0 trace - called modules:
03:36:15.540 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
03:36:15.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044e3060]
03:36:15.571 3 CLASSPNP.SYS[fffff88001a9e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa80024ff050]
03:36:15.587 Scan finished successfully
03:37:23.307 Disk 0 MBR has been saved successfully to "C:\Users\Greg Duke\Desktop\MBR.dat"
03:37:23.307 The log file has been saved successfully to "C:\Users\Greg Duke\Desktop\aswMBR.txt"




OTL



OTL logfile created on: 1/10/2014 3:41:13 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Greg Duke\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 41.77% Memory free
3.73 Gb Paging File | 1.90 Gb Available in Paging File | 50.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.96 Gb Total Space | 178.26 Gb Free Space | 80.31% Space Free | Partition Type: NTFS

Computer Name: MYRA-LAPTOP | User Name: Greg Duke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/10 03:14:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Greg Duke\Desktop\OTL.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/09/19 22:21:11 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/08/14 14:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/21 12:48:28 | 003,110,808 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
PRC - [2012/08/13 11:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 11:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/07/08 10:12:32 | 002,749,248 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/07/08 10:10:34 | 004,257,600 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/07/08 10:09:50 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/07/07 17:14:02 | 000,150,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
PRC - [2011/06/09 13:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/01/14 07:30:16 | 000,330,488 | ---- | M] (QUALCOMM, Inc.) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
PRC - [2009/06/24 16:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/28 22:36:28 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\96afc74588c6581e299884469ea0dced\System.Xml.Linq.ni.dll
MOD - [2013/10/28 22:36:13 | 009,923,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\0907f7b4f6806e1b4f5ece93a49865ef\System.Data.Entity.ni.dll
MOD - [2013/10/28 22:34:21 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013/10/28 20:56:33 | 002,157,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\78ae7334cd4505ed06c32045ec670927\ReachFramework.ni.dll
MOD - [2013/10/28 20:56:28 | 001,658,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\5393c55b8dd50b54e60bc59f175478ee\PresentationUI.ni.dll
MOD - [2013/10/28 20:56:25 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/28 20:55:37 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/28 20:55:14 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\abef2d6ca33a18d7af379ee35c64154c\System.Deployment.ni.dll
MOD - [2013/10/28 20:55:08 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/28 20:54:29 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/28 20:54:14 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\65fa27da96ef57affcac61ac16c111e0\System.Security.ni.dll
MOD - [2013/10/28 20:54:01 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\08d05898be584065b797a6dd48d9ad56\System.Configuration.ni.dll
MOD - [2013/09/24 16:20:46 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/09/24 16:20:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/09/08 10:44:40 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\03dc83fbe48384390aed7a455e949789\WindowsFormsIntegration.ni.dll
MOD - [2013/09/08 10:41:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/09/08 10:07:46 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
MOD - [2013/09/08 10:07:24 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/09/08 10:06:50 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll
MOD - [2013/09/08 10:06:49 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll
MOD - [2013/09/08 10:06:48 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/09/08 10:06:40 | 001,117,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c04ee50363f97f7d8163c318a29ae851\System.DirectoryServices.ni.dll
MOD - [2013/09/08 10:06:38 | 001,044,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\079fad14e3994552238179d60fe7d7cb\System.Printing.ni.dll
MOD - [2013/09/08 10:06:03 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3ea679e79eda32e3465d8cf36e838a00\PresentationCFFRasterizer.ni.dll
MOD - [2013/09/08 10:05:47 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/09/08 10:05:43 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\033da6b735d41afaa20309b5e87e2ae0\UIAutomationTypes.ni.dll
MOD - [2013/09/08 10:05:42 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\8f4a3d09bd38a742ccfe4a20a126fff5\UIAutomationProvider.ni.dll
MOD - [2013/09/08 10:05:42 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll
MOD - [2013/09/08 10:05:09 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/09/08 10:05:00 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/09/08 10:04:51 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\28acf866ccc5092b2241bc8206091ba1\Microsoft.VisualC.ni.dll
MOD - [2013/09/08 10:04:49 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/08/10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/07/08 10:12:32 | 002,749,248 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/07/07 17:14:06 | 000,891,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
MOD - [2011/07/07 17:13:10 | 000,251,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
MOD - [2010/11/20 22:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/10 16:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/09 05:21:17 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 18:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/06/29 14:47:12 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/29 14:41:48 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Start_Pending] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 10:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2014/01/02 11:13:59 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/24 19:48:00 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/08/14 14:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/14 02:18:50 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/08 10:09:50 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/14 07:30:16 | 000,330,488 | ---- | M] (QUALCOMM, Inc.) [Auto | Running] -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe -- (QDLService2kDell)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 03:25:27 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/14 03:25:27 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/28 19:02:34 | 010,620,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/31 08:07:04 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/05/31 15:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/05/16 20:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2010/05/16 20:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 20:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/05/07 14:19:58 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/04/15 22:26:28 | 000,319,536 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 18:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/02 16:41:24 | 000,240,640 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbnetdl2k.sys -- (qcusbnetdl2k)
DRV:64bit: - [2010/02/02 16:41:24 | 000,121,216 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys -- (qcusbserdl2k)
DRV:64bit: - [2010/02/02 16:41:24 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys -- (qcfilterdl2k)
DRV:64bit: - [2009/12/22 12:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/15 13:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{E65DEF74-029D-41C0-A5DC-A455BB3A1E30}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{E65DEF74-029D-41C0-A5DC-A455BB3A1E30}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes,DefaultScope = {05C247FE-BCAC-4F59-AAFA-B42C0A8DF6EF}
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{05C247FE-BCAC-4F59-AAFA-B42C0A8DF6EF}: "URL" = http://search.condui...787349316831747
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001de14afbf4
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7RNQN_en
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\..\SearchScopes\{EDF507FE-6AB5-4482-AE84-E5F8B9C4DAE0}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...78888371313578"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7BDF153AFF-6948-45d7-AC98-4FC4AF8A08E2%7D:1.3.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/19 22:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/12/16 08:57:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\Extensions
[2014/01/09 04:19:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\Firefox\Profiles\i5e1hga6.default\extensions
[2013/10/27 19:03:18 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\extensions\[email protected]
[2014/01/09 04:19:57 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/12 21:25:41 | 000,002,352 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\babylon.xml
[2013/01/09 18:48:07 | 000,002,432 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\babylon1.xml
[2013/05/12 21:25:41 | 000,002,352 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\BrowserProtect.xml
[2014/01/08 14:17:06 | 000,001,977 | ---- | M] () -- C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\searchplugins\search-here.xml
[2014/01/02 11:13:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/01/02 11:13:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/02 11:13:12 | 000,000,000 | ---D | M] (SySaver) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2014/01/02 11:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/01/02 11:13:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/02 11:14:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/19 22:23:01 | 000,000,000 | ---D | M] (RealDownloader) -- C:\PROGRAMDATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013/01/09 18:47:38 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - default_search_provider: Yahoo! Search (Enabled)
CHR - default_search_provider: search_url = http://us.yhs4.searc...0731,0,0,6,7635
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Inbox Toolbar = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0\
CHR - Extension: YouTube = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Solid Savings = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah\1.25.17_0\crossrider
CHR - Extension: Solid Savings = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah\1.25.17_0\
CHR - Extension: Google Search = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SySaver = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: RealDownloader = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: MixiDJ V1 = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfjbflachhjbdbhfgknpgcgpchaikkok\10.21.1.507_0\
CHR - Extension: Wajam = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_1\
CHR - Extension: Skype Click to Call = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1563109977-2122601895-824292158-1000..\Run: [BackgroundContainer] C:\Users\Greg Duke\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DA12E24-E39C-44FE-B7F0-A9DE114A30A8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B}: NameServer = 68.28.137.132 68.28.138.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67B49301-D9F1-491B-A84E-0D8D9EC514E6}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0B8BE5A-798C-479C-9383-DCB619DCA8CF}: DhcpNameServer = 68.28.137.132
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\inbox - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/01/10 03:26:47 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/10 03:26:46 | 000,151,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2014/01/10 03:26:46 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/10 03:26:45 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/10 03:26:43 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/10 03:26:42 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/10 03:26:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/10 03:26:41 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/10 03:26:40 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/10 03:26:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/10 03:26:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/10 03:26:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/10 03:26:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/10 03:26:36 | 000,319,536 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2014/01/10 03:26:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/10 03:26:35 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/10 03:26:35 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/10 03:26:35 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/10 03:26:34 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/10 03:26:33 | 000,028,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftredirlh.sys.bak
[2014/01/10 03:26:33 | 000,023,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftvollh.sys.bak
[2014/01/10 03:26:33 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/10 03:26:32 | 000,767,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftfslh.sys.bak
[2014/01/10 03:26:32 | 000,273,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftplaylh.sys.bak
[2014/01/10 03:26:31 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/10 03:26:29 | 000,245,792 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys.bak
[2014/01/10 03:26:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/10 03:26:29 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/10 03:26:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/10 03:26:25 | 000,240,640 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbnetdl2k.sys.bak
[2014/01/10 03:26:25 | 000,121,216 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys.bak
[2014/01/10 03:26:25 | 000,006,400 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys.bak
[2014/01/10 03:26:24 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/10 03:26:24 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/10 03:26:23 | 000,041,280 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysNative\drivers\PCASp50a64.sys.bak
[2014/01/10 03:26:20 | 000,084,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2014/01/10 03:26:17 | 007,689,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys.bak
[2014/01/10 03:26:17 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/10 03:26:08 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/10 03:26:08 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/10 03:26:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/10 03:26:07 | 000,074,280 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2014/01/10 03:26:05 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/10 03:26:04 | 000,317,440 | ---- | C] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2014/01/10 03:26:03 | 000,158,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys.bak
[2014/01/10 03:26:00 | 010,620,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/10 03:25:59 | 000,540,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014/01/10 03:25:58 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/10 03:25:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/10 03:25:57 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/10 03:25:56 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/10 03:25:56 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/10 03:25:56 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/10 03:25:55 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/10 03:25:53 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/10 03:25:52 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/10 03:25:51 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/10 03:25:51 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/10 03:25:51 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/10 03:25:51 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/10 03:25:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/10 03:25:50 | 000,224,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtAudDrv.sys.bak
[2014/01/10 03:25:50 | 000,172,704 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtClsFlt.sys.bak
[2014/01/10 03:25:50 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/10 03:25:49 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/10 03:25:48 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/10 03:25:47 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/10 03:25:46 | 000,175,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpmp.sys.bak
[2014/01/10 03:25:46 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpusb.sys.bak
[2014/01/10 03:25:45 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/10 03:25:45 | 000,071,168 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpenum.sys.bak
[2014/01/10 03:25:45 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/10 03:25:44 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/10 03:25:43 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/10 03:25:43 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/10 03:25:43 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/10 03:25:40 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/10 03:18:45 | 000,000,000 | ---D | C] -- C:\Users\Greg Duke\Desktop\RK_Quarantine
[2014/01/10 03:13:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Greg Duke\Desktop\OTL.exe
[2014/01/10 03:06:10 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Greg Duke\Desktop\aswMBR.exe
[2014/01/09 05:25:26 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/01/09 05:21:33 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/09 05:21:33 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/09 05:21:25 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/09 05:21:25 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/09 05:21:24 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/09 05:21:24 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/09 05:21:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/09 05:21:24 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/09 05:21:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/09 05:21:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/09 05:21:24 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:23 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/01/09 05:21:23 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/09 05:21:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/09 05:21:23 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/09 05:21:23 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/09 05:21:23 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/09 05:21:23 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/09 05:21:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/09 05:21:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/09 05:21:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/09 05:21:23 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/09 05:21:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/09 05:21:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/09 05:21:22 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/09 05:21:22 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/01/09 05:21:22 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/09 05:21:22 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/09 05:21:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/09 05:21:22 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/09 05:21:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/09 05:21:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/09 05:21:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/09 05:21:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/09 05:21:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/09 05:21:21 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/09 05:21:21 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/09 05:21:21 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/09 05:21:20 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/09 05:21:20 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/09 05:21:20 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/09 05:21:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/09 05:21:19 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/01/09 05:21:19 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/01/09 05:21:19 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/09 05:21:19 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/09 05:21:19 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/09 05:21:19 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/09 05:21:19 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/09 05:21:19 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/09 05:21:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/09 05:21:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/09 05:21:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:18 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/01/09 05:21:18 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/09 05:21:18 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/01/09 05:21:18 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/09 05:21:18 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/09 05:21:18 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/09 05:21:18 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/09 05:21:18 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/01/09 05:21:18 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/09 05:21:18 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/09 05:21:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/01/09 05:21:18 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/09 05:21:18 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/09 05:21:18 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/09 05:21:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/01/09 05:21:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/01/09 05:21:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/09 05:21:17 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/09 05:21:17 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/09 05:21:17 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/09 05:21:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/01/09 05:21:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/09 05:21:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/09 05:21:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/01/09 05:21:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/09 05:21:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/09 05:21:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/01/09 02:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPowerSpeed
[2014/01/02 11:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/01/02 10:56:34 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/01/02 10:56:30 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/01/02 10:53:24 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/01/02 10:53:21 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/01/02 10:52:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/24 22:26:13 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/12/24 22:25:31 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/12/24 22:25:31 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/12/24 22:25:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/12/24 22:25:30 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/12/24 22:25:30 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/12/24 22:24:50 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/12/24 22:24:50 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/12/24 22:24:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/12/24 22:24:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/12/24 22:24:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/12/24 22:10:08 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/24 22:10:07 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/24 22:10:06 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/24 22:10:00 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/24 22:09:50 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/12/24 22:03:00 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/12/24 22:02:59 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/12/24 22:02:58 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/12/24 22:02:57 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/12/24 22:00:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/24 21:59:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/24 21:59:56 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/24 21:59:34 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/24 21:59:30 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/24 21:59:30 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/24 20:43:55 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/24 20:43:55 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/24 19:46:19 | 008,699,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/10 03:54:36 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2014/01/10 03:37:23 | 000,000,512 | ---- | M] () -- C:\Users\Greg Duke\Desktop\MBR.dat
[2014/01/10 03:26:47 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/10 03:26:46 | 000,151,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2014/01/10 03:26:46 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/10 03:26:45 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/10 03:26:43 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/10 03:26:42 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/10 03:26:41 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/10 03:26:41 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/10 03:26:40 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/10 03:26:40 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/10 03:26:39 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/10 03:26:39 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/10 03:26:38 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/10 03:26:36 | 000,319,536 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2014/01/10 03:26:36 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/10 03:26:35 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/10 03:26:35 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/10 03:26:35 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/10 03:26:34 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/10 03:26:34 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/10 03:26:33 | 000,273,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftplaylh.sys.bak
[2014/01/10 03:26:33 | 000,028,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftredirlh.sys.bak
[2014/01/10 03:26:33 | 000,023,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftvollh.sys.bak
[2014/01/10 03:26:32 | 000,767,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Sftfslh.sys.bak
[2014/01/10 03:26:31 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/10 03:26:30 | 000,245,792 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsUStor.sys.bak
[2014/01/10 03:26:29 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/10 03:26:29 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/10 03:26:28 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/10 03:26:25 | 000,240,640 | ---- | M] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbnetdl2k.sys.bak
[2014/01/10 03:26:25 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/10 03:26:25 | 000,121,216 | ---- | M] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbserdl2k.sys.bak
[2014/01/10 03:26:25 | 000,006,400 | ---- | M] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcfilterdl2k.sys.bak
[2014/01/10 03:26:24 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/10 03:26:23 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Windows\SysNative\drivers\PCASp50a64.sys.bak
[2014/01/10 03:26:20 | 000,084,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2014/01/10 03:26:18 | 007,689,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETw5s64.sys.bak
[2014/01/10 03:26:17 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/10 03:26:09 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/10 03:26:08 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/10 03:26:08 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/10 03:26:07 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2014/01/10 03:26:05 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/10 03:26:04 | 000,317,440 | ---- | M] (Intel® Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2014/01/10 03:26:04 | 000,158,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys.bak
[2014/01/10 03:26:01 | 010,620,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/10 03:25:59 | 000,540,696 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014/01/10 03:25:58 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/10 03:25:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/10 03:25:57 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/10 03:25:57 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/10 03:25:56 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/10 03:25:56 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/10 03:25:55 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/10 03:25:53 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/10 03:25:52 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/10 03:25:52 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/10 03:25:51 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/10 03:25:51 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/10 03:25:51 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/10 03:25:51 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/10 03:25:50 | 000,224,768 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtAudDrv.sys.bak
[2014/01/10 03:25:50 | 000,172,704 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtClsFlt.sys.bak
[2014/01/10 03:25:50 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/10 03:25:49 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/10 03:25:48 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/10 03:25:47 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/10 03:25:46 | 000,175,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpmp.sys.bak
[2014/01/10 03:25:46 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpusb.sys.bak
[2014/01/10 03:25:46 | 000,071,168 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\bpenum.sys.bak
[2014/01/10 03:25:45 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/10 03:25:45 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/10 03:25:45 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/10 03:25:44 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/10 03:25:43 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/10 03:25:43 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/10 03:25:41 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/10 03:25:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/10 03:14:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Greg Duke\Desktop\OTL.exe
[2014/01/10 03:07:14 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/10 03:06:35 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Greg Duke\Desktop\aswMBR.exe
[2014/01/10 03:01:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 03:01:34 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 02:53:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 02:52:45 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014/01/10 02:52:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/10 02:52:29 | 1501,974,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/09 14:14:20 | 004,406,784 | ---- | M] () -- C:\Users\Greg Duke\Desktop\RogueKillerX64.exe
[2014/01/09 05:21:33 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/09 05:21:33 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/09 05:21:25 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/09 05:21:25 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/09 05:21:24 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/09 05:21:24 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/09 05:21:24 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/09 05:21:24 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/09 05:21:24 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/09 05:21:24 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/09 05:21:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/09 05:21:24 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:23 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/01/09 05:21:23 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/09 05:21:23 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/09 05:21:23 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/09 05:21:23 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/09 05:21:23 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/09 05:21:23 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/09 05:21:23 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/09 05:21:23 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/09 05:21:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/09 05:21:23 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/09 05:21:23 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/09 05:21:23 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/09 05:21:23 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/09 05:21:22 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/09 05:21:22 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/01/09 05:21:22 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/09 05:21:22 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/09 05:21:22 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/09 05:21:22 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/09 05:21:22 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/09 05:21:22 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/09 05:21:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/09 05:21:22 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/09 05:21:21 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/09 05:21:21 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/09 05:21:21 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/09 05:21:20 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/09 05:21:20 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/09 05:21:20 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/09 05:21:20 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/09 05:21:19 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/01/09 05:21:19 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/01/09 05:21:19 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/09 05:21:19 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/09 05:21:19 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/09 05:21:19 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/09 05:21:19 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/09 05:21:19 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/09 05:21:19 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/09 05:21:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/09 05:21:19 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/09 05:21:18 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/01/09 05:21:18 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/09 05:21:18 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/01/09 05:21:18 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/09 05:21:18 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/09 05:21:18 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/09 05:21:18 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/01/09 05:21:18 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/09 05:21:18 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/09 05:21:18 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/01/09 05:21:18 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/09 05:21:18 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/09 05:21:18 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/09 05:21:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/01/09 05:21:18 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/01/09 05:21:18 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/09 05:21:18 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/09 05:21:17 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/09 05:21:17 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/09 05:21:17 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/09 05:21:17 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/01/09 05:21:17 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/09 05:21:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/09 05:21:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/01/09 05:21:17 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/09 05:21:17 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/09 05:21:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/01/09 04:47:23 | 000,783,272 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/09 04:47:23 | 000,662,924 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/09 04:47:23 | 000,122,462 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/08 14:33:53 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/07 12:19:56 | 000,294,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/24 19:47:54 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/24 19:47:53 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/24 19:46:27 | 008,699,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/10 03:37:23 | 000,000,512 | ---- | C] () -- C:\Users\Greg Duke\Desktop\MBR.dat
[2014/01/09 14:14:10 | 004,406,784 | ---- | C] () -- C:\Users\Greg Duke\Desktop\RogueKillerX64.exe
[2014/01/09 05:21:23 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/09 05:21:18 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/09 16:15:22 | 000,000,258 | RHS- | C] () -- C:\Users\Greg Duke\ntuser.pol
[2012/12/22 05:53:15 | 000,005,243 | ---- | C] () -- C:\Users\Greg Duke\AppData\Roaming\UserTile.png
[2011/10/14 02:08:51 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/09/08 01:07:16 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\24x7 Help
[2013/07/31 18:51:23 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\AVG2013
[2013/09/08 01:11:09 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\DefaultTab
[2013/10/07 17:20:37 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\FreePriceAlerts
[2013/09/08 01:07:16 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\Iminent
[2012/02/25 17:23:04 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\Leadertech
[2013/01/09 19:43:56 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\OpenOffice.org
[2013/01/09 19:01:36 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\OpenOfficePackages
[2014/01/07 12:03:42 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\PCPowerSpeed
[2013/09/08 01:11:09 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\SearchProtect
[2014/01/07 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\SoftGrid Client
[2013/01/09 18:04:51 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\TP
[2013/07/31 18:50:07 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\TuneUp Software
[2013/10/24 18:01:05 | 000,000,000 | ---D | M] -- C:\Users\Greg Duke\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/10/14 03:25:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/10/14 03:25:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/10/14 03:25:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/10/14 03:25:39 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/10/14 03:25:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/10/14 03:25:39 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2014/01/02 11:13:38 | 000,872,352 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2014/01/02 11:14:00 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014/01/09 05:21:18 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2014/01/09 05:21:21 | 000,804,560 | ---- | M] (Microsoft Corporation)

< End of report >



OTL Extras




OTL Extras logfile created on: 1/10/2014 3:41:14 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Greg Duke\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.78 Gb Available Physical Memory | 41.77% Memory free
3.73 Gb Paging File | 1.90 Gb Available in Paging File | 50.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.96 Gb Total Space | 178.26 Gb Free Space | 80.31% Space Free | Partition Type: NTFS

Computer Name: MYRA-LAPTOP | User Name: Greg Duke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17EC0EFD-BC7A-4756-A099-F06AA77A1E33}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{393A9ED1-EAF6-4ADE-8B8E-14848EEE8AA6}" = lport=445 | protocol=6 | dir=in | app=system |
"{3D0D2CBA-D1DD-4257-BB02-0B704E8AAC9F}" = rport=445 | protocol=6 | dir=out | app=system |
"{6C2CC718-AD5F-4659-B3F1-78CCE9AC80B6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{6CFDBF35-3B7F-4935-84C2-A30D2E74C08D}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{76CED2D9-4545-4A3D-BD28-D72B1574FE37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{89A04EBD-4E55-4519-B72B-6BE363FEC127}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8BB3265F-A6D9-43F3-BEF7-E508C43BDC9A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{97C8A29B-2B70-41E5-B021-7A8B972FAC52}" = rport=139 | protocol=6 | dir=out | app=system |
"{A219E9C9-BAB3-4CCC-AA8D-9C03728ACDCF}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9DF7CBD-B9E4-4E8C-BDD0-D4C58BAA0067}" = rport=138 | protocol=17 | dir=out | app=system |
"{D2D7C088-A56F-4E40-BAB8-1B4BE7714F53}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D544F82C-0ED7-4718-A4F3-AF300C31C9B1}" = lport=139 | protocol=6 | dir=in | app=system |
"{E2A738EF-6C53-4F6A-8167-62975F135CCB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E9014C94-DF46-4163-8FD2-6018B241467C}" = rport=137 | protocol=17 | dir=out | app=system |
"{F68CBA69-7014-4804-B5A4-36707A079422}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{F6A6AF63-5C3C-43D9-9421-6FEA38B1FEDE}" = lport=137 | protocol=17 | dir=in | app=system |
"{F78636AA-05E3-4880-A1A5-21FA52FCFCEF}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{FCE2B3AF-43E2-4C55-A3B7-9917DC7310C2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20D3B7FA-EB18-44FF-BC33-47A22D7D454B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2F7D9222-76CC-4B56-B57E-802E5C38F231}" = protocol=58 | dir=in | [email protected],-28545 |
"{3912220F-07CC-46BA-B331-2404B65884CE}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{45A2AF25-AC72-4B99-A81B-15C965331B07}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{51D31B47-D298-44AD-930B-EB55188B3403}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{6014FD09-ED0F-4D5C-8737-2DD50D99FD09}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{848F4FFA-97B2-4D81-817E-00367A293C02}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{903A2CD4-2789-43FA-BE97-A296BD469F60}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{909CB757-DE06-40BC-9A6F-9F2CFF321F0C}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{9487AFC1-2814-4814-9004-55E3DC26A188}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{96C4E7EF-A0AA-4C46-9CB3-628E2961F8AE}" = protocol=58 | dir=out | [email protected],-28546 |
"{B3BE1210-B3F6-4A92-855A-20C6B56D79EA}" = protocol=1 | dir=out | [email protected],-28544 |
"{C98E2190-D957-4679-BFC4-388ED3876BA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9A9C7D3-4301-44A2-8A13-8B9F87DB9727}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{D1B37B46-957B-45D6-A2AC-C7DEF263646B}" = protocol=1 | dir=in | [email protected],-28543 |
"TCP Query User{9A04AD5D-5DDD-4F00-A674-0F95EA63A17B}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{41AEAF67-384A-46C5-9ED2-0C8795FD3DC5}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java™ 6 Update 27 (64-bit)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java™ 6 Update 27
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5030C973-F5BA-4432-860C-A3DA77BFEB05}" = Qualcomm Gobi 2000 Package for Dell
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B0C56FD7-493D-44DD-B007-BBB5117D6E6F}_is1" = PC Power Speed 1.1.0.36
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAEF9F3A-D10C-40DF-819D-D21D9600AE1A}" = Extreme Flash Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"RealPlayer 16.0" = RealPlayer
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1563109977-2122601895-824292158-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OpenOffice Packages" = OpenOffice Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = ESENT | ID = 455
Description = Windows (3112) Windows: Error -1811 occurred while opening logfile
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log.

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 9000
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 7040
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 7042
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 9002
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3029
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3029
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3028
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 3058
Description =

Error - 10/28/2013 9:51:55 PM | Computer Name = Myra-Laptop | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 12/24/2013 11:09:50 PM | Computer Name = Myra-Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.

Error - 12/24/2013 11:09:53 PM | Computer Name = Myra-Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2891804).

Error - 12/24/2013 11:33:32 PM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7022
Description = The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
service hung on starting.

Error - 1/2/2014 11:34:09 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the SftService service.

Error - 1/2/2014 11:37:21 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 1/2/2014 11:53:22 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error - 1/2/2014 11:53:22 AM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
to start due to the following error: %%1053

Error - 1/2/2014 12:25:20 PM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7022
Description = The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service
service hung on starting.

Error - 1/2/2014 12:25:31 PM | Computer Name = Myra-Laptop | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 1/7/2014 12:45:05 PM | Computer Name = Myra-Laptop | Source = Service Control Manager | ID = 7043
Description = The Windows Update service did not shut down properly after receiving
a preshutdown control.


< End of report >

Edited by CJDesmond, 10 January 2014 - 04:00 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#3
CJDesmond

CJDesmond

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Thank you for your time RKinner. here are the logs

# AdwCleaner v3.016 - Report created 10/01/2014 at 13:46:13
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Greg Duke - MYRA-LAPTOP
# Running from : C:\Users\Greg Duke\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
Folder Deleted : C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.AppServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.IBX404
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKCU\Software\5ae8fdcb368e542
Key Deleted : HKLM\SOFTWARE\5ae8fdcb368e542
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3285873
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF99AAB8-FFEE-4BB1-81E0-ADE71BF0AC3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222622278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266626678}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF99AAB8-FFEE-4BB1-81E0-ADE71BF0AC3C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BF99AAB8-FFEE-4BB1-81E0-ADE71BF0AC3C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD59948A-ED3B-4B44-91F2-A51132EFB7D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{212FE1D4-E69E-424C-A575-DCAEFB82EAB9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{865D7100-82C7-42F4-9C06-860DEC0871B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266626678}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\MixiDJ_V1
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\MixiDJ_V1
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\MixiDJ_V1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default\prefs.js ]

Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110801&tt=0213_8&babsrc=HP_ss&mntrId=18a57d93000000000000001de14afbf4");
Line Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V1 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3285873&SearchSource=3&q={searchTerms}&CUI=UN37378888371313578");
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Line Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "18a57d93000000000000001de14afbf4");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15714");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=18a57d93000000000000001de14afbf4&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110801&tt=0213_8");
Line Deleted : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.217:48:06");
Line Deleted : user_pref("extensions.wajam.affiliate_id", "3221");
Line Deleted : user_pref("extensions.wajam.firstrun", "false");
Line Deleted : user_pref("extensions.wajam.log_send_info", "false");
Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":1418,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Line Deleted : user_pref("extensions.wajam.no_trace", "false");
Line Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Line Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Line Deleted : user_pref("extensions.wajam.trace_log", "1378616775049 - processInstallationUpgrade - version set to : 1.26\n1378616775050 - processBrowserLoad - Bad mappingListJsonString: null\n1378616782534 - onFla[...]
Line Deleted : user_pref("extensions.wajam.unique_id", "2C15667760AAE8A384CEC63EC10AE0AF");
Line Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Deleted : user_pref("extensions.wajam.version", "1.26");
Line Deleted : user_pref("[email protected]", true);
Line Deleted : user_pref("iminent.LayoutId", "1");
Line Deleted : user_pref("iminent.ShowThankyouPixel", "0");
Line Deleted : user_pref("iminent.adapters", "{\"google\":{\"CountryCode\":\"US\",\"NoAds\":true,\"Status\":1,\"expireTime\":\"1388677203023255420\"},\"youtube\":{\"CountryCode\":\"US\",\"NoAds\":true,\"Status\":1,\[...]
Line Deleted : user_pref("iminent.registerToolbarEvent101", "1382655289214");
Line Deleted : user_pref("iminent.registerToolbarEvent102", "1389208632310");
Line Deleted : user_pref("iminent.registerToolbarEvent109", "1380426894758");
Line Deleted : user_pref("iminent.registerToolbarEvent111", "1380426894768");
Line Deleted : user_pref("iminent.registerToolbarEvent122", "1380426894778");
Line Deleted : user_pref("iminent.registerToolbarEvent140", "1388677225962");
Line Deleted : user_pref("iminent.version", "7.51.3.1");
Line Deleted : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1378616781995,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1389208620730}");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url

*************************

AdwCleaner[R0].txt - [17983 octets] - [10/01/2014 13:36:35]
AdwCleaner[R1].txt - [14676 octets] - [10/01/2014 13:42:26]
AdwCleaner[S0].txt - [3713 octets] - [10/01/2014 13:40:32]
AdwCleaner[S1].txt - [14313 octets] - [10/01/2014 13:46:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14374 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Greg Duke on Fri 01/10/2014 at 13:51:53.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1563109977-2122601895-824292158-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1563109977-2122601895-824292158-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211621178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{05C247FE-BCAC-4F59-AAFA-B42C0A8DF6EF}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EDF507FE-6AB5-4482-AE84-E5F8B9C4DAE0}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho230C.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8C58.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCB85.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCF6F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD578.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcpowerspeed"
Successfully deleted: [Folder] "C:\Users\Greg Duke\AppData\Roaming\pcpowerspeed"
Successfully deleted: [Folder] "C:\Users\Greg Duke\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Greg Duke\appdata\local\solid savings"
Successfully deleted: [Folder] "C:\Program Files (x86)\pcpowerspeed"
Successfully deleted: [Folder] "C:\Program Files (x86)\web layers"



~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]"
Successfully deleted the following from C:\Users\Greg Duke\AppData\Roaming\mozilla\firefox\profiles\i5e1hga6.default\prefs.js

user_pref("[email protected]", true);



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\Greg Duke\appdata\local\Google\Chrome\User Data\Default\Extensions\cijeeimilokkhlfjombmalgpabbonmah



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 14:03:37.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2014
Ran by Greg Duke (administrator) on MYRA-LAPTOP on 10-01-2014 14:04:56
Running from C:\Users\Greg Duke\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2095400 2010-04-15] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775072 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] - C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-19] (RealNetworks, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-03] (Google Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - ŪĘīZ§’2¹ŽpvØIĶį*X(ˇ2s(ŪĪĄJŗŌÓµ¯± vĖ°!×—(ä¼48Šøpatm6źo^Mp`Ėõ÷_i£w¾!„Įū†x¢8€ŁjĄ˙ž ´Ń;įa´[¦†8 ŗ~¸RŁxņÜ8'£-)x­ä­ URL =
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B}: [NameServer]68.28.137.132 68.28.138.132
Tcpip\..\Interfaces\{67B49301-D9F1-491B-A84E-0D8D9EC514E6}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default\Extensions\[email protected]
FF Extension: Adblock Plus - C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: yahoo
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: http://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Skype Click to Call) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Inbox Toolbar) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0
CHR Extension: (YouTube) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Skype Click to Call) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKCU\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Greg Duke\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx
CHR HKLM-x32\...\Chrome\Extension: [apgjagobplilmcdfelodhgefiidomnfl] - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM-x32\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Greg Duke\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-27] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-27] (Microsoft Corporation)
R2 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-01-14] (QUALCOMM, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

==================== Drivers (Whitelisted) ====================

R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R3 qcfilterdl2k; C:\Windows\System32\DRIVERS\qcfilterdl2k.sys [6400 2010-02-02] (QUALCOMM Incorporated)
R3 qcusbnetdl2k; C:\Windows\System32\DRIVERS\qcusbnetdl2k.sys [240640 2010-02-02] (QUALCOMM Incorporated)
R3 qcusbserdl2k; C:\Windows\System32\DRIVERS\qcusbserdl2k.sys [121216 2010-02-02] (QUALCOMM Incorporated)
S1 ahptqdao; \??\C:\Windows\system32\drivers\ahptqdao.sys [x]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-10 14:04 - 2014-01-10 14:05 - 00018999 _____ C:\Users\Greg Duke\Desktop\FRST.txt
2014-01-10 14:04 - 2014-01-10 14:04 - 00000000 ____D C:\FRST
2014-01-10 14:03 - 2014-01-10 14:03 - 00003355 _____ C:\Users\Greg Duke\Desktop\JRT.txt
2014-01-10 13:51 - 2014-01-10 13:51 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 13:50 - 2014-01-10 13:50 - 00014551 _____ C:\Users\Greg Duke\Desktop\AdwCleaner[S1].txt
2014-01-10 13:36 - 2014-01-10 13:46 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:20 - 2014-01-10 12:20 - 01932166 _____ (Farbar) C:\Users\Greg Duke\Desktop\FRST64.exe
2014-01-10 12:18 - 2014-01-10 12:18 - 01037068 _____ (Thisisu) C:\Users\Greg Duke\Desktop\JRT.exe
2014-01-10 12:15 - 2014-01-10 12:15 - 01233962 _____ C:\Users\Greg Duke\Desktop\AdwCleaner.exe
2014-01-10 12:10 - 2014-01-10 14:04 - 00000000 ____D C:\Users\Greg Duke\Desktop\fix1
2014-01-10 03:26 - 2014-01-10 03:26 - 10620224 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 07689216 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5s64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 02356000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00767144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00319536 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00245792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00240640 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbnetdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00151656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WimFltr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00121216 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbserdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00084864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00074280 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041280 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\PCASp50a64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpNWMon.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00028840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006400 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcfilterdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00224768 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtAudDrv.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00175104 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00172704 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtClsFlt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00081920 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00071168 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpenum.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-10 03:18 - 2014-01-10 03:33 - 00000000 ____D C:\Users\Greg Duke\Desktop\RK_Quarantine
2014-01-10 03:02 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-10 03:02 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-10 03:02 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-10 03:02 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-10 03:01 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-10 03:01 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-10 03:01 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-10 03:01 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-10 03:01 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-10 03:01 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-10 03:01 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-10 03:01 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-10 03:01 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-10 03:01 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-10 03:01 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-10 03:01 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-10 03:01 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-10 03:01 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-10 03:01 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-10 03:01 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-10 03:01 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-10 03:01 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-10 03:01 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-10 03:01 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-10 03:01 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-10 03:01 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-10 03:01 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-10 03:01 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-10 03:01 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-10 03:01 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-10 03:01 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-09 14:06 - 2013-09-03 20:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-09 05:25 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-09 05:21 - 2014-01-09 05:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-09 02:33 - 2014-01-09 04:45 - 00038536 _____ C:\Windows\PFRO.log
2014-01-08 14:32 - 2014-01-08 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Greg Duke\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-02 11:13 - 2014-01-02 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 10:56 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-02 10:56 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-02 10:53 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-02 10:53 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-02 10:53 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-02 10:52 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-02 10:52 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-02 10:51 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-02 10:49 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-24 22:26 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-24 22:26 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-24 22:25 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-24 22:25 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-24 22:25 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-24 22:25 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-24 22:25 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-24 22:25 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-24 22:25 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-24 22:24 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-24 22:24 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-24 22:24 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-24 22:24 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-24 22:24 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-24 22:24 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-24 22:24 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-24 22:24 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-24 22:24 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-24 22:24 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-24 22:24 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-24 22:24 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-24 22:24 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-24 22:24 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-24 22:10 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-24 22:10 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-24 22:10 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-24 22:10 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-24 22:09 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-24 22:09 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-24 22:05 - 2014-01-09 05:25 - 00017230 _____ C:\Windows\IE11_main.log
2013-12-24 22:03 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-24 22:03 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-24 22:02 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-24 22:02 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-24 22:02 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-24 22:00 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-24 22:00 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-24 21:59 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-24 21:59 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-24 21:59 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-24 21:59 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-24 21:59 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-24 21:59 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-24 20:43 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-24 20:43 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-24 19:47 - 2013-12-24 21:40 - 00000000 ____D C:\Program Files (x86)\GUM51DC.tmp
2013-12-24 19:46 - 2013-12-24 19:46 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

2014-01-10 14:05 - 2014-01-10 14:04 - 00018999 _____ C:\Users\Greg Duke\Desktop\FRST.txt
2014-01-10 14:04 - 2014-01-10 14:04 - 00000000 ____D C:\FRST
2014-01-10 14:04 - 2014-01-10 12:10 - 00000000 ____D C:\Users\Greg Duke\Desktop\fix1
2014-01-10 14:04 - 2012-02-26 01:24 - 00000000 ____D C:\Users\Greg Duke\AppData\Local\Nero
2014-01-10 14:03 - 2014-01-10 14:03 - 00003355 _____ C:\Users\Greg Duke\Desktop\JRT.txt
2014-01-10 14:03 - 2012-02-25 17:21 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2014-01-10 14:02 - 2012-12-16 08:27 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
2014-01-10 14:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2014-01-10 13:57 - 2009-07-13 23:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 13:57 - 2009-07-13 23:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 13:53 - 2011-10-14 03:39 - 01996063 _____ C:\Windows\WindowsUpdate.log
2014-01-10 13:51 - 2014-01-10 13:51 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 13:50 - 2014-01-10 13:50 - 00014551 _____ C:\Users\Greg Duke\Desktop\AdwCleaner[S1].txt
2014-01-10 13:50 - 2012-12-24 13:03 - 00000000 ____D C:\Users\Greg Duke\AppData\Roaming\Skype
2014-01-10 13:49 - 2012-12-30 13:30 - 00003354 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1563109977-2122601895-824292158-1000
2014-01-10 13:49 - 2012-12-30 13:30 - 00003228 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1563109977-2122601895-824292158-1000
2014-01-10 13:49 - 2011-10-14 02:21 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2014-01-10 13:48 - 2013-10-28 21:05 - 00000818 _____ C:\Windows\setupact.log
2014-01-10 13:48 - 2012-12-28 13:10 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-10 13:48 - 2012-03-03 19:28 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 13:48 - 2012-02-25 17:18 - 00000000 ____D C:\Users\Greg Duke\AppData\Local\SoftThinks
2014-01-10 13:48 - 2011-10-14 02:17 - 00000050 _____ C:\Windows\system32\SupplicantTest.log
2014-01-10 13:48 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 13:46 - 2014-01-10 13:36 - 00000000 ____D C:\AdwCleaner
2014-01-10 13:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-10 13:07 - 2012-03-03 19:28 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 12:20 - 2014-01-10 12:20 - 01932166 _____ (Farbar) C:\Users\Greg Duke\Desktop\FRST64.exe
2014-01-10 12:18 - 2014-01-10 12:18 - 01037068 _____ (Thisisu) C:\Users\Greg Duke\Desktop\JRT.exe
2014-01-10 12:15 - 2014-01-10 12:15 - 01233962 _____ C:\Users\Greg Duke\Desktop\AdwCleaner.exe
2014-01-10 04:26 - 2013-03-09 22:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 04:26 - 2011-10-14 01:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-10 04:25 - 2013-02-06 12:52 - 00000000 ____D C:\Users\Greg Duke\AppData\Local\Adobe
2014-01-10 03:33 - 2014-01-10 03:18 - 00000000 ____D C:\Users\Greg Duke\Desktop\RK_Quarantine
2014-01-10 03:26 - 2014-01-10 03:26 - 10620224 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 07689216 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5s64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 02356000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00767144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00319536 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00245792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00240640 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbnetdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00151656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WimFltr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00121216 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbserdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00084864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00074280 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041280 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\PCASp50a64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpNWMon.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00028840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006400 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcfilterdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00224768 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtAudDrv.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00175104 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00172704 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtClsFlt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00081920 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00071168 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpenum.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-09 13:54 - 2012-02-25 17:22 - 00001415 _____ C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-09 13:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-09 05:25 - 2013-12-24 22:05 - 00017230 _____ C:\Windows\IE11_main.log
2014-01-09 05:21 - 2014-01-09 05:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-09 04:47 - 2009-07-14 00:13 - 00783272 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 04:45 - 2014-01-09 02:33 - 00038536 _____ C:\Windows\PFRO.log
2014-01-09 02:42 - 2012-02-25 17:18 - 00000000 ___RD C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-09 02:33 - 2012-12-16 08:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-08 14:33 - 2012-12-30 13:07 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-08 14:33 - 2012-12-30 13:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-08 14:32 - 2014-01-08 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Greg Duke\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-08 14:15 - 2013-11-10 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2014-01-07 12:19 - 2009-07-13 23:45 - 00294024 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-07 11:53 - 2013-01-09 18:04 - 00000000 ____D C:\Users\Greg Duke\AppData\Roaming\SoftGrid Client
2014-01-02 11:14 - 2014-01-02 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 11:02 - 2012-03-03 19:28 - 00003900 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-02 11:02 - 2012-03-03 19:28 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-02 10:59 - 2013-09-07 21:39 - 00000000 ____D C:\Windows\system32\MRT
2014-01-02 10:34 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-24 22:33 - 2011-02-10 09:02 - 00000000 ____D C:\Windows\panther
2013-12-24 22:15 - 2012-12-24 13:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-24 22:15 - 2012-12-24 13:03 - 00000000 ____D C:\ProgramData\Skype
2013-12-24 21:41 - 2012-02-25 17:18 - 00000000 ____D C:\Users\Greg Duke
2013-12-24 21:40 - 2013-12-24 19:47 - 00000000 ____D C:\Program Files (x86)\GUM51DC.tmp
2013-12-24 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-12-24 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-24 19:46 - 2013-12-24 19:46 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

Some content of TEMP:
====================
C:\Users\Greg Duke\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Greg Duke\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Greg Duke\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\Greg Duke\AppData\Local\Temp\install_reader11_en_mssa_aaa_aih.exe
C:\Users\Greg Duke\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Greg Duke\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg Duke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Greg Duke\AppData\Local\Temp\uninst1.exe
C:\Users\Greg Duke\AppData\Local\Temp\wget.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 12:51

==================== End Of Log ============================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-01-2014
Ran by Greg Duke at 2014-01-10 14:06:59
Running from C:\Users\Greg Duke\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Bing Bar (x32 Version: 7.0.850.0 - Microsoft Corporation)
CCleaner (Version: 4.07 - Piriform)
Cozi (x32 Version: 1.0.6505.38692 - Cozi Group, Inc.)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.57 - Dell Inc.)
Dell DataSafe Local Backup (x32 Version: 9.4.57 - Dell Inc.)
Dell DataSafe Online (x32 Version: 2.1.19634 - Dell)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Dock (x32 Version: 2.0 - Stardock Corporation)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (x32 Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (x32 Version: 2.0.0 - Dell Inc.)
Dell Product Registration (x32 Version: 1.1.3 - Dell Inc.)
Dell Support Center (Version: 3.1.5803.11 - Dell Inc.)
Dell Support Center (Version: 3.1.5803.11 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (x32 Version: 1.40.05 - Creative Technology Ltd)
Extreme Flash Player (x32 Version: 1.1.0 - PC TEKNIX)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (x32 Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2235 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.1000 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.0006 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 27 (64-bit) (Version: 6.0.270 - Oracle)
Java™ 6 Update 27 (x32 Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (x32 Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
OpenOffice Packages (HKCU Version: - )
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
PC Power Speed 1.1.0.36 (x32 Version: 1.1.0.36 - Crawler, LLC.)
Qualcomm Gobi 2000 Package for Dell (x32 Version: 1.1.100 - QUALCOMM)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6096 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (Version: 15.0.17.0 - Synaptics Incorporated)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
SyncUP (x32 Version: 10.2.14900 - Nero AG)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

==================== Restore Points =========================

29-10-2013 00:50:59 Windows Update
04-11-2013 02:27:37 Windows Update
10-11-2013 19:07:40 Windows Update
18-11-2013 00:01:01 Windows Update
25-12-2013 00:45:51 Windows Update
25-12-2013 02:29:08 Restore Operation
25-12-2013 02:48:46 Windows Update
02-01-2014 15:39:14 Windows Update
07-01-2014 16:54:42 Windows Update
09-01-2014 08:00:22 Windows Update
09-01-2014 08:08:16 Removed Advanced Audio FX Engine
09-01-2014 08:09:53 Removed Babylon Chrome Toolbar
09-01-2014 10:17:24 Windows Update
10-01-2014 08:00:16 Windows Update
10-01-2014 08:48:15 OTL Restore Point - 1/10/2014 3:48:14 AM

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {034A9BDE-54E9-4C3B-A991-FE2BF1AF4456} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {0B5E98E0-8AFA-4B96-A174-260425744851} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03] (Google Inc.)
Task: {0E7EEDCF-AC6C-40F4-AAC0-813A8112E274} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {0EF7C03E-BCD9-465C-8B72-FEB86BA0A8C2} - \BackgroundContainer Startup Task No Task File
Task: {15BB3014-5AB0-4C6B-B97A-49F094F37BC6} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {1AC80AE1-7553-4F74-A9B3-DC306BF79DDC} - System32\Tasks\Updater26278.exe => C:\Users\Greg
Task: {370AE401-8DD6-4DF5-A88F-2619AD312C42} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1563109977-2122601895-824292158-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {374A65C0-8E9F-48E0-A5D7-BA1A334B0C30} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1563109977-2122601895-824292158-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {48FDBDC4-202B-43CD-BF29-889EB7BC7E6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03] (Google Inc.)
Task: {5E216AF3-5785-4DCB-A254-9C0D124A1D83} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {7DD5F304-A9A7-4D11-A387-3B928EBDF39E} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {980765A2-5E16-49CD-94B3-F8CE4EFAC504} - \BitGuard No Task File
Task: {CDABC61A-A64D-4F3C-A880-9ED3704C98A3} - System32\Tasks\JavaUpdateSched => %COMMONPROGRAMFILES(x86)%\Java\Java Update\jusched.exe
Task: {D9FF5496-4FB2-4199-902A-6627F02076C3} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-03-22] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-07-07 17:13 - 2011-07-07 17:13 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
2011-07-07 17:14 - 2011-07-07 17:14 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Pandora.website:TASKICON_0favicon1427510119
AlternateDataStreams: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Pandora.website:TASKICON_1favicon-729708308
AlternateDataStreams: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Pandora.website:TASKICON_2favicon-1789220479

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Intel® Centrino® WiMAX 6250
Description: Intel® Centrino® WiMAX 6250
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: bpmp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 67%
Total physical RAM: 1909.86 MB
Available physical RAM: 618.98 MB
Total Pagefile: 3819.72 MB
Available Pagefile: 2184.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:221.96 GB) (Free:178.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 9911634D)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=222 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that then REBOOT! Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java™ 6 Update 27 (64-bit)
Java™ 6 Update 27

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

How is it running now? Do you still see your problems?
  • 0

#5
CJDesmond

CJDesmond

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
here you go. It is working MUCH better now XD


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05
Ran by Greg Duke at 2014-01-11 13:57:23
Running from C:\Users\Greg Duke\Desktop\fix2
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Bing Bar (x32 Version: 7.0.850.0 - Microsoft Corporation)
CCleaner (Version: 4.07 - Piriform)
Cozi (x32 Version: 1.0.6505.38692 - Cozi Group, Inc.)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.57 - Dell Inc.)
Dell DataSafe Local Backup (x32 Version: 9.4.57 - Dell Inc.)
Dell DataSafe Online (x32 Version: 2.1.19634 - Dell)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Dock (x32 Version: 2.0 - Stardock Corporation)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (x32 Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (x32 Version: 2.0.0 - Dell Inc.)
Dell Product Registration (x32 Version: 1.1.3 - Dell Inc.)
Dell Support Center (Version: 3.1.5803.11 - Dell Inc.)
Dell Support Center (Version: 3.1.5803.11 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (x32 Version: 1.40.05 - Creative Technology Ltd)
Extreme Flash Player (x32 Version: 1.1.0 - PC TEKNIX)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (x32 Version: - )
Intel PROSet Wireless (Version: - ) Hidden
Intel® Graphics Media Accelerator Driver (x32 Version: 8.15.10.2235 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.1000 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.0006 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 27 (64-bit) (Version: 6.0.270 - Oracle)
Java™ 6 Update 27 (x32 Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (x32 Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20030 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
OpenOffice Packages (HKCU Version: - )
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
PC Power Speed 1.1.0.36 (x32 Version: 1.1.0.36 - Crawler, LLC.)
Qualcomm Gobi 2000 Package for Dell (x32 Version: 1.1.100 - QUALCOMM)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6096 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (Version: 15.0.17.0 - Synaptics Incorporated)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
SyncUP (x32 Version: 10.2.14900 - Nero AG)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden

==================== Restore Points =========================

29-10-2013 00:50:59 Windows Update
04-11-2013 02:27:37 Windows Update
10-11-2013 19:07:40 Windows Update
18-11-2013 00:01:01 Windows Update
25-12-2013 00:45:51 Windows Update
25-12-2013 02:29:08 Restore Operation
25-12-2013 02:48:46 Windows Update
02-01-2014 15:39:14 Windows Update
07-01-2014 16:54:42 Windows Update
09-01-2014 08:00:22 Windows Update
09-01-2014 08:08:16 Removed Advanced Audio FX Engine
09-01-2014 08:09:53 Removed Babylon Chrome Toolbar
09-01-2014 10:17:24 Windows Update
10-01-2014 08:00:16 Windows Update
10-01-2014 08:48:15 OTL Restore Point - 1/10/2014 3:48:14 AM

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {034A9BDE-54E9-4C3B-A991-FE2BF1AF4456} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {0B5E98E0-8AFA-4B96-A174-260425744851} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03] (Google Inc.)
Task: {48FDBDC4-202B-43CD-BF29-889EB7BC7E6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-03] (Google Inc.)
Task: {4915E60F-FE8F-403C-845B-4C31A6A51EE2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1563109977-2122601895-824292158-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5756C995-448E-4867-B5ED-5F7F2425F3F9} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {607507F9-299B-4E27-98F1-26BD973EE97B} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {CDABC61A-A64D-4F3C-A880-9ED3704C98A3} - System32\Tasks\JavaUpdateSched => %COMMONPROGRAMFILES(x86)%\Java\Java Update\jusched.exe
Task: {EBBFEC20-AA10-46DF-82D9-2E6E0CC89E0F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1563109977-2122601895-824292158-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Pandora.website:TASKICON_0favicon1427510119
AlternateDataStreams: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Pandora.website:TASKICON_1favicon-729708308
AlternateDataStreams: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Pandora.website:TASKICON_2favicon-1789220479

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Intel® Centrino® WiMAX 6250
Description: Intel® Centrino® WiMAX 6250
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: bpmp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2014 01:48:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2014 01:30:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/10/2014 02:26:40 PM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 6.11.0.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4a8

Start Time: 01cf0e39b3190125

Termination Time: 10

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id:


System errors:
=============
Error: (01/11/2014 01:50:15 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (01/11/2014 01:50:00 PM) (Source: Service Control Manager) (User: )
Description: The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service service hung on starting.

Error: (01/11/2014 01:49:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/11/2014 01:49:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/11/2014 01:31:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (01/11/2014 01:31:33 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/11/2014 01:31:28 PM) (Source: Service Control Manager) (User: )
Description: The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service service hung on starting.

Error: (01/11/2014 01:31:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.


Microsoft Office Sessions:
=========================
Error: (01/11/2014 01:48:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2014 01:30:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/10/2014 02:26:40 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.11.0.1024a801cf0e39b319012510C:\Program Files (x86)\Skype\Phone\Skype.exe


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 1909.86 MB
Available physical RAM: 914.16 MB
Total Pagefile: 3819.72 MB
Available Pagefile: 2502.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:221.96 GB) (Free:178.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 9911634D)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=222 GB) - (Type=07 NTFS)

==================== End Of Log ============================




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2014 05
Ran by Greg Duke at 2014-01-11 13:40:22 Run:1
Running from C:\Users\Greg Duke\Desktop\fix2
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä­ URL =
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Tcpip\..\Interfaces\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B}: [NameServer]68.28.137.132 68.28.138.132
Tcpip\..\Interfaces\{67B49301-D9F1-491B-A84E-0D8D9EC514E6}: [NameServer]0.0.0.0
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
S1 ahptqdao; \??\C:\Windows\system32\drivers\ahptqdao.sys [x]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [x]
2014-01-10 14:03 - 2012-02-25 17:21 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2014-01-10 14:02 - 2012-12-16 08:27 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher
C:\Users\Greg Duke\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Greg Duke\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Greg Duke\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\Users\Greg Duke\AppData\Local\Temp\install_reader11_en_mssa_aaa_aih.exe
C:\Users\Greg Duke\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Greg Duke\AppData\Local\Temp\Quarantine.exe
C:\Users\Greg Duke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Greg Duke\AppData\Local\Temp\uninst1.exe
C:\Users\Greg Duke\AppData\Local\Temp\wget.exe
Task: {0EF7C03E-BCD9-465C-8B72-FEB86BA0A8C2} - \BackgroundContainer Startup Task No Task File
Task: {15BB3014-5AB0-4C6B-B97A-49F094F37BC6} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {1AC80AE1-7553-4F74-A9B3-DC306BF79DDC} - System32\Tasks\Updater26278.exe => C:\Users\Greg
Task: {7DD5F304-A9A7-4D11-A387-3B928EBDF39E} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-03-22] (PC-Doctor, Inc.)
Task: {980765A2-5E16-49CD-94B3-F8CE4EFAC504} - \BitGuard No Task File
Task: {D9FF5496-4FB2-4199-902A-6627F02076C3} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-03-22] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä­ => Key not found.
HKCR\CLSID\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä­ => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Key deleted successfully.
HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => Key deleted successfully.
HKCR\PROTOCOLS\Handler\cozi => Key deleted successfully.
HKCR\CLSID\{5356518D-FE9C-4E08-9C1F-1E872ECD367F} => Key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{668C2A9B-7655-40D1-BAB1-F35DC10EED1B}\\NameServer => Value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{67B49301-D9F1-491B-A84E-0D8D9EC514E6}\\NameServer => Value deleted successfully.
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} not found.
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} not found.
ahptqdao => Service deleted successfully.
PCTINDIS5X64 => Service deleted successfully.
C:\Windows\Tasks\SystemToolsDailyTest.job => Moved successfully.
C:\Windows\System32\Tasks\PCDEventLauncher => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\fp_pl_pfs_installer-1.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\install_flashplayer11x32_mssa_aaa_aih.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\install_reader11_en_mssa_aaa_aih.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\Greg Duke\AppData\Local\Temp\wget.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0EF7C03E-BCD9-465C-8B72-FEB86BA0A8C2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EF7C03E-BCD9-465C-8B72-FEB86BA0A8C2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15BB3014-5AB0-4C6B-B97A-49F094F37BC6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15BB3014-5AB0-4C6B-B97A-49F094F37BC6} => Key deleted successfully.
C:\Windows\System32\Tasks\PCDEventLauncher not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncher => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AC80AE1-7553-4F74-A9B3-DC306BF79DDC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AC80AE1-7553-4F74-A9B3-DC306BF79DDC} => Key deleted successfully.
C:\Windows\System32\Tasks\Updater26278.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater26278.exe => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DD5F304-A9A7-4D11-A387-3B928EBDF39E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DD5F304-A9A7-4D11-A387-3B928EBDF39E} => Key deleted successfully.
C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{980765A2-5E16-49CD-94B3-F8CE4EFAC504} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{980765A2-5E16-49CD-94B3-F8CE4EFAC504} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9FF5496-4FB2-4199-902A-6627F02076C3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9FF5496-4FB2-4199-902A-6627F02076C3} => Key deleted successfully.
C:\Windows\System32\Tasks\SystemToolsDailyTest => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest => Key deleted successfully.
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => Moved successfully.
C:\Windows\Tasks\SystemToolsDailyTest.job not found.

==== End of Fixlog ====




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05
Ran by Greg Duke (administrator) on MYRA-LAPTOP on 11-01-2014 13:56:06
Running from C:\Users\Greg Duke\Desktop\fix2
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2095400 2010-04-15] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775072 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel® Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] - C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-09-19] (RealNetworks, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-03] (Google Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä­ URL =
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default\Extensions\[email protected] [2013-10-27]
FF Extension: Adblock Plus - C:\Users\Greg Duke\AppData\Roaming\Mozilla\Firefox\Profiles\i5e1hga6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-02]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: yahoo
CHR DefaultSearchProvider: Yahoo! Search
CHR DefaultSearchURL: http://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Skype Click to Call) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.270.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U27) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Inbox Toolbar) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0 [2013-04-20]
CHR Extension: (YouTube) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-04-11]
CHR Extension: (Google Search) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-04-11]
CHR Extension: (RealDownloader) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0 [2013-09-28]
CHR Extension: (Skype Click to Call) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0 [2013-10-24]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-18]
CHR Extension: (Gmail) - C:\Users\Greg Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-01-09]
CHR HKCU\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Greg Duke\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx [2013-01-09]
CHR HKLM-x32\...\Chrome\Extension: [apgjagobplilmcdfelodhgefiidomnfl] - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx [2013-01-09]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Greg Duke\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-27] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-27] (Microsoft Corporation)
R2 QDLService2kDell; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kDell.exe [330488 2010-01-14] (QUALCOMM, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

==================== Drivers (Whitelisted) ====================

R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R3 qcfilterdl2k; C:\Windows\System32\DRIVERS\qcfilterdl2k.sys [6400 2010-02-02] (QUALCOMM Incorporated)
R3 qcusbnetdl2k; C:\Windows\System32\DRIVERS\qcusbnetdl2k.sys [240640 2010-02-02] (QUALCOMM Incorporated)
R3 qcusbserdl2k; C:\Windows\System32\DRIVERS\qcusbserdl2k.sys [121216 2010-02-02] (QUALCOMM Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-11 13:31 - 2014-01-11 13:48 - 00003354 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1563109977-2122601895-824292158-1000
2014-01-11 13:31 - 2014-01-11 13:48 - 00003228 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1563109977-2122601895-824292158-1000
2014-01-10 14:28 - 2014-01-10 14:28 - 00000000 _____ C:\Windows\SysWOW64\sho842D.tmp
2014-01-10 14:26 - 2014-01-11 13:56 - 00000000 ____D C:\Users\Greg Duke\Desktop\fix2
2014-01-10 14:04 - 2014-01-11 13:40 - 00000000 ____D C:\FRST
2014-01-10 13:51 - 2014-01-10 13:51 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 13:36 - 2014-01-10 13:46 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:10 - 2014-01-10 14:27 - 00000000 ____D C:\Users\Greg Duke\Desktop\fix1
2014-01-10 03:26 - 2014-01-10 03:26 - 10620224 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 07689216 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5s64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 02356000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00767144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00319536 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00245792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00240640 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbnetdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00151656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WimFltr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00121216 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbserdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00084864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00074280 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041280 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\PCASp50a64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpNWMon.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00028840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006400 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcfilterdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00224768 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtAudDrv.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00175104 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00172704 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtClsFlt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00081920 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00071168 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpenum.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-10 03:02 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-10 03:02 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-10 03:02 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-10 03:02 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-10 03:01 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-10 03:01 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-10 03:01 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-10 03:01 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-10 03:01 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-10 03:01 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-10 03:01 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-10 03:01 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-10 03:01 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-10 03:01 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-10 03:01 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-10 03:01 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-10 03:01 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-10 03:01 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-10 03:01 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-10 03:01 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-10 03:01 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-10 03:01 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-10 03:01 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-10 03:01 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-10 03:01 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-10 03:01 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-10 03:01 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-10 03:01 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-10 03:01 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-10 03:01 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-10 03:01 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-09 14:06 - 2013-09-03 20:37 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-09 14:06 - 2013-09-03 20:37 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-09 05:25 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-09 05:21 - 2014-01-09 05:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-09 02:33 - 2014-01-09 04:45 - 00038536 _____ C:\Windows\PFRO.log
2014-01-08 14:32 - 2014-01-08 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Greg Duke\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-02 11:13 - 2014-01-02 11:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 10:56 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-02 10:56 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-01-02 10:53 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-01-02 10:53 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-02 10:53 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-02 10:52 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-02 10:52 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-01-02 10:51 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-01-02 10:49 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-24 22:26 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-24 22:26 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-24 22:25 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-24 22:25 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-24 22:25 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-24 22:25 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-24 22:25 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-24 22:25 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-24 22:25 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-24 22:24 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-24 22:24 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-24 22:24 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-24 22:24 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-24 22:24 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-24 22:24 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-24 22:24 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-24 22:24 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-24 22:24 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-24 22:24 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-24 22:24 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-24 22:24 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-24 22:24 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-24 22:24 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-24 22:10 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-24 22:10 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-24 22:10 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-24 22:10 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-24 22:09 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-24 22:09 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-24 22:05 - 2014-01-09 05:25 - 00017230 _____ C:\Windows\IE11_main.log
2013-12-24 22:03 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-24 22:03 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-24 22:02 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-24 22:02 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-24 22:02 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-24 22:00 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-24 22:00 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-24 21:59 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-24 21:59 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-24 21:59 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-24 21:59 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-24 21:59 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-24 21:59 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-24 20:43 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-24 20:43 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-24 19:47 - 2013-12-24 21:40 - 00000000 ____D C:\Program Files (x86)\GUM51DC.tmp
2013-12-24 19:46 - 2013-12-24 19:46 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

2014-01-11 13:56 - 2014-01-10 14:26 - 00000000 ____D C:\Users\Greg Duke\Desktop\fix2
2014-01-11 13:53 - 2011-10-14 03:39 - 02056426 _____ C:\Windows\WindowsUpdate.log
2014-01-11 13:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
2014-01-11 13:49 - 2012-12-24 13:03 - 00000000 ____D C:\Users\Greg Duke\AppData\Roaming\Skype
2014-01-11 13:48 - 2014-01-11 13:31 - 00003354 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1563109977-2122601895-824292158-1000
2014-01-11 13:48 - 2014-01-11 13:31 - 00003228 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1563109977-2122601895-824292158-1000
2014-01-11 13:48 - 2013-10-28 21:05 - 00000930 _____ C:\Windows\setupact.log
2014-01-11 13:48 - 2012-12-28 13:10 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-11 13:48 - 2012-03-03 19:28 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-11 13:48 - 2012-02-25 17:18 - 00000000 ____D C:\Users\Greg Duke\AppData\Local\SoftThinks
2014-01-11 13:48 - 2011-10-14 02:21 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2014-01-11 13:48 - 2011-10-14 02:17 - 00000050 _____ C:\Windows\system32\SupplicantTest.log
2014-01-11 13:48 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-11 13:46 - 2012-02-26 01:24 - 00000000 ____D C:\Users\Greg Duke\AppData\Local\Nero
2014-01-11 13:40 - 2014-01-10 14:04 - 00000000 ____D C:\FRST
2014-01-11 13:38 - 2009-07-13 23:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-11 13:38 - 2009-07-13 23:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 14:28 - 2014-01-10 14:28 - 00000000 _____ C:\Windows\SysWOW64\sho842D.tmp
2014-01-10 14:27 - 2014-01-10 12:10 - 00000000 ____D C:\Users\Greg Duke\Desktop\fix1
2014-01-10 14:07 - 2012-03-03 19:28 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 13:51 - 2014-01-10 13:51 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 13:46 - 2014-01-10 13:36 - 00000000 ____D C:\AdwCleaner
2014-01-10 13:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-10 04:26 - 2013-03-09 22:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-10 04:26 - 2011-10-14 01:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-10 04:25 - 2013-02-06 12:52 - 00000000 ____D C:\Users\Greg Duke\AppData\Local\Adobe
2014-01-10 03:26 - 2014-01-10 03:26 - 10620224 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 07689216 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5s64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 02356000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00767144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftfslh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00319536 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00317440 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00273576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftplaylh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00245792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00240640 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbnetdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpFilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00151656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WimFltr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00121216 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcusbserdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00084864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00074280 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\L1C62x64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00041280 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Windows\system32\Drivers\PCASp50a64.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MpNWMon.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00028840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftredirlh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Sftvollh.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006400 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\qcfilterdl2k.sys.bak
2014-01-10 03:26 - 2014-01-10 03:26 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00224768 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtAudDrv.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00175104 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00172704 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\CtClsFlt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00081920 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00071168 _____ (Intel Corporation) C:\Windows\system32\Drivers\bpenum.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-10 03:25 - 2014-01-10 03:25 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-09 13:54 - 2012-02-25 17:22 - 00001415 _____ C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-09 13:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-09 05:25 - 2013-12-24 22:05 - 00017230 _____ C:\Windows\IE11_main.log
2014-01-09 05:21 - 2014-01-09 05:21 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-09 05:21 - 2014-01-09 05:21 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-09 05:21 - 2014-01-09 05:21 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-09 05:21 - 2014-01-09 05:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-09 05:21 - 2014-01-09 05:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-09 05:21 - 2014-01-09 05:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-09 04:47 - 2009-07-14 00:13 - 00783272 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 04:45 - 2014-01-09 02:33 - 00038536 _____ C:\Windows\PFRO.log
2014-01-09 02:42 - 2012-02-25 17:18 - 00000000 ___RD C:\Users\Greg Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-09 02:33 - 2012-12-16 08:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-08 14:33 - 2012-12-30 13:07 - 00001111 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-08 14:33 - 2012-12-30 13:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-08 14:32 - 2014-01-08 14:32 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Greg Duke\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-08 14:15 - 2013-11-10 14:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2014-01-07 12:19 - 2009-07-13 23:45 - 00294024 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-07 11:53 - 2013-01-09 18:04 - 00000000 ____D C:\Users\Greg Duke\AppData\Roaming\SoftGrid Client
2014-01-02 11:14 - 2014-01-02 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 11:02 - 2012-03-03 19:28 - 00003900 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-02 11:02 - 2012-03-03 19:28 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-02 10:59 - 2013-09-07 21:39 - 00000000 ____D C:\Windows\system32\MRT
2014-01-02 10:34 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-24 22:33 - 2011-02-10 09:02 - 00000000 ____D C:\Windows\panther
2013-12-24 22:15 - 2012-12-24 13:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-24 22:15 - 2012-12-24 13:03 - 00000000 ____D C:\ProgramData\Skype
2013-12-24 21:41 - 2012-02-25 17:18 - 00000000 ____D C:\Users\Greg Duke
2013-12-24 21:40 - 2013-12-24 19:47 - 00000000 ____D C:\Program Files (x86)\GUM51DC.tmp
2013-12-24 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-12-24 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-24 19:46 - 2013-12-24 19:46 - 08699272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-10 12:51

==================== End Of Log ============================

Edited by CJDesmond, 11 January 2014 - 01:06 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
You do need to uninstall these:

Java™ 6 Update 27 (64-bit)
Java™ 6 Update 27


FRST was not able to get rid of the odd looking searchscope. Let's see if it is really there:

Copy the next 2 lines:

reg query "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes" /s > %userprofile%\desktop\junk.txt
notepad %userprofile%\desktop\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply. Close notepad. Close the Command Window.
  • 0

#7
CJDesmond

CJDesmond

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Ummm yeah forgot the JAVA uninstall. it's done now. :]

Tried to run your line, got this:

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>reg query "HKEY_CURRENT_USER\Software\Microsoft\Internet Exp
lorer\SearchScopes" /s > %userprofile%\desktop\junk.txt
ERROR: Invalid syntax.
Type "REG QUERY /?" for usage.

C:\Windows\system32>notepad %userprofile%\desktop\junk.txt

C:\Windows\system32>


i checked the key you have listed and attached 3 screen shots.

Screen 1 is HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes
Screen 2 is HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Screen 3 is HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä

­screen 1.jpg
screen 2.jpg
screen 3.jpg

Edited by CJDesmond, 12 January 2014 - 01:54 AM.

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Don't know why the reg query won't work on yours. I tested it on mine and it worked fine. Anyway what we want to do is delete:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä

I don't know if it's some malware or just a hard disk error but it's bad so needs to go. Just right click on the ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~¸RÙxœòÜ8'£-)x­ä and hit delete.

Also HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
appears to be from Conduit and Conduit is mostly adware so I would delete it too.
  • 0

#9
CJDesmond

CJDesmond

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
OK deleted both. Thanks you so much for your time and help. It is working GREAT now. My friend will be so happy to get her life. . .i mean laptop back. LOL!
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Unless you see other problems I think we are done and can clean up

Copy the following:


:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]

Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.



You can uninstall or delete any tools we had you download and their logs.

If we ran Combofix:To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.



OTL has a cleanup tab but DO NOT USE IT!. There are reports that it leaves the PC unbootable. Instead just delete OTL.exe and the folder c:\_OTL.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

Unless you have the latest version of Avast which has its own update checker: To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. Windows always hides its icon so you need to unhide it. Click on the up arrow to the left of the clock. Then click on Customize. Maximize the window so you can see all of the options. Scroll Down and find the File Hippo UpdateChecker and change its Behaviors to Show Icon and Notifications. OK. When you reboot you should see the icon. It will take it a minute to finish checking then it will put up a bubble if you need to update something. Click on the bubble and it should open in your browser. (Seems to work best if it uses Firefox. If you do not use Firefox as your default browser then right click on the icon and click on Settings. Then on Results. Change the Open Results in Default Browser to Custom Browser and then select the line that has Firefox.exe in it. While there, also check Hide Beta Versions. OK. ) You will see a list of programs that have updates with green down arrows next to them. You do not need to download any Beta Versions. There is an option Settings to Hide Beta Versions. I do not advise updating Windows Messenger unless you really use it so I right click on the Icon and Customize Results then find Microsoft Messenger and change Show All Releases to Hide All Releases. OK.

You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on. Go to adblockplus.org with each browser and get the add-on.

If Chrome/Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Close Chrome/Firefox. Hit Optimize. You can run it any time that Chrome/Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

CryptoPrevent

http://www.foolishIT.../cryptoprevent/

The free version does not update on its own so you should check for updated versions once in a while.



If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level. OK.

Make sure Windows Updates is turned and that it works. Go to Control panel, Windows Updates and see if it works.


My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP