Solved

Trojan.Agent/Gen-FakeAV and Trojan.Agent/Gen-Tracur

Posted on 2013-12-28
28
1,767 Views
Last Modified: 2014-01-04
Hi experts,

I have a windows 7 system which has not been allowing downloads. When I try to download a file, it stops just prior to completion with the message "The *** download was interrupted."

After I select Resume, the download finishes with the message "The signature of **** is corrupt or invalid."

When I attempt to execute the file, I get the message: "Installer integrity check has failed. Common causes include incomplete download and damaged media.  Contact the installer's author to obtain a new copy.  More information at: http:/nsis.sf.net/NSIS_Error"

I ran MyTurboPC which may of been a mistake.  
                                                                       

I also tried stopping all the non Microsoft processes, and also all the startup programs.

I ran SUPERAntiSpyware, with the below log:

SUPERAntiSpyware Scan Log:

. . .

Adware.Tracking Cookie

               C:\Users\****\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q5BPIVL8.txt [ /doubleclick.net ]


Trojan.Agent/Gen-FakeAV

               D:\DOCUMENTS\DOWNLOADS\TRUE IMAGE BACKUP SOFTWARE\LICENSE_ACRONIS_2010.EXE

Trojan.Agent/Gen-Tracur

               C:\WINDOWS\SYSWOW64\DISCHANDLER.EXE

I also ran: MBRCheck which found some issues.  The log file is attached.

I ran tdsskiller.exe in safe mode which didn't find anything.

I also ran Malwarebytes Anti-Malware which didn't find anything.

Any help is greatly appreciated.  

Thanks!

Brandon
MBRCheck-12.28.13-12.22.15.txt
0
Comment
Question by:bdfallon
  • 14
  • 7
  • 7
28 Comments
 
LVL 61

Expert Comment

by:btan
ID: 39744428
the critical part seems like it may be MBR infector that make it persistent, there are other tools to valid MBRchecker findings as well

http://techlogon.com/2012/01/15/how-to-check-for-and-fix-mbr-virus-infection/

We may also want to check the registry for traces ...such as the below and also the runkeys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Troj/Tracur-Gen
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

REmoval of the trojan

http://www.ehow.com/how_8409075_remove-tracur-trojan.html
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39744560
I would recommend to scan the system with the tools mentioned below and in the sequence they are mentioned and post the logs

Make sure you DO NOT REBOOT the system after running tools in point 1 & 2.

1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller

I would also recommend you to go through the articles from Younghv and RPG for the links of the tools and for the future reference

Basic Malware Troubleshooting
http://www.experts-exchange.com/A_1940.html

Rogue-Killer-What-a-great-name
http://www.experts-exchange.com/A_4922.html

Stop-the-Bleeding-First-Aid-for-Malware
http://www.experts-exchange.com/A_5124.html

Run MalwareBytes in Quick Mode and if that required reboot, then reboot the system and run tools mentioned in point 1 and 2 but this time run MalwareBytes in Full Systen Scan.

So in your next reply post the RogueKiller logs, MBAM logs and TDSSKIller Logs

Sudeep
0
 

Author Comment

by:bdfallon
ID: 39745399
Thanks  breadtanPosted and Sudeep,

Sudeep, I ran each of the below without rebooting ( I ran them in safemode with networking)
1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller

I did a quickscan using MalwareBytes.  I will repeat with a full system scan.

The logs are attached.

Thank you very much for your help!

Brandon
RKreport-0--S-12292013-201201.txt
mbam-log-2013-12-29--20-12-47-.txt
TDSSKiller-log.txt
0
 
LVL 61

Expert Comment

by:btan
ID: 39745465
Can also try upload the two SAS surfaced exe into virustotal to scan. Looks like more of PUP and false positives.

May also want to check any new (or suspicious) add on included in browser managed add on too. Can try disable those toolbars and try download. E.g. Clear browser cache and disable any download accelerators or managers and download the installer again.
0
 

Author Comment

by:bdfallon
ID: 39745523
Sudeep,
ched.
I ran the programs again, this time in a regular windows session.  I also did a full system scan with MalwareBytes.
1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller

The logs are attached.
RKreport-0--S-12292013-211033.txt
mbam-log-2013-12-29--21-11-33-.txt
TDSSKiller-log.txt
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39745830
Hello bdfallon,

We should have mentioned it, however we should not run the removal tools in the SafeMode.
Below comments are from the article from Younghv:
(http://www.experts-exchange.com/Software/Internet_Email/Anti_Spyware/A_6650-Malware-Fighting-Best-Practices.html)

If your computer will boot to “Normal Mode”, then in all cases that is how you should attempt to make the repair.
(The following comments in italics are courtesy of rpggamergirl):

During a Safe Mode boot, most malware processes are not running and Malwarebytes' heuristic detection can't detect them.

Malware processes must be active while doing the scan so scanning in Safe Mode is not going to be as effective.

Malwarebytes’ Direct Disk Access (DDA) is not running so the detection of rootkits and other stealth hidden nasties in this mode is not optimized.

While malware processes are not active in Safe Mode, most rootkits are - so MBAM is disadvantaged and will miss detecting them.

Windows File Protection is not on in Safe Mode in Windows 2000/XP/2003 Server so any patched system files e.g. explorer.exe, winlogon.exe, userinit.exe that are deleted by the scanner will not be replaced.

So please run the tools in the normal mode and NOT in SafeMode and post the results once more.

Thanks,
Sudeep
0
 

Author Comment

by:bdfallon
ID: 39746001
Sudeep,

I ran tools in normal mode.  The logs are attached.

Thank you for all your help!

Brandon
RKreport-0--S-12292013-211033.txt
mbam-log-2013-12-29--21-11-33-.txt
TDSSKiller-log.txt
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39746010
Are you not pressing the "Delete" button on RogueKiller after the scan. We could see this on every RogueKiller Logs:

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

Sudeep
0
 

Author Comment

by:bdfallon
ID: 39746178
No, I did not press "Delete" on RogueKiller.  I did not have any of the tools correct the issues found.  I wanted to give you the logs first before taking any actions.  Do you want me to rerun and correct issues?
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39746291
Sure. please go ahead.
0
 

Author Comment

by:bdfallon
ID: 39746323
Thanks Sudeep.  I'm sure this is obvious, but I'm being careful.
0
 

Author Comment

by:bdfallon
ID: 39746832
Sudeep,

I have rerun the tools.  I had RogueKiller delete the issues it found.

Please see attached logs.

What should I do next?

Thank you for your help!

Brandon
mbam-log-2013-12-30--13-27-10-.txt
RKreport-0--D-12302013-112949.txt
TDSSKiller-log.txt
0
 

Author Comment

by:bdfallon
ID: 39746853
I have also run "MBRCheck" which found the following:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version:                Windows 7 Professional
Windows Information:            Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:        ASUSTeK COMPUTER INC.
BIOS Manufacturer:              American Megatrends Inc.
System Manufacturer:            ASUSTeK COMPUTER INC.
System Product Name:            G75VW
Logical Drives Mask:            0x000000ac

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`14900000  (NTFS)
\\.\D: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000  (NTFS)

      Size  Device Name          MBR Status
  --------------------------------------------
    698 GB  \\.\PhysicalDrive0   Unknown MBR code
            SHA1: 639AC5CDF8A5CF3245975932C6A4215450A7B98F
    698 GB  \\.\PhysicalDrive1   Unknown MBR code
            SHA1: 16FACB29D75458833E397367B1DA17929157C2B3


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
0
 

Author Comment

by:bdfallon
ID: 39746857
Breadtan, thank you for your help.  My skill level is very low, so I can't implement your advice.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 61

Expert Comment

by:btan
ID: 39747202
Sure but probably running other mbr check tool in my forst posting link can help validate if mbrcheck findings. We do want to avoid false positive as if mbr is infected, we should just rebuild the machine.
0
 

Author Comment

by:bdfallon
ID: 39747381
Breadtan, I ran aswMBR.  The log is attached.  

Thanks for your help.
aswMBR.txt
0
 
LVL 61

Expert Comment

by:btan
ID: 39747519
Likely the unknown MBRcode is due to another boot mgr like grub2Dos or due to recovery partition restoration purpose by machine vendor like Dell has such recovery function.

To further confirm we can run GMER which is also stated in my earlier posted link. Below is a snapshot if the log created is resemblance to malware rootkits include mbr infector like TDL4/Alureon@mbr, so look out for " <-- ROOTKIT !!!"
http://www2.gmer.net/rootkits.php
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39747952
Hello bdfallon,

Logs seems to be clear now. Now we would run another tool to see if it could find something nasty.

Run OTL.

OTL by OldTimer is a flexible, multipurpose, diagnostic, and malware removal tool. It's useful for identifying changes made to a system by spyware, malware and other unwanted programs. It creates detailed reports of registry and file settings, and also includes advanced tools and scripting ability for manual removing malware.

Download:
http://oldtimer.geekstogo.com/OTL/OTL.exe

Alternate downloads and locations:

Sometimes malware will block OTL.exe by name, or all executables. In that case try one of these alternatives.
OTL.com: http://oldtimer.geekstogo.com/OTL.com
OTL.scr: http://oldtimer.geekstogo.com/OTL.scr

Mirrors:
OTL.com: http://www.itxassociates.com/OT-Tools/OTL.com
OTL.scr: http://www.itxassociates.com/OT-Tools/OTL.scr
OTL.exe: http://www.itxassociates.com/OT-Tools/OTL.exe

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Sudeep
0
 

Author Comment

by:bdfallon
ID: 39748658
Thank you Sudeep, logs are below:

OTL logfile created on: 12/31/2013 12:34:21 PM - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Brandon\Desktop\Malware\Oldtimer
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
32.00 Gb Total Physical Memory | 29.00 Gb Available Physical Memory | 90.00% Memory free
64.00 Gb Paging File | 60.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673.31 Gb Total Space | 369.10 Gb Free Space | 54.82% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 327.26 Gb Free Space | 46.84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: TRANSFORMING
Current User Name: Brandon
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/12/31 12:28:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon\Desktop\Malware\Oldtimer\OTL.exe
PRC - [2013/12/10 08:12:52 | 001,364,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/10/23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/10/08 07:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
PRC - [2013/09/07 08:13:38 | 000,055,624 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2013/09/03 08:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/07/31 03:49:42 | 003,267,512 | ---- | M] (InternetSafety.com, Inc.) -- C:\Program Files (x86)\Internet Content Filter\SafeEyes.exe
PRC - [2013/05/31 10:02:22 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2013/05/31 07:39:00 | 006,258,488 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
PRC - [2013/05/08 13:14:57 | 000,044,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2013/05/08 02:17:22 | 000,642,664 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/10 12:08:47 | 000,088,984 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2013/02/16 08:19:02 | 000,298,616 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2013/02/16 08:04:10 | 007,393,912 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2013/02/13 19:38:24 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013/02/13 19:38:18 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/02/13 19:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013/02/12 23:45:28 | 000,060,216 | ---- | M] (The Pidgin developer community) -- C:\Program Files (x86)\Pidgin\pidgin.exe
PRC - [2012/12/10 23:10:03 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2012/12/10 18:47:11 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012/06/20 17:21:46 | 001,556,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2012/03/09 15:38:26 | 000,658,560 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
PRC - [2012/02/29 14:08:34 | 001,121,448 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
PRC - [2012/02/28 20:13:56 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/02/28 20:13:54 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/02/21 15:29:38 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/21 15:29:28 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/02/18 02:46:03 | 003,331,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\APRP\aprp.exe
PRC - [2012/02/16 21:04:20 | 000,289,408 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
PRC - [2012/02/16 21:04:18 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
PRC - [2012/02/16 14:37:16 | 000,322,176 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/02/15 20:38:10 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/02/06 23:12:52 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/06 22:32:34 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2012/02/06 22:32:30 | 000,162,456 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2012/02/02 19:33:32 | 002,321,072 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2012/01/20 12:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe
PRC - [2011/12/29 18:27:48 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/11/21 17:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2011/11/21 17:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/10/24 20:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2011/10/03 11:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
PRC - [2011/08/19 21:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/05/23 04:04:48 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2011/03/27 16:23:14 | 000,113,840 | ---- | M] () -- C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe
PRC - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/08/20 12:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2010/04/13 19:01:58 | 000,094,024 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
PRC - [2010/04/13 19:01:56 | 000,079,688 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
PRC - [2010/04/13 19:01:52 | 007,384,904 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
PRC - [2010/04/13 19:01:52 | 007,046,984 | ---- | M] (TechSmith Corporation) -- C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
PRC - [2010/03/23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2013/12/31 12:28:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Brandon\Desktop\Malware\Oldtimer\OTL.exe
MOD - [2013/12/03 13:27:34 | 000,191,664 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\UMEngx86.dll
MOD - [2010/11/20 06:55:10 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009/07/13 20:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/10 17:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2013/07/24 06:00:12 | 000,182,752 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/07/24 05:57:32 | 000,219,272 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/01/29 03:06:56 | 000,278,288 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe -- (ac.sharedstore)
SRV:64bit: - [2012/10/01 20:34:38 | 000,178,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2012/03/23 02:07:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2012/02/03 01:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) Capability Licensing Service Interface)
SRV:64bit: - [2011/03/29 00:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2011/03/27 16:23:14 | 000,113,840 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe -- (AsusUacSvc)
SRV:64bit: - [2010/11/20 08:27:28 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2010/11/20 08:26:00 | 000,692,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/10 18:05:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/10 08:12:52 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/10/23 03:02:32 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/10/08 07:28:15 | 000,275,696 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe -- (NIS)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/11 19:39:06 | 000,124,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2013/09/11 19:39:06 | 000,051,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2013/09/07 08:13:38 | 000,055,624 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2013/09/03 08:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/31 03:49:52 | 002,765,968 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files (x86)\Internet Content Filter\mfeicfcore.exe -- (mfeicfcore)
SRV - [2013/07/31 03:49:52 | 002,316,328 | ---- | M] (InternetSafety.com, Inc.) [Auto | Running] -- C:\Program Files (x86)\Internet Content Filter\UpdateService.exe -- (mfeicfupdate)
SRV - [2013/05/31 10:02:22 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/16 08:04:10 | 007,393,912 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2012/12/11 11:39:06 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/28 20:13:56 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2012/02/28 20:13:54 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2012/02/21 15:29:38 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) Intel(R)
SRV - [2012/02/21 15:29:28 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) ME Service) Intel(R)
SRV - [2012/02/16 21:04:18 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2012/01/20 12:35:26 | 000,045,696 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe -- (FanChkService)
SRV - [2011/12/29 18:27:48 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011/12/29 18:09:24 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/11/21 17:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2011/11/21 17:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/08/19 21:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/08/19 21:30:58 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2011/05/13 18:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2011/03/02 00:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/23 12:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:64bit: - [2013/12/10 08:13:08 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/11/21 14:28:53 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/10/28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2013/10/01 21:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2013/07/24 06:00:22 | 000,343,312 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/07/24 05:58:32 | 000,776,168 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/07/24 05:57:42 | 000,519,064 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/07/24 05:57:02 | 000,310,224 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/07/24 05:56:42 | 000,179,664 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/10 19:49:12 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2013/03/04 07:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2013/02/11 23:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2012/03/23 02:07:42 | 002,193,008 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2012/02/29 14:08:34 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger)
DRV:64bit: - [2012/02/18 01:50:33 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/02/18 01:50:33 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/02/06 23:12:56 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) Intel(R)
DRV:64bit: - [2012/02/06 23:12:54 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) Intel(R)
DRV:64bit: - [2012/02/06 23:12:54 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) Intel(R)
DRV:64bit: - [2012/01/26 03:27:36 | 000,413,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/01/26 03:27:30 | 000,022,800 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012/01/04 05:54:54 | 000,094,808 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011/12/29 18:18:54 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/12/29 18:18:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/12/29 18:17:54 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/12/29 18:17:24 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/12/29 18:17:06 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/12/29 18:16:54 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/12/29 18:16:36 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/12/29 18:16:18 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/12/22 22:09:00 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/23 02:13:10 | 002,796,544 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/09/19 02:54:46 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/13 18:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/11/20 08:34:04 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 08:34:04 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 08:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:35:34 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 06:35:22 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 04:27:14 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2010/03/23 12:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/03/19 06:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/08 07:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 18:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 16:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/16 17:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013/12/14 10:37:24 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131230.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/12/03 13:27:32 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/11/21 01:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131231.001\ex64.sys -- (NAVEX15)
DRV - [2013/11/21 01:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/11/21 01:00:00 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/11/21 01:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131231.001\eng64.sys -- (NAVENG)
DRV - [2013/04/18 05:09:20 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012/02/29 14:08:34 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AiCharger.sys -- (AiCharger)
DRV - [2011/09/07 12:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/02 20:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.crosswalk.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2013/12/31 12:34:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/01/07 22:55:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013/11/21 19:59:26 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2013/12/07 14:18:15 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [accrdsub] C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [ICF] C:\Program Files (x86)\Internet Content Filter\SafeEyes.exe (InternetSafety.com, Inc.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Pidgin] C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2013\spy.htm ()
O9:64bit: - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2013\spy.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2013\spy.htm ()
O9 - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - C:\Program Files\Altova\XMLSpy2013\spy.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab (JuniperSetupClientControl64 Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {EBF1BFCB-F60B-4DCB-9C96-E53C543CB645} http://174.77.158.136/qcbin/ALM-Platform-Loader.11.cab (ALM Platfrom Loader v11)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://uacwireless.gmu.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/12/30 17:00:43 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Brandon\Desktop\aswmbr.exe
[2013/12/29 18:17:35 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Logs
[2013/12/29 18:07:24 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFRd.sys.bak
[2013/12/29 18:07:24 | 000,154,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2013/12/29 18:07:24 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFPf.sys.bak
[2013/12/29 18:07:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winusb.sys.bak
[2013/12/29 18:07:24 | 000,022,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wimmount.sys.bak
[2013/12/29 18:07:24 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ws2ifsl.sys.bak
[2013/12/29 18:07:24 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013/12/29 18:07:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmiacpi.sys.bak
[2013/12/29 18:07:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwf.sys.bak
[2013/12/29 18:07:23 | 000,785,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Wdf01000.sys.bak
[2013/12/29 18:07:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wanarp.sys.bak
[2013/12/29 18:07:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwififlt.sys.bak
[2013/12/29 18:07:23 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013/12/29 18:07:23 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013/12/29 18:07:23 | 000,027,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wacompen.sys.bak
[2013/12/29 18:07:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifibus.sys.bak
[2013/12/29 18:07:23 | 000,021,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd.sys.bak
[2013/12/29 18:07:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifimp.sys.bak
[2013/12/29 18:07:22 | 000,363,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgrx.sys.bak
[2013/12/29 18:07:22 | 000,360,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys.bak
[2013/12/29 18:07:22 | 000,296,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volsnap.sys.bak
[2013/12/29 18:07:22 | 000,194,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys.bak
[2013/12/29 18:07:22 | 000,161,872 | ---- | C] (VIA Technologies Inc.,Ltd) -- C:\Windows\SysNative\drivers\vsmraid.sys.bak
[2013/12/29 18:07:22 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys.bak
[2013/12/29 18:07:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys.bak
[2013/12/29 18:07:21 | 002,193,008 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys.bak
[2013/12/29 18:07:21 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013/12/29 18:07:21 | 000,071,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgr.sys.bak
[2013/12/29 18:07:21 | 000,017,488 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viaide.sys.bak
[2013/12/29 18:07:20 | 000,215,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vhdmp.sys.bak
[2013/12/29 18:07:20 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbvideo.sys.bak
[2013/12/29 18:07:20 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBSTOR.SYS.bak
[2013/12/29 18:07:20 | 000,036,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vdrvroot.sys.bak
[2013/12/29 18:07:20 | 000,036,352 | ---- | C] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\VClone.sys.bak
[2013/12/29 18:07:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013/12/29 18:07:20 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbuhci.sys.bak
[2013/12/29 18:07:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vgapnp.sys.bak
[2013/12/29 18:07:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vga.sys.bak
[2013/12/29 18:07:20 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbprint.sys.bak
[2013/12/29 18:07:19 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbhub.sys.bak
[2013/12/29 18:07:19 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013/12/29 18:07:19 | 000,109,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBAUDIO.sys.bak
[2013/12/29 18:07:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbcir.sys.bak
[2013/12/29 18:07:19 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbccgp.sys.bak
[2013/12/29 18:07:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbehci.sys.bak
[2013/12/29 18:07:19 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/29 18:07:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbohci.sys.bak
[2013/12/29 18:07:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys.bak
[2013/12/29 18:07:19 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013/12/29 18:07:18 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\udfs.sys.bak
[2013/12/29 18:07:18 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tunnel.sys.bak
[2013/12/29 18:07:18 | 000,064,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS.bak
[2013/12/29 18:07:18 | 000,064,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UAGP35.SYS.bak
[2013/12/29 18:07:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/29 18:07:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umbus.sys.bak
[2013/12/29 18:07:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2013/12/29 18:07:18 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013/12/29 18:07:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umpass.sys.bak
[2013/12/29 18:07:17 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdx.sys.bak
[2013/12/29 18:07:17 | 000,063,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\termdd.sys.bak
[2013/12/29 18:07:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tssecsrv.sys.bak
[2013/12/29 18:07:17 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys.bak
[2013/12/29 18:07:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013/12/29 18:07:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdtcp.sys.bak
[2013/12/29 18:07:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdpipe.sys.bak
[2013/12/29 18:07:16 | 001,903,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys.bak
[2013/12/29 18:07:16 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreg.sys.bak
[2013/12/29 18:07:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013/12/29 18:07:15 | 000,413,456 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2013/12/29 18:07:15 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013/12/29 18:07:15 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2013/12/29 18:07:15 | 000,107,288 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys.bak
[2013/12/29 18:07:15 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013/12/29 18:07:15 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013/12/29 18:07:15 | 000,012,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\swenum.sys.bak
[2013/12/29 18:07:14 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv.sys.bak
[2013/12/29 18:07:14 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013/12/29 18:07:14 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys.bak
[2013/12/29 18:07:14 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srvnet.sys.bak
[2013/12/29 18:07:14 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smb.sys.bak
[2013/12/29 18:07:14 | 000,080,464 | ---- | C] (Silicon Integrated Systems) -- C:\Windows\SysNative\drivers\sisraid4.sys.bak
[2013/12/29 18:07:14 | 000,056,832 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\SiSG664.sys.bak
[2013/12/29 18:07:14 | 000,043,584 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\sisraid2.sys.bak
[2013/12/29 18:07:14 | 000,022,800 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver.sys.bak
[2013/12/29 18:07:14 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013/12/29 18:07:14 | 000,019,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spldr.sys.bak
[2013/12/29 18:07:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sfloppy.sys.bak
[2013/12/29 18:07:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffp_sd.sys.bak
[2013/12/29 18:07:13 | 000,094,208 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\serial.sys.bak
[2013/12/29 18:07:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sermouse.sys.bak
[2013/12/29 18:07:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serenum.sys.bak
[2013/12/29 18:07:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffdisk.sys.bak
[2013/12/29 18:07:13 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffp_mmc.sys.bak
[2013/12/29 18:07:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serscan.sys.bak
[2013/12/29 18:07:12 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013/12/29 18:07:12 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rfcomm.sys.bak
[2013/12/29 18:07:12 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013/12/29 18:07:12 | 000,103,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sbp2port.sys.bak
[2013/12/29 18:07:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rspndr.sys.bak
[2013/12/29 18:07:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys.bak
[2013/12/29 18:07:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013/12/29 18:07:12 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scfilter.sys.bak
[2013/12/29 18:07:12 | 000,023,040 | ---- | C] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\SysNative\drivers\secdrv.sys.bak
[2013/12/29 18:07:12 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013/12/29 18:07:11 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdbss.sys.bak
[2013/12/29 18:07:11 | 000,213,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdyboost.sys.bak
[2013/12/29 18:07:11 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpwd.sys.bak
[2013/12/29 18:07:11 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpdr.sys.bak
[2013/12/29 18:07:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpbus.sys.bak
[2013/12/29 18:07:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2013/12/29 18:07:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPREFMP.sys.bak
[2013/12/29 18:07:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPENCDD.sys.bak
[2013/12/29 18:07:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPCDD.sys.bak
[2013/12/29 18:07:10 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasl2tp.sys.bak
[2013/12/29 18:07:10 | 000,128,592 | ---- | C] (QLogic Corporation) -- C:\Windows\SysNative\drivers\ql40xx.sys.bak
[2013/12/29 18:07:10 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspptp.sys.bak
[2013/12/29 18:07:10 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspppoe.sys.bak
[2013/12/29 18:07:10 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rassstp.sys.bak
[2013/12/29 18:07:10 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\qwavedrv.sys.bak
[2013/12/29 18:07:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasacd.sys.bak
[2013/12/29 18:07:09 | 001,524,816 | ---- | C] (QLogic Corporation) -- C:\Windows\SysNative\drivers\ql2300.sys.bak
[2013/12/29 18:07:09 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\PEAuth.sys.bak
[2013/12/29 18:07:09 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013/12/29 18:07:09 | 000,220,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcmcia.sys.bak
[2013/12/29 18:07:09 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\processr.sys.bak
[2013/12/29 18:07:09 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys.bak
[2013/12/29 18:07:09 | 000,050,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcw.sys.bak
[2013/12/29 18:07:08 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nwifi.sys.bak
[2013/12/29 18:07:08 | 000,184,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pci.sys.bak
[2013/12/29 18:07:08 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pacer.sys.bak
[2013/12/29 18:07:08 | 000,122,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NV_AGP.SYS.bak
[2013/12/29 18:07:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\parport.sys.bak
[2013/12/29 18:07:08 | 000,075,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\partmgr.sys.bak
[2013/12/29 18:07:08 | 000,072,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ohci1394.sys.bak
[2013/12/29 18:07:08 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013/12/29 18:07:08 | 000,012,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciide.sys.bak
[2013/12/29 18:07:07 | 000,166,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstor.sys.bak
[2013/12/29 18:07:06 | 000,148,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvraid.sys.bak
[2013/12/29 18:07:05 | 012,572,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys.bak
[2013/12/29 18:07:05 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2013/12/29 18:07:04 | 001,656,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ntfs.sys.bak
[2013/12/29 18:07:04 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013/12/29 18:07:04 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbt.sys.bak
[2013/12/29 18:07:04 | 000,051,264 | ---- | C] (IBM Corporation) -- C:\Windows\SysNative\drivers\nfrd960.sys.bak
[2013/12/29 18:07:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\npfs.sys.bak
[2013/12/29 18:07:04 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nsiproxy.sys.bak
[2013/12/29 18:07:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\null.sys.bak
[2013/12/29 18:07:03 | 000,950,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndis.sys.bak
[2013/12/29 18:07:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiswan.sys.bak
[2013/12/29 18:07:03 | 000,060,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mup.sys.bak
[2013/12/29 18:07:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndproxy.sys.bak
[2013/12/29 18:07:03 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndisuio.sys.bak
[2013/12/29 18:07:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbios.sys.bak
[2013/12/29 18:07:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiscap.sys.bak
[2013/12/29 18:07:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndistapi.sys.bak
[2013/12/29 18:07:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\MTConfig.sys.bak
[2013/12/29 18:07:02 | 000,366,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msrpc.sys.bak
[2013/12/29 18:07:02 | 000,273,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msiscsi.sys.bak
[2013/12/29 18:07:02 | 000,140,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msdsm.sys.bak
[2013/12/29 18:07:02 | 000,032,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mssmbios.sys.bak
[2013/12/29 18:07:02 | 000,031,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msahci.sys.bak
[2013/12/29 18:07:02 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msfs.sys.bak
[2013/12/29 18:07:02 | 000,015,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msisadrv.sys.bak
[2013/12/29 18:07:02 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mskssrv.sys.bak
[2013/12/29 18:07:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mshidkmdf.sys.bak
[2013/12/29 18:07:02 | 000,008,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mstee.sys.bak
[2013/12/29 18:07:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mspclock.sys.bak
[2013/12/29 18:07:02 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mspqm.sys.bak
[2013/12/29 18:07:01 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb10.sys.bak
[2013/12/29 18:07:01 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb.sys.bak
[2013/12/29 18:07:01 | 000,155,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mpio.sys.bak
[2013/12/29 18:07:01 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxdav.sys.bak
[2013/12/29 18:07:01 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb20.sys.bak
[2013/12/29 18:07:01 | 000,094,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mountmgr.sys.bak
[2013/12/29 18:07:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mpsdrv.sys.bak
[2013/12/29 18:07:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mouhid.sys.bak
[2013/12/29 18:07:00 | 000,776,168 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys.bak
[2013/12/29 18:07:00 | 000,519,064 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys.bak
[2013/12/29 18:07:00 | 000,343,312 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys.bak
[2013/12/29 18:07:00 | 000,310,224 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys.bak
[2013/12/29 18:07:00 | 000,049,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mouclass.sys.bak
[2013/12/29 18:07:00 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\modem.sys.bak
[2013/12/29 18:07:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\monitor.sys.bak
[2013/12/29 18:06:59 | 000,284,736 | ---- | C] (LSI Corporation, Inc.) -- C:\Windows\SysNative\drivers\MegaSR.sys.bak
[2013/12/29 18:06:59 | 000,179,664 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys.bak
[2013/12/29 18:06:59 | 000,115,776 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_scsi.sys.bak
[2013/12/29 18:06:59 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\luafv.sys.bak
[2013/12/29 18:06:59 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/29 18:06:59 | 000,035,392 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\megasas.sys.bak
[2013/12/29 18:06:59 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013/12/29 18:06:59 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013/12/29 18:06:58 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys.bak
[2013/12/29 18:06:58 | 000,154,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys.bak
[2013/12/29 18:06:58 | 000,114,752 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_fc.sys.bak
[2013/12/29 18:06:58 | 000,108,656 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2013/12/29 18:06:58 | 000,106,560 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas.sys.bak
[2013/12/29 18:06:58 | 000,095,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecdd.sys.bak
[2013/12/29 18:06:58 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\lltdio.sys.bak
[2013/12/29 18:06:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdhid.sys.bak
[2013/12/29 18:06:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksthunk.sys.bak
[2013/12/29 18:06:57 | 000,787,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys.bak
[2013/12/29 18:06:57 | 000,356,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys.bak
[2013/12/29 18:06:57 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013/12/29 18:06:57 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipnat.sys.bak
[2013/12/29 18:06:57 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipfltdrv.sys.bak
[2013/12/29 18:06:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\IPMIDrv.sys.bak
[2013/12/29 18:06:57 | 000,050,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdclass.sys.bak
[2013/12/29 18:06:57 | 000,020,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\isapnp.sys.bak
[2013/12/29 18:06:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irenum.sys.bak
[2013/12/29 18:06:57 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys.bak
[2013/12/29 18:06:56 | 000,753,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\http.sys.bak
[2013/12/29 18:06:56 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2013/12/29 18:06:56 | 000,410,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorV.sys.bak
[2013/12/29 18:06:56 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\i8042prt.sys.bak
[2013/12/29 18:06:56 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelppm.sys.bak
[2013/12/29 18:06:56 | 000,044,112 | ---- | C] (Intel Corp./ICP vortex GmbH) -- C:\Windows\SysNative\drivers\iirsp.sys.bak
[2013/12/29 18:06:56 | 000,016,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelide.sys.bak
[2013/12/29 18:06:56 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hwpolicy.sys.bak
[2013/12/29 18:06:55 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys.bak
[2013/12/29 18:06:55 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hdaudbus.sys.bak
[2013/12/29 18:06:55 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbth.sys.bak
[2013/12/29 18:06:55 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013/12/29 18:06:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013/12/29 18:06:55 | 000,062,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2013/12/29 18:06:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidir.sys.bak
[2013/12/29 18:06:55 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013/12/29 18:06:55 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013/12/29 18:06:55 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidusb.sys.bak
[2013/12/29 18:06:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbatt.sys.bak
[2013/12/29 18:06:54 | 000,289,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fltMgr.sys.bak
[2013/12/29 18:06:54 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/29 18:06:54 | 000,223,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys.bak
[2013/12/29 18:06:54 | 000,065,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\GAGP30KX.SYS.bak
[2013/12/29 18:06:54 | 000,055,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fsdepends.sys.bak
[2013/12/29 18:06:54 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2013/12/29 18:06:54 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.bak
[2013/12/29 18:06:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\flpydisk.sys.bak
[2013/12/29 18:06:54 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013/12/29 18:06:53 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fastfat.sys.bak
[2013/12/29 18:06:53 | 000,070,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fileinfo.sys.bak
[2013/12/29 18:06:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\filetrace.sys.bak
[2013/12/29 18:06:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fdc.sys.bak
[2013/12/29 18:06:52 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013/12/29 18:06:52 | 000,530,496 | ---- | C] (Emulex) -- C:\Windows\SysNative\drivers\elxstor.sys.bak
[2013/12/29 18:06:52 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\exfat.sys.bak
[2013/12/29 18:06:52 | 000,040,344 | ---- | C] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys.bak
[2013/12/29 18:06:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\errdev.sys.bak
[2013/12/29 18:06:51 | 000,983,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys.bak
[2013/12/29 18:06:51 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013/12/29 18:06:51 | 000,157,968 | ---- | C] (Deterministic Networks, Inc.) -- C:\Windows\SysNative\drivers\dne64x.sys.bak
[2013/12/29 18:06:51 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013/12/29 18:06:51 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013/12/29 18:06:51 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013/12/29 18:06:51 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013/12/29 18:06:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013/12/29 18:06:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmkaud.sys.bak
[2013/12/29 18:06:50 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\csc.sys.bak
[2013/12/29 18:06:50 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dfsc.sys.bak
[2013/12/29 18:06:50 | 000,073,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\disk.sys.bak
[2013/12/29 18:06:50 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\discache.sys.bak
[2013/12/29 18:06:50 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013/12/29 18:06:50 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013/12/29 18:06:50 | 000,024,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crcdisk.sys.bak
[2013/12/29 18:06:50 | 000,014,992 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\CVirtA64.sys.bak
[2013/12/29 18:06:49 | 000,458,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cng.sys.bak
[2013/12/29 18:06:49 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013/12/29 18:06:49 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdrom.sys.bak
[2013/12/29 18:06:49 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\circlass.sys.bak
[2013/12/29 18:06:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CompositeBus.sys.bak
[2013/12/29 18:06:49 | 000,021,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\compbatt.sys.bak
[2013/12/29 18:06:49 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CmBatt.sys.bak
[2013/12/29 18:06:49 | 000,017,488 | ---- | C] (CMD Technology, Inc.) -- C:\Windows\SysNative\drivers\cmdide.sys.bak
[2013/12/29 18:06:48 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthport.sys.bak
[2013/12/29 18:06:48 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013/12/29 18:06:48 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthpan.sys.bak
[2013/12/29 18:06:48 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdfs.sys.bak
[2013/12/29 18:06:48 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BTHUSB.SYS.bak
[2013/12/29 18:06:48 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys.bak
[2013/12/29 18:06:48 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys.bak
[2013/12/29 18:06:47 | 000,548,000 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys.bak
[2013/12/29 18:06:47 | 000,338,592 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_a2dp.sys.bak
[2013/12/29 18:06:47 | 000,280,992 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_rcp.sys.bak
[2013/12/29 18:06:47 | 000,167,584 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_hcrp.sys.bak
[2013/12/29 18:06:47 | 000,110,752 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_avdt.sys.bak
[2013/12/29 18:06:47 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthmodem.sys.bak
[2013/12/29 18:06:47 | 000,068,256 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_lwflt.sys.bak
[2013/12/29 18:06:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthenum.sys.bak
[2013/12/29 18:06:47 | 000,036,000 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_flt.sys.bak
[2013/12/29 18:06:47 | 000,030,368 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_bus.sys.bak
[2013/12/29 18:06:46 | 000,286,720 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrSerId.sys.bak
[2013/12/29 18:06:46 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bridge.sys.bak
[2013/12/29 18:06:46 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bowser.sys.bak
[2013/12/29 18:06:46 | 000,047,104 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrSerWdm.sys.bak
[2013/12/29 18:06:46 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\blbdrive.sys.bak
[2013/12/29 18:06:46 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013/12/29 18:06:46 | 000,018,432 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\BrFiltLo.sys.bak
[2013/12/29 18:06:46 | 000,014,976 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrUsbMdm.sys.bak
[2013/12/29 18:06:46 | 000,014,720 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrUsbSer.sys.bak
[2013/12/29 18:06:46 | 000,008,704 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\BrFiltUp.sys.bak
[2013/12/29 18:06:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\beep.sys.bak
[2013/12/29 18:06:45 | 002,796,544 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2013/12/29 18:06:45 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013/12/29 18:06:45 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013/12/29 18:06:45 | 000,024,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\atapi.sys.bak
[2013/12/29 18:06:44 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013/12/29 18:06:44 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013/12/29 18:06:44 | 000,097,856 | ---- | C] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\arcsas.sys.bak
[2013/12/29 18:06:44 | 000,094,808 | ---- | C] (Alcor Micro, Corp.) -- C:\Windows\SysNative\drivers\AmUStor.sys.bak
[2013/12/29 18:06:44 | 000,087,632 | ---- | C] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\arc.sys.bak
[2013/12/29 18:06:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdk8.sys.bak
[2013/12/29 18:06:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\appid.sys.bak
[2013/12/29 18:06:44 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdppm.sys.bak
[2013/12/29 18:06:44 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013/12/29 18:06:44 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\asyncmac.sys.bak
[2013/12/29 18:06:44 | 000,015,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdide.sys.bak
[2013/12/29 18:06:44 | 000,015,440 | ---- | C] (Acer Laboratories Inc.) -- C:\Windows\SysNative\drivers\aliide.sys.bak
[2013/12/29 18:06:43 | 001,146,880 | ---- | C] (LSI Corp) -- C:\Windows\SysNative\drivers\agrsm64.sys.bak
[2013/12/29 18:06:43 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\afd.sys.bak
[2013/12/29 18:06:43 | 000,491,088 | ---- | C] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adp94xx.sys.bak
[2013/12/29 18:06:43 | 000,339,536 | ---- | C] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adpahci.sys.bak
[2013/12/29 18:06:43 | 000,182,864 | ---- | C] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adpu320.sys.bak
[2013/12/29 18:06:43 | 000,061,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\AGP440.sys.bak
[2013/12/29 18:06:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\agilevpn.sys.bak
[2013/12/29 18:06:43 | 000,017,152 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiCharger.sys.bak
[2013/12/29 18:06:42 | 000,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpi.sys.bak
[2013/12/29 18:06:42 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394ohci.sys.bak
[2013/12/29 18:06:42 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013/12/29 18:06:42 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpipmi.sys.bak
[2013/12/29 18:03:15 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\RK_Quarantine
[2013/12/29 18:02:57 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Malware
[2013/12/27 17:21:28 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\SUPERAntiSpyware.com
[2013/12/27 17:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/12/27 17:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/12/27 16:04:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013/12/27 12:09:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/12/27 12:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/12/27 10:22:55 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/12/27 09:54:11 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013/12/25 14:05:03 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\SelfMV
[2013/12/18 19:42:19 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\2013_12_18_santa
[2013/12/17 20:50:04 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\webkit
[2013/12/17 20:48:29 | 000,000,000 | ---D | C] -- C:\Users\Brandon\.thumbnails
[2013/12/17 20:46:52 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\fontconfig
[2013/12/17 20:46:51 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\gegl-0.2
[2013/12/17 20:46:51 | 000,000,000 | ---D | C] -- C:\Users\Brandon\.gimp-2.8
[2013/12/17 20:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/12/16 09:42:58 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Desktop\Of interest
[2013/12/11 01:16:30 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/11 01:16:30 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/11 01:16:30 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/11 01:16:29 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/11 01:08:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/11 01:08:38 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/11 01:08:38 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/11 01:08:38 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/11 01:08:38 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/11 01:08:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/11 01:08:38 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/11 01:08:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/11 01:08:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/11 01:08:37 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2013/12/11 01:08:37 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/11 01:08:37 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/11 01:08:37 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/11 01:08:37 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/11 01:08:36 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/11 01:08:36 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/11 01:08:34 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/11 01:08:34 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2013/12/11 00:57:53 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/11 00:57:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/11 00:57:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/11 00:57:52 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imagehlp.dll
[2013/12/11 00:57:52 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/11 00:57:52 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/11 00:57:44 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/11 00:57:44 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/11 00:56:22 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/11 00:56:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/11 00:56:22 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/11 00:56:22 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/11 00:56:22 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/11 00:56:22 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/10 11:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/12/10 11:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/12/10 08:13:18 | 015,855,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/12/10 08:13:14 | 030,344,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/12/10 08:13:14 | 022,933,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/12/10 08:13:14 | 011,374,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/12/10 08:13:14 | 009,480,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/12/10 08:13:10 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013/12/10 08:13:10 | 000,655,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/12/10 08:13:10 | 000,560,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/12/10 08:13:10 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/12/10 08:13:08 | 001,884,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433165.dll
[2013/12/10 08:13:08 | 001,511,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433165.dll
[2013/12/10 08:13:08 | 000,696,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/12/10 08:13:08 | 000,599,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/12/10 08:13:08 | 000,479,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013/12/10 08:13:08 | 000,405,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013/12/10 08:13:08 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/12/10 08:13:06 | 011,426,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/12/10 08:13:06 | 009,524,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/12/10 08:13:06 | 003,131,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/12/10 08:13:06 | 003,124,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/12/10 08:13:06 | 002,946,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/12/10 08:13:06 | 002,747,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/12/10 08:12:54 | 025,257,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/12/10 08:12:54 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/12/08 00:09:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/12/07 23:34:12 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\MyTurboPC.com
[2013/12/07 23:34:12 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\DriverCure
[2013/12/07 23:34:07 | 000,000,000 | ---D | C] -- C:\ProgramData\MyTurboPC.com
[2013/12/07 23:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyTurboPC.com
[2013/12/07 23:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MyTurboPC.com
[2013/12/07 14:20:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/12/07 14:07:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/12/06 16:40:35 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\SAS
[2013/12/04 12:29:58 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Local\Adobe_Systems_Incorporate
[2013/12/04 12:28:59 | 000,000,000 | ---D | C] -- C:\Users\Brandon\Documents\My Digital Editions
[2013/12/01 14:19:34 | 000,000,000 | ---D | C] -- C:\Users\Brandon\AppData\Roaming\Mozilla
[2011/12/07 14:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/12/31 12:39:19 | 000,015,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/31 12:39:19 | 000,015,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/31 12:38:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/12/31 12:36:38 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/31 12:32:55 | 000,000,380 | ---- | M] () -- C:\Users\Brandon\AppData\Roaming\sp_data.sys
[2013/12/31 12:32:06 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/31 12:31:38 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2013/12/31 12:31:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2013/12/31 12:31:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/31 12:30:47 | 4257,931,259 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/31 12:29:55 | 008,126,464 | -HS- | M] () -- C:\Users\Brandon\NTUSER.DAT
[2013/12/31 12:24:15 | 000,008,986 | ---- | M] () -- C:\Users\Brandon\Desktop\Book1.xlsx
[2013/12/31 12:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/31 11:30:15 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-975919606-2628150735-1519795703-1001UA.job
[2013/12/30 20:43:04 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-975919606-2628150735-1519795703-1001Core.job
[2013/12/30 18:01:18 | 000,000,512 | ---- | M] () -- C:\Users\Brandon\Desktop\MBR.dat
[2013/12/30 17:54:26 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFRd.sys.bak
[2013/12/30 17:54:26 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WUDFPf.sys.bak
[2013/12/30 17:54:25 | 000,785,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Wdf01000.sys.bak
[2013/12/30 17:54:25 | 000,154,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2013/12/30 17:54:25 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013/12/30 17:54:25 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winusb.sys.bak
[2013/12/30 17:54:25 | 000,022,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wimmount.sys.bak
[2013/12/30 17:54:25 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ws2ifsl.sys.bak
[2013/12/30 17:54:25 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013/12/30 17:54:25 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmiacpi.sys.bak
[2013/12/30 17:54:25 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wfplwf.sys.bak
[2013/12/30 17:54:24 | 000,360,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys.bak
[2013/12/30 17:54:24 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\SysNative\drivers\vsmraid.sys.bak
[2013/12/30 17:54:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wanarp.sys.bak
[2013/12/30 17:54:24 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwififlt.sys.bak
[2013/12/30 17:54:24 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013/12/30 17:54:24 | 000,027,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wacompen.sys.bak
[2013/12/30 17:54:24 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifibus.sys.bak
[2013/12/30 17:54:24 | 000,021,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wd.sys.bak
[2013/12/30 17:54:24 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifimp.sys.bak
[2013/12/30 17:54:23 | 000,363,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgrx.sys.bak
[2013/12/30 17:54:23 | 000,296,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volsnap.sys.bak
[2013/12/30 17:54:23 | 000,194,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys.bak
[2013/12/30 17:54:23 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013/12/30 17:54:23 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys.bak
[2013/12/30 17:54:23 | 000,071,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\volmgr.sys.bak
[2013/12/30 17:54:23 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys.bak
[2013/12/30 17:54:23 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viaide.sys.bak
[2013/12/30 17:54:22 | 002,193,008 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys.bak
[2013/12/30 17:54:22 | 000,215,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vhdmp.sys.bak
[2013/12/30 17:54:22 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbvideo.sys.bak
[2013/12/30 17:54:22 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBSTOR.SYS.bak
[2013/12/30 17:54:22 | 000,036,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vdrvroot.sys.bak
[2013/12/30 17:54:22 | 000,036,352 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\VClone.sys.bak
[2013/12/30 17:54:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbuhci.sys.bak
[2013/12/30 17:54:22 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vgapnp.sys.bak
[2013/12/30 17:54:22 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vga.sys.bak
[2013/12/30 17:54:21 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013/12/30 17:54:21 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013/12/30 17:54:21 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbohci.sys.bak
[2013/12/30 17:54:21 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbprint.sys.bak
[2013/12/30 17:54:20 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbhub.sys.bak
[2013/12/30 17:54:20 | 000,109,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBAUDIO.sys.bak
[2013/12/30 17:54:20 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbcir.sys.bak
[2013/12/30 17:54:20 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbccgp.sys.bak
[2013/12/30 17:54:20 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbehci.sys.bak
[2013/12/30 17:54:20 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/30 17:54:20 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys.bak
[2013/12/30 17:54:20 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013/12/30 17:54:20 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013/12/30 17:54:19 | 000,328,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\udfs.sys.bak
[2013/12/30 17:54:19 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tunnel.sys.bak
[2013/12/30 17:54:19 | 000,064,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS.bak
[2013/12/30 17:54:19 | 000,064,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UAGP35.SYS.bak
[2013/12/30 17:54:19 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/30 17:54:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umbus.sys.bak
[2013/12/30 17:54:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2013/12/30 17:54:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\umpass.sys.bak
[2013/12/30 17:54:18 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdx.sys.bak
[2013/12/30 17:54:18 | 000,063,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\termdd.sys.bak
[2013/12/30 17:54:18 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpipreg.sys.bak
[2013/12/30 17:54:18 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tssecsrv.sys.bak
[2013/12/30 17:54:18 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tpm.sys.bak
[2013/12/30 17:54:18 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013/12/30 17:54:18 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdtcp.sys.bak
[2013/12/30 17:54:18 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdpipe.sys.bak
[2013/12/30 17:54:17 | 001,903,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tcpip.sys.bak
[2013/12/30 17:54:17 | 000,413,456 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2013/12/30 17:54:17 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2013/12/30 17:54:17 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013/12/30 17:54:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013/12/30 17:54:17 | 000,012,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\swenum.sys.bak
[2013/12/30 17:54:16 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv.sys.bak
[2013/12/30 17:54:16 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013/12/30 17:54:16 | 000,410,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys.bak
[2013/12/30 17:54:16 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013/12/30 17:54:16 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srvnet.sys.bak
[2013/12/30 17:54:16 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys.bak
[2013/12/30 17:54:16 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013/12/30 17:54:15 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smb.sys.bak
[2013/12/30 17:54:15 | 000,080,464 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\SysNative\drivers\sisraid4.sys.bak
[2013/12/30 17:54:15 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\SiSG664.sys.bak
[2013/12/30 17:54:15 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\sisraid2.sys.bak
[2013/12/30 17:54:15 | 000,022,800 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver.sys.bak
[2013/12/30 17:54:15 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013/12/30 17:54:15 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spldr.sys.bak
[2013/12/30 17:54:15 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sfloppy.sys.bak
[2013/12/30 17:54:15 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffp_sd.sys.bak
[2013/12/30 17:54:14 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013/12/30 17:54:14 | 000,103,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sbp2port.sys.bak
[2013/12/30 17:54:14 | 000,094,208 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\serial.sys.bak
[2013/12/30 17:54:14 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scfilter.sys.bak
[2013/12/30 17:54:14 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sermouse.sys.bak
[2013/12/30 17:54:14 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serenum.sys.bak
[2013/12/30 17:54:14 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\SysNative\drivers\secdrv.sys.bak
[2013/12/30 17:54:14 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffdisk.sys.bak
[2013/12/30 17:54:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sffp_mmc.sys.bak
[2013/12/30 17:54:14 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\serscan.sys.bak
[2013/12/30 17:54:13 | 000,213,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdyboost.sys.bak
[2013/12/30 17:54:13 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpwd.sys.bak
[2013/12/30 17:54:13 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rfcomm.sys.bak
[2013/12/30 17:54:13 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013/12/30 17:54:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rspndr.sys.bak
[2013/12/30 17:54:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys.bak
[2013/12/30 17:54:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013/12/30 17:54:13 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013/12/30 17:54:12 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdbss.sys.bak
[2013/12/30 17:54:12 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpdr.sys.bak
[2013/12/30 17:54:12 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspptp.sys.bak
[2013/12/30 17:54:12 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rassstp.sys.bak
[2013/12/30 17:54:12 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpbus.sys.bak
[2013/12/30 17:54:12 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2013/12/30 17:54:12 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPREFMP.sys.bak
[2013/12/30 17:54:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPENCDD.sys.bak
[2013/12/30 17:54:12 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RDPCDD.sys.bak
[2013/12/30 17:54:11 | 001,524,816 | ---- | M] (QLogic Corporation) -- C:\Windows\SysNative\drivers\ql2300.sys.bak
[2013/12/30 17:54:11 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasl2tp.sys.bak
[2013/12/30 17:54:11 | 000,128,592 | ---- | M] (QLogic Corporation) -- C:\Windows\SysNative\drivers\ql40xx.sys.bak
[2013/12/30 17:54:11 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\raspppoe.sys.bak
[2013/12/30 17:54:11 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\processr.sys.bak
[2013/12/30 17:54:11 | 000,055,856 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys.bak
[2013/12/30 17:54:11 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\qwavedrv.sys.bak
[2013/12/30 17:54:11 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rasacd.sys.bak
[2013/12/30 17:54:10 | 000,651,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\PEAuth.sys.bak
[2013/12/30 17:54:10 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013/12/30 17:54:10 | 000,050,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcw.sys.bak
[2013/12/30 17:54:09 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nwifi.sys.bak
[2013/12/30 17:54:09 | 000,220,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcmcia.sys.bak
[2013/12/30 17:54:09 | 000,184,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pci.sys.bak
[2013/12/30 17:54:09 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pacer.sys.bak
[2013/12/30 17:54:09 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\parport.sys.bak
[2013/12/30 17:54:09 | 000,075,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\partmgr.sys.bak
[2013/12/30 17:54:09 | 000,072,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ohci1394.sys.bak
[2013/12/30 17:54:09 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013/12/30 17:54:09 | 000,012,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciide.sys.bak
[2013/12/30 17:54:08 | 000,166,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvstor.sys.bak
[2013/12/30 17:54:08 | 000,148,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvraid.sys.bak
[2013/12/30 17:54:08 | 000,122,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NV_AGP.SYS.bak
[2013/12/30 17:54:07 | 012,572,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvlddmkm.sys.bak
[2013/12/30 17:54:06 | 001,656,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ntfs.sys.bak
[2013/12/30 17:54:06 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2013/12/30 17:54:06 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\null.sys.bak
[2013/12/30 17:54:05 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013/12/30 17:54:05 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbt.sys.bak
[2013/12/30 17:54:05 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiswan.sys.bak
[2013/12/30 17:54:05 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndproxy.sys.bak
[2013/12/30 17:54:05 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndisuio.sys.bak
[2013/12/30 17:54:05 | 000,051,264 | ---- | M] (IBM Corporation) -- C:\Windows\SysNative\drivers\nfrd960.sys.bak
[2013/12/30 17:54:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbios.sys.bak
[2013/12/30 17:54:05 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\npfs.sys.bak
[2013/12/30 17:54:05 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nsiproxy.sys.bak
[2013/12/30 17:54:05 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndistapi.sys.bak
[2013/12/30 17:54:04 | 000,950,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndis.sys.bak
[2013/12/30 17:54:04 | 000,060,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mup.sys.bak
[2013/12/30 17:54:04 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndiscap.sys.bak
[2013/12/30 17:54:04 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\MTConfig.sys.bak
[2013/12/30 17:54:03 | 000,366,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msrpc.sys.bak
[2013/12/30 17:54:03 | 000,273,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msiscsi.sys.bak
[2013/12/30 17:54:03 | 000,140,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msdsm.sys.bak
[2013/12/30 17:54:03 | 000,032,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mssmbios.sys.bak
[2013/12/30 17:54:03 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msfs.sys.bak
[2013/12/30 17:54:03 | 000,015,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msisadrv.sys.bak
[2013/12/30 17:54:03 | 000,011,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mskssrv.sys.bak
[2013/12/30 17:54:03 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mshidkmdf.sys.bak
[2013/12/30 17:54:03 | 000,008,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mstee.sys.bak
[2013/12/30 17:54:03 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mspclock.sys.bak
[2013/12/30 17:54:03 | 000,006,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mspqm.sys.bak
[2013/12/30 17:54:02 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb10.sys.bak
[2013/12/30 17:54:02 | 000,158,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb.sys.bak
[2013/12/30 17:54:02 | 000,155,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mpio.sys.bak
[2013/12/30 17:54:02 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxdav.sys.bak
[2013/12/30 17:54:02 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mrxsmb20.sys.bak
[2013/12/30 17:54:02 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mpsdrv.sys.bak
[2013/12/30 17:54:02 | 000,031,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\msahci.sys.bak
[2013/12/30 17:54:01 | 000,776,168 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys.bak
[2013/12/30 17:54:01 | 000,343,312 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys.bak
[2013/12/30 17:54:01 | 000,094,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mountmgr.sys.bak
[2013/12/30 17:54:01 | 000,049,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mouclass.sys.bak
[2013/12/30 17:54:01 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\modem.sys.bak
[2013/12/30 17:54:01 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mouhid.sys.bak
[2013/12/30 17:54:01 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\monitor.sys.bak
[2013/12/30 17:54:00 | 000,519,064 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys.bak
[2013/12/30 17:54:00 | 000,310,224 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys.bak
[2013/12/30 17:54:00 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\SysNative\drivers\MegaSR.sys.bak
[2013/12/30 17:54:00 | 000,179,664 | ---- | M] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys.bak
[2013/12/30 17:54:00 | 000,115,776 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_scsi.sys.bak
[2013/12/30 17:54:00 | 000,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\luafv.sys.bak
[2013/12/30 17:54:00 | 000,106,560 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas.sys.bak
[2013/12/30 17:54:00 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/30 17:54:00 | 000,035,392 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\megasas.sys.bak
[2013/12/30 17:54:00 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013/12/30 17:54:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013/12/30 17:53:59 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys.bak
[2013/12/30 17:53:59 | 000,154,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys.bak
[2013/12/30 17:53:59 | 000,114,752 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_fc.sys.bak
[2013/12/30 17:53:59 | 000,108,656 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2013/12/30 17:53:59 | 000,095,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecdd.sys.bak
[2013/12/30 17:53:59 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\lltdio.sys.bak
[2013/12/30 17:53:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdhid.sys.bak
[2013/12/30 17:53:59 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksthunk.sys.bak
[2013/12/30 17:53:58 | 000,787,736 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys.bak
[2013/12/30 17:53:58 | 000,356,120 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys.bak
[2013/12/30 17:53:58 | 000,050,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\kbdclass.sys.bak
[2013/12/30 17:53:58 | 000,020,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\isapnp.sys.bak
[2013/12/30 17:53:58 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irenum.sys.bak
[2013/12/30 17:53:58 | 000,016,152 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys.bak
[2013/12/30 17:53:57 | 000,410,496 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorV.sys.bak
[2013/12/30 17:53:57 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013/12/30 17:53:57 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipnat.sys.bak
[2013/12/30 17:53:57 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ipfltdrv.sys.bak
[2013/12/30 17:53:57 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\IPMIDrv.sys.bak
[2013/12/30 17:53:57 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelppm.sys.bak
[2013/12/30 17:53:57 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\SysNative\drivers\iirsp.sys.bak
[2013/12/30 17:53:57 | 000,016,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\intelide.sys.bak
[2013/12/30 17:53:56 | 000,753,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\http.sys.bak
[2013/12/30 17:53:56 | 000,568,600 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2013/12/30 17:53:56 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\i8042prt.sys.bak
[2013/12/30 17:53:56 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013/12/30 17:53:56 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidir.sys.bak
[2013/12/30 17:53:56 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013/12/30 17:53:56 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidusb.sys.bak
[2013/12/30 17:53:56 | 000,014,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hwpolicy.sys.bak
[2013/12/30 17:53:55 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys.bak
[2013/12/30 17:53:55 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hdaudbus.sys.bak
[2013/12/30 17:53:55 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbth.sys.bak
[2013/12/30 17:53:55 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013/12/30 17:53:55 | 000,065,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\GAGP30KX.SYS.bak
[2013/12/30 17:53:55 | 000,062,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2013/12/30 17:53:55 | 000,033,240 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys.bak
[2013/12/30 17:53:55 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013/12/30 17:53:55 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidbatt.sys.bak
[2013/12/30 17:53:54 | 000,289,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fltMgr.sys.bak
[2013/12/30 17:53:54 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/30 17:53:54 | 000,223,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys.bak
[2013/12/30 17:53:54 | 000,070,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fileinfo.sys.bak
[2013/12/30 17:53:54 | 000,055,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fsdepends.sys.bak
[2013/12/30 17:53:54 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2013/12/30 17:53:54 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\filetrace.sys.bak
[2013/12/30 17:53:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\flpydisk.sys.bak
[2013/12/30 17:53:54 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013/12/30 17:53:53 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fastfat.sys.bak
[2013/12/30 17:53:53 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\exfat.sys.bak
[2013/12/30 17:53:53 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fdc.sys.bak
[2013/12/30 17:53:52 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013/12/30 17:53:51 | 000,983,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys.bak
[2013/12/30 17:53:51 | 000,530,496 | ---- | M] (Emulex) -- C:\Windows\SysNative\drivers\elxstor.sys.bak
[2013/12/30 17:53:51 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013/12/30 17:53:51 | 000,040,344 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys.bak
[2013/12/30 17:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\errdev.sys.bak
[2013/12/30 17:53:50 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) -- C:\Windows\SysNative\drivers\dne64x.sys.bak
[2013/12/30 17:53:50 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013/12/30 17:53:50 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013/12/30 17:53:50 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013/12/30 17:53:50 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013/12/30 17:53:50 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013/12/30 17:53:50 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013/12/30 17:53:50 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmkaud.sys.bak
[2013/12/30 17:53:49 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\csc.sys.bak
[2013/12/30 17:53:49 | 000,304,784 | ---- | M] () -- C:\Windows\SysNative\drivers\CVPNDRVA.sys.bak
[2013/12/30 17:53:49 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dfsc.sys.bak
[2013/12/30 17:53:49 | 000,073,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\disk.sys.bak
[2013/12/30 17:53:49 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\discache.sys.bak
[2013/12/30 17:53:49 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013/12/30 17:53:49 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CompositeBus.sys.bak
[2013/12/30 17:53:49 | 000,024,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crcdisk.sys.bak
[2013/12/30 17:53:49 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\CVirtA64.sys.bak
[2013/12/30 17:53:48 | 000,458,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cng.sys.bak
[2013/12/30 17:53:48 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013/12/30 17:53:48 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdrom.sys.bak
[2013/12/30 17:53:48 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\circlass.sys.bak
[2013/12/30 17:53:48 | 000,021,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\compbatt.sys.bak
[2013/12/30 17:53:48 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\CmBatt.sys.bak
[2013/12/30 17:53:48 | 000,017,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\SysNative\drivers\cmdide.sys.bak
[2013/12/30 17:53:48 | 000,010,224 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys.bak
[2013/12/30 17:53:47 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013/12/30 17:53:47 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cdfs.sys.bak
[2013/12/30 17:53:47 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BTHUSB.SYS.bak
[2013/12/30 17:53:47 | 000,010,224 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys.bak
[2013/12/30 17:53:46 | 000,552,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthport.sys.bak
[2013/12/30 17:53:46 | 000,548,000 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys.bak
[2013/12/30 17:53:46 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthpan.sys.bak
[2013/12/30 17:53:46 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthmodem.sys.bak
[2013/12/30 17:53:46 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bthenum.sys.bak
[2013/12/30 17:53:45 | 000,338,592 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_a2dp.sys.bak
[2013/12/30 17:53:45 | 000,280,992 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_rcp.sys.bak
[2013/12/30 17:53:45 | 000,167,584 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_hcrp.sys.bak
[2013/12/30 17:53:45 | 000,110,752 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_avdt.sys.bak
[2013/12/30 17:53:45 | 000,068,256 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_lwflt.sys.bak
[2013/12/30 17:53:45 | 000,036,000 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_flt.sys.bak
[2013/12/30 17:53:45 | 000,030,368 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_bus.sys.bak
[2013/12/30 17:53:45 | 000,014,976 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrUsbMdm.sys.bak
[2013/12/30 17:53:45 | 000,014,720 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrUsbSer.sys.bak
[2013/12/30 17:53:44 | 000,286,720 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrSerId.sys.bak
[2013/12/30 17:53:44 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bridge.sys.bak
[2013/12/30 17:53:44 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\bowser.sys.bak
[2013/12/30 17:53:44 | 000,047,104 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\BrSerWdm.sys.bak
[2013/12/30 17:53:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\blbdrive.sys.bak
[2013/12/30 17:53:44 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013/12/30 17:53:44 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\BrFiltLo.sys.bak
[2013/12/30 17:53:44 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\SysNative\drivers\BrFiltUp.sys.bak
[2013/12/30 17:53:44 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\beep.sys.bak
[2013/12/30 17:53:43 | 002,796,544 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2013/12/30 17:53:43 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013/12/30 17:53:43 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013/12/30 17:53:43 | 000,024,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\atapi.sys.bak
[2013/12/30 17:53:43 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\asyncmac.sys.bak
[2013/12/30 17:53:42 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013/12/30 17:53:42 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013/12/30 17:53:42 | 000,097,856 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\arcsas.sys.bak
[2013/12/30 17:53:42 | 000,094,808 | ---- | M] (Alcor Micro, Corp.) -- C:\Windows\SysNative\drivers\AmUStor.sys.bak
[2013/12/30 17:53:42 | 000,087,632 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\arc.sys.bak
[2013/12/30 17:53:42 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdk8.sys.bak
[2013/12/30 17:53:42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\appid.sys.bak
[2013/12/30 17:53:42 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdppm.sys.bak
[2013/12/30 17:53:42 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013/12/30 17:53:42 | 000,017,152 | ---- | M] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiCharger.sys.bak
[2013/12/30 17:53:42 | 000,015,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\amdide.sys.bak
[2013/12/30 17:53:42 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\SysNative\drivers\aliide.sys.bak
[2013/12/30 17:53:41 | 001,146,880 | ---- | M] (LSI Corp) -- C:\Windows\SysNative\drivers\agrsm64.sys.bak
[2013/12/30 17:53:41 | 000,061,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\AGP440.sys.bak
[2013/12/30 17:53:41 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\agilevpn.sys.bak
[2013/12/30 17:53:40 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\afd.sys.bak
[2013/12/30 17:53:40 | 000,491,088 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adp94xx.sys.bak
[2013/12/30 17:53:40 | 000,339,536 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adpahci.sys.bak
[2013/12/30 17:53:40 | 000,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpi.sys.bak
[2013/12/30 17:53:40 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394ohci.sys.bak
[2013/12/30 17:53:40 | 000,182,864 | ---- | M] (Adaptec, Inc.) -- C:\Windows\SysNative\drivers\adpu320.sys.bak
[2013/12/30 17:53:40 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013/12/30 17:53:40 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\acpipmi.sys.bak
[2013/12/30 17:01:51 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Brandon\Desktop\aswmbr.exe
[2013/12/30 15:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2013/12/28 11:45:40 | 000,014,368 | ---- | M] () -- C:\Users\Brandon\Desktop\Trojan.docx
[2013/12/27 16:36:11 | 015,072,322 | ---- | M] () -- C:\Users\Brandon\Desktop\AllShare_Control_PC_SW_EN_32bit.zip
[2013/12/27 15:46:09 | 002,662,400 | ---- | M] () -- C:\Users\Brandon\Desktop\Timesheet - Fallon, Brandon.mdb
[2013/12/27 10:29:49 | 000,786,558 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/27 10:29:49 | 000,667,188 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/27 10:29:49 | 000,123,954 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/27 09:54:23 | 000,002,028 | ---- | M] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013/12/27 09:54:21 | 000,002,018 | ---- | M] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013/12/26 13:18:46 | 000,000,095 | ---- | M] () -- C:\0.bak
[2013/12/20 11:13:56 | 000,047,104 | ---- | M] () -- C:\Users\Brandon\Desktop\Re  Thanksgiving Meal Contributions.msg
[2013/12/19 12:52:43 | 000,192,834 | ---- | M] () -- C:\Users\Brandon\Desktop\DD-2875-Non-Windows Template-Code Mx_Fallon_121813.pdf
[2013/12/19 12:49:12 | 000,002,146 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
[2013/12/17 21:02:00 | 000,002,154 | ---- | M] () -- C:\Users\Brandon\AppData\Local\recently-used.xbel
[2013/12/11 18:39:35 | 000,016,464 | ---- | M] () -- C:\Users\Brandon\Documents\Assignment 8.docx
[2013/12/11 08:55:03 | 000,456,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/11 01:13:46 | 000,781,426 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/10 18:05:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/10 18:05:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/10 08:13:18 | 018,286,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2013/12/10 08:13:18 | 015,855,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2013/12/10 08:13:14 | 030,344,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2013/12/10 08:13:14 | 022,933,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2013/12/10 08:13:14 | 011,374,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2013/12/10 08:13:14 | 009,480,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2013/12/10 08:13:10 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013/12/10 08:13:10 | 000,655,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2013/12/10 08:13:10 | 000,560,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2013/12/10 08:13:10 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013/12/10 08:13:10 | 000,023,287 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013/12/10 08:13:08 | 018,199,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2013/12/10 08:13:08 | 015,212,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2013/12/10 08:13:08 | 001,884,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433165.dll
[2013/12/10 08:13:08 | 001,511,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433165.dll
[2013/12/10 08:13:08 | 000,696,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2013/12/10 08:13:08 | 000,599,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2013/12/10 08:13:08 | 000,479,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2013/12/10 08:13:08 | 000,405,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2013/12/10 08:13:08 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013/12/10 08:13:06 | 011,426,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2013/12/10 08:13:06 | 009,524,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2013/12/10 08:13:06 | 003,131,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2013/12/10 08:13:06 | 003,124,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2013/12/10 08:13:06 | 002,946,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2013/12/10 08:13:06 | 002,747,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2013/12/10 08:12:54 | 025,257,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2013/12/10 08:12:54 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2013/12/10 08:12:54 | 003,067,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2013/12/10 08:12:54 | 002,695,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2013/12/08 15:13:40 | 000,008,254 | ---- | M] () -- C:\0
[2013/12/08 14:56:38 | 000,302,138 | ---- | M] () -- C:\Users\Brandon\Desktop\__SYST530.GroupProject.FinalBinder.docx
[2013/12/07 23:34:18 | 000,000,432 | ---- | M] () -- C:\Windows\tasks\MyTurboPC.com Registration3.job
[2013/12/07 23:34:07 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\MyTurboPC.com Update3.job
[2013/12/07 23:34:07 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\MyTurboPC.job
[2013/12/07 14:18:20 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2013/12/07 14:18:15 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/12/07 13:37:05 | 000,000,162 | -H-- | M] () -- C:\Users\Brandon\Desktop\~$om Request.docx
[2013/12/04 12:29:10 | 000,002,202 | ---- | M] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/12/31 12:24:14 | 000,008,986 | ---- | C] () -- C:\Users\Brandon\Desktop\Book1.xlsx
[2013/12/30 17:47:14 | 000,000,512 | ---- | C] () -- C:\Users\Brandon\Desktop\MBR.dat
[2013/12/29 18:06:50 | 000,304,784 | ---- | C] () -- C:\Windows\SysNative\drivers\CVPNDRVA.sys.bak
[2013/12/28 11:44:19 | 000,014,368 | ---- | C] () -- C:\Users\Brandon\Desktop\Trojan.docx
[2013/12/27 16:32:27 | 015,072,322 | ---- | C] () -- C:\Users\Brandon\Desktop\AllShare_Control_PC_SW_EN_32bit.zip
[2013/12/27 13:40:37 | 000,002,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2013/12/27 13:40:37 | 000,002,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk
[2013/12/27 13:40:37 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/12/27 13:40:36 | 000,002,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
[2013/12/27 09:54:23 | 000,002,028 | ---- | C] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013/12/27 09:54:18 | 000,002,018 | ---- | C] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013/12/26 13:23:16 | 000,000,000 | ---- | C] () -- C:\Users\Brandon\agent.log
[2013/12/26 13:18:46 | 000,000,095 | ---- | C] () -- C:\0.bak
[2013/12/23 10:46:14 | 002,662,400 | ---- | C] () -- C:\Users\Brandon\Desktop\Timesheet - Fallon, Brandon.mdb
[2013/12/20 11:13:56 | 000,047,104 | ---- | C] () -- C:\Users\Brandon\Desktop\Re  Thanksgiving Meal Contributions.msg
[2013/12/19 12:44:33 | 000,192,834 | ---- | C] () -- C:\Users\Brandon\Desktop\DD-2875-Non-Windows Template-Code Mx_Fallon_121813.pdf
[2013/12/17 21:02:00 | 000,002,154 | ---- | C] () -- C:\Users\Brandon\AppData\Local\recently-used.xbel
[2013/12/11 18:39:35 | 000,016,464 | ---- | C] () -- C:\Users\Brandon\Documents\Assignment 8.docx
[2013/12/08 14:56:36 | 000,302,138 | ---- | C] () -- C:\Users\Brandon\Desktop\__SYST530.GroupProject.FinalBinder.docx
[2013/12/07 23:34:18 | 000,000,432 | ---- | C] () -- C:\Windows\tasks\MyTurboPC.com Registration3.job
[2013/12/07 23:34:07 | 000,000,444 | ---- | C] () -- C:\Windows\tasks\MyTurboPC.com Update3.job
[2013/12/07 23:34:07 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\MyTurboPC.job
[2013/12/07 13:37:05 | 000,000,162 | -H-- | C] () -- C:\Users\Brandon\Desktop\~$om Request.docx
[2013/12/04 12:29:10 | 000,002,202 | ---- | C] () -- C:\Users\Brandon\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions 2.0.lnk
[2013/12/01 14:18:58 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-975919606-2628150735-1519795703-1001UA.job
[2013/12/01 14:18:57 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-975919606-2628150735-1519795703-1001Core.job
[2013/04/25 21:37:46 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013/04/25 21:37:46 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013/01/01 21:37:32 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/11/11 12:42:32 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2012/11/11 12:41:46 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/11/11 12:41:14 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2012/11/11 12:40:50 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2012/11/11 12:40:50 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2012/11/11 12:40:48 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2012/11/11 12:40:48 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2012/11/11 12:40:48 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2012/11/11 12:40:48 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2012/11/11 08:32:34 | 007,870,928 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2012/11/11 08:32:34 | 001,182,696 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2012/11/11 08:32:34 | 000,382,120 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2012/11/11 08:32:34 | 000,238,528 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2012/11/11 08:32:34 | 000,183,976 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2012/11/11 08:32:34 | 000,167,728 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2012/11/11 08:32:34 | 000,158,096 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2012/09/29 17:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012/02/18 02:36:19 | 000,781,426 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/03 01:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/08 09:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011/09/08 09:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011/09/08 09:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011/09/08 09:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011/09/08 09:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011/09/08 08:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011/09/08 08:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011/06/23 22:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/23 22:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/03 06:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2011/03/03 06:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2011/03/03 06:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2011/02/11 05:26:20 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OptimFROG.dll
[2010/03/24 06:15:10 | 000,047,104 | ---- | C] () -- C:\Windows\SysWow64\bass_tak.dll
[2009/07/29 00:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report >

_____________________
OTL Extras logfile created on: 12/31/2013 12:34:21 PM - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Brandon\Desktop\Malware\Oldtimer
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
32.00 Gb Total Physical Memory | 29.00 Gb Available Physical Memory | 90.00% Memory free
64.00 Gb Paging File | 60.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 673.31 Gb Total Space | 369.10 Gb Free Space | 54.82% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 327.26 Gb Free Space | 46.84% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: TRANSFORMING
Current User Name: Brandon
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B669C73-F4CD-498F-B83F-0A42F1EDB092}" = SAS Enterprise Guide 6.1 OnDemand for Academics (64-bit)
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{227E7AF5-7061-45B4-A76B-65CF580B9846}" = Visio Add-In for WBS Modeler
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2AAE7669-3264-4C0E-849A-9D9EA25DEF01}" = Altova XMLSpy® 2013 sp1 (x64) Enterprise Edition
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{749BE6FF-815E-4F36-901B-7AC301B50330}" = Windows Live Family Safety
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{86E45973-5352-439F-A115-2E8EE4D40140}" = ActivClient CAC x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0054-0409-1000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00B4-0409-1000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-00B4-0409-1000-0000000FF1CE}" = Microsoft Project MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{91140000-0057-0000-1000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91150000-003B-0000-1000-0000000FF1CE}" = Microsoft Project Professional 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A04DCB25-7040-4935-A30D-8E0A893ABF2D}" = iTunes
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F86D9734-D358-4C5B-BC2B-6D90557FF05B}" = HP Officejet Pro 8500 A909 Series
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
"GameFast_is1" = GameFast
"GIMP-2_is1" = GIMP 2.8.8
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-64)
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Office14.SingleImage" = Microsoft Office Professional 2010
"Office14.VISIOR" = Microsoft Visio Premium 2010
"Office15.PRJPROR" = Microsoft Project Professional 2013
"PCL Printer Driver" = PCL Printer Driver Uninstaller
"R for Windows 2.15.2_is1" = R for Windows 2.15.2
"Rotation Desktop for G Series_is1" = Rotation Desktop for G Series
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live ¿¿¿
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}" = Roxio AACS Certificate
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18FBAEE6-8AF9-4138-A6EE-0675845B254A}" = LeapFrog LeapPad Explorer Plugin
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19EA33FB-B34E-40EA-8B8A-61743AEB795A}" = Wireless Console 3
"{1AC5760F-F71E-437A-89AA-73ADA64526D6}" = Logical Decisions v7.1
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22057D8D-7CC8-46FF-AD8C-9BD24F9014F3}" = QuickBooks Pro 2012
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25E202D1-D8E7-46AF-B4B0-157D9993A93E}" = QuickBooks
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{29499A4D-0742-4B73-B982-5049775F1F66}" = Alcor Micro USB Card Reader
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{2B0E8920-47D0-4F4D-BE03-76397409B837}" = ASUS Fan Filter Checker
"{2B1E6CDB-306C-4C64-B192-1E465C5C3012}" = 8500A909g
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3D843732-70CD-4DEF-A36F-AEFB87C80DC9}" = ProductContext
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{5491D57A-F7CA-4A4F-99A5-989647A0AB77}" = LeapFrog Connect
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = ¿¿¿¿¿¿¿ Windows Live Mesh ActiveX ¿¿¿
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69754D89-C21E-4851-83C0-399DE63C6579}" = 8500A909_Help
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{704B1EDC-F99C-43C1-894A-75C7CE0BC372}" = Secure Download Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live ¿¿¿
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}" = MPM
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E369C3C-0A4D-45AF-AED1-1C24B0F62327}" = Roxio CinePlayer
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F899627-1EA1-484D-91EA-7B22C05358DB}" = TC2000 Version 7
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2F37CA8-53F8-4594-B701-32AE64BAED1A}" = MyTurboPC
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A4B72B94-7745-4CA8-A4D6-D8AC2442451C}" = Citrix Online Launcher
"{A6558E2A-FAF9-4570-AA49-6328D0354517}" = CWA Reminder by We-Care.com v4.1.21.3
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A02E23-805C-4AAC-B408-D59A1D53AEA6}" = BPDSoftware
"{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}" = ASUS USB Charger Plus
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC4E477E-BBD4-4C68-8D6C-D10C3BB658F3}" = BPD_DSWizards
"{AC76BA86-1033-0000-7760-000000000004}" = Adobe Acrobat 9 Pro
"{AC76BA86-1033-0000-7760-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1033-0000-7760-000000000004}{AC76BA86-1033-0000-7760-000000000004}" = Adobe Acrobat 9 Pro
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AD0AA962-111E-41D5-A705-0E3D9178A661}" = BPDSoftware_Ini
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B318D3D1-3421-4E2A-9C63-5D8FC2457B9C}" = 8500A909_eDocs
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B75BC01B-4586-43F8-9349-D250DB98F26F}" = SketchUp 2013
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3FA280D-3AE4-43F3-AFB5-D459B36A05B7}" = Safe Eyes
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C792A75A-2A1F-4991-9B85-291745478A79}" = NetAssistant
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live ¿¿¿¿
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live ¿¿¿
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = ¿¿¿¿¿¿¿ Windows Live Mesh ActiveX ¿¿(¿¿¿¿)
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AsusScr_G75 Series_ENG" = AsusScr_G75 Series_ENG
"Google Chrome" = Google Chrome
"HashCheck Shell Extension" = HashCheck Shell Extension (x86-32)
"HP Photo Creations" = HP Photo Creations
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.4
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pidgin" = Pidgin
"QXmlEdit" = QXmlEdit
"RStudio" = RStudio
"UPCShell" = LeapFrog Connect
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"BB108A893815B64BF41C4574C3324FB7371AA244" = Atheros Outlook Addin 2010
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 6.0.0.1259
"Juniper_Http_NAR" = Juniper Networks UAC Host Checker
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"MyFreeCodec" = MyFreeCodec
"NetAssistant 3.8.3" = W3i NetAssistant
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ ActivIdentity Events ]
Error - 1/31/2013 3:24:45 PM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 3/19/2013 10:25:43 AM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 3/19/2013 10:50:14 AM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 6/7/2013 9:50:59 AM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 7/30/2013 4:56:26 PM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 7/31/2013 3:02:03 PM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 8/8/2013 6:46:13 PM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 8/14/2013 9:04:01 AM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 12/19/2013 1:45:18 PM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
Error - 12/19/2013 1:48:24 PM | Computer Name = Transforming | Source = ActivClient | ID = 769
Description = No exchange account
 
[ Application Events ]
Error - 12/30/2013 7:03:15 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3010
 
Error - 12/30/2013 7:03:16 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 12/30/2013 7:03:16 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4009
 
Error - 12/30/2013 7:03:16 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4009
 
Error - 12/30/2013 7:03:17 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 12/30/2013 7:03:17 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5007
 
Error - 12/30/2013 7:03:17 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5007
 
Error - 12/30/2013 9:37:19 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 12/30/2013 9:37:19 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 998
 
Error - 12/30/2013 9:37:19 PM | Computer Name = Transforming | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 998
 
[ System Events ]
Error - 12/31/2013 1:26:34 PM | Computer Name = Transforming | Source = DCOM | ID = 10005
Description =
 
Error - 12/31/2013 1:26:41 PM | Computer Name = Transforming | Source = DCOM | ID = 10005
Description =
 
Error - 12/31/2013 1:26:44 PM | Computer Name = Transforming | Source = DCOM | ID = 10005
Description =
 
Error - 12/31/2013 1:26:44 PM | Computer Name = Transforming | Source = DCOM | ID = 10005
Description =
 
Error - 12/31/2013 1:33:36 PM | Computer Name = Transforming | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12/31/2013 1:33:36 PM | Computer Name = Transforming | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12/31/2013 1:33:45 PM | Computer Name = Transforming | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12/31/2013 1:33:45 PM | Computer Name = Transforming | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12/31/2013 1:33:49 PM | Computer Name = Transforming | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12/31/2013 1:33:50 PM | Computer Name = Transforming | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
 
< End of report >
OTL.Txt
Extras.Txt
0
 

Author Comment

by:bdfallon
ID: 39748915
Breadtan,

When I attempted to run GMER, I get a pop-up saying
"C:\Windows\system32\config\system: The process cannot access the file because it is being used by another process."

I attached a screenshot.

I clicked OK, and it ran for a bit and then gave the same message again.
GMER-screenshot.jpg
0
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 450 total points
ID: 39749089
@bdfallon,

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

    Double-click OTL.exe to start the program.
    Copy and Paste the following code into the Custom Scans/Fixes textbox.

:otl
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: []  File not found
O4 - HKLM..\Run: []  File not found
O18:[b]64bit:[/b] - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
:Files
C:\Windows\SysNative\drivers\*.sys.bak
ipconfig /flushdns /c
:Commands
[PURITY]
[EMPTYTEMP]
[emptyjava]
[EMPTYFLASH]

Open in new window


Then click the Run Fix button at the top.
Click OK
OTL may ask to reboot the machine. Please do so if asked.
The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.
0
 

Author Comment

by:bdfallon
ID: 39749123
Wow, that's amazing.  I am able to download and install programs without issue now.  Thank you so very much Sudeep!

Thank you also Breadtan.

I wish you both a wonderful new year!
0
 
LVL 61

Expert Comment

by:btan
ID: 39749488
Glad to know. Just for info.
The C:\Windows\system32\config\system is a hive file for the HKLM\System. Likely the Antivirus, Firewall and any other security programs are protecting it. Also need to run as Administrator which I see you already is having. Another means is try running GMER in Safe Mode, however rootkits which don't work in Safe Mode won't be detected.

Understand there is OTL CleanUp feature that will automatically remove many of the tools that are commonly used in malware removal from the user's machine.
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 39749494
Further I would like to add that the OTL logs shows you have the following security software running:
McAfee
Norton Intenet Security
Super AntiSpyware
MalwareBytes.

I would say that you can keel MalwareBytes and Super AntiSpyware, but you may not want McAfee and Norton on same system.

Sudeep
0
 
LVL 61

Expert Comment

by:btan
ID: 39749496
Also in case you are thinking the OTL cleanUp is removing which program below is the list (may be revised from time too)

Use CleanUp in OTL when clearing away. This is preferable to downloading OTC which should only be used when no other OldTimer tool is on the machine.

Here is a list of the tools that CleanUp removes:

!Killbox
*.run
_backupD
_OTL
_OTListIt
_OTM
_OTMoveIt
_OTS
_OTScanIt
404fix.exe
aswMBR.exe
aswMBR.txt
Avenger
avenger.*
AWF.txt
BFU
bfu.zip
catchme
catchme.exe
ckfiles.txt
CKScanner.exe
cleanup.txt
ComboFix
ComboFix*.txt
combofix.*
combo-fix.*
dds.*
Deckard
Defogger*.log
Defogger.exe
delete.bat
deljob
deljob.exe
dss.exe
dumphive.exe
erdnt\subs
exeHelper.com
exeHelperlog.txt
Extras.txt
fdsv.exe
FindAWF.exe
fixwareout
fixwareout.exe
Flash_Disinfector.exe
frst
frst.exe
frst.txt
frst64.exe
fsbl*.log
fsbl.exe
FSS.exe
FSS.txt
gmer
gmer.*
gmer_uninstall.cmd
GooredFix.exe
GooredFix.txt
grep.exe
haxfix.*
iedfix.exe
killbox.exe
logit.txt
Lop SD
lopR.txt
LopSD.exe
mbr.exe
MBRCheck*.txt
MBRCheck.exe
MBRFix*.*
minitoolbox.exe
moveex.exe
nircmd.exe
NoLop.*
NoLopOLD.txt
OTH.*
OTL.*
OTListIt.txt
OTListIt2.exe
OTLPE.exe
OTM.*
OTMoveIt.exe
OTMoveIt2.exe
OTMoveIt3.exe
OTS.*
OTScanIt
OTScanIt.exe
OTScanIt2
OTScanIt2.exe
OTViewIt.*
pev.exe
QooBox
rapport.txt
results.txt
RK_Quarantine
RKreport*.txt
RogueKiller.exe
Rooter$
Rooter.*
RSIT
RSIT.exe
Runscanner
Runscanner.*
Rustbfix
rustbfix.exe
SDFix
sdfix.exe
search.txt
sed.exe
Silent Runners.vbs
SmitfraudFix
SmitfraudFix.exe
swreg.exe
Swsc.exe
Swxcacls.exe
SysInsite
SystemLook.*
TDSSKiller
TDSSKiller.*
tmp.reg
vacfix.exe
vcclsid.exe
VFind.exe
VundoFix Backups
VundoFix.*
win32delfkil.exe
windelf.txt
WinPfind
winpfind.exe
WinPFind35u
WinPFind35u.exe
WinPFind3u
WinPFind3u.exe
WS2Fix.exe
WVCheck*.txt
WVCheck.exe
zip.exe
0
 

Author Comment

by:bdfallon
ID: 39751931
Breadtan,

I ran GMER in safemode still received the message:
"C:\Windows\system32\config\system: The process cannot access the file because it is being used by another process."

Is there another tool I should use to make sure my MBR is clean?

Thanks,

Brandon
0
 
LVL 61

Assisted Solution

by:btan
btan earned 50 total points
ID: 39752812
Did you disable or stop other security sw in the machine before running GMER? ProcessExplorer should help to "kill the process" and also just a slight note to run in elevated mode e.g. Run as Administrator. Some of them can be active in safe mode too.

Probably run the run aswMBR again. @ http://public.avast.com/~gmerek/aswMBR.htm

There are

Rootkit Remover (bitdefender)
@ http://labs.bitdefender.com/projects/rootkit-remover/rootkit-remover/
@ http://forum.bitdefender.com/index.php?showtopic=31476

Rootpeal
@ https://sites.google.com/site/rootrepeal/
0
 

Author Closing Comment

by:bdfallon
ID: 39756686
Incredible Sudeep.  Thank you very much for your help.

Breadtan, thanks for your help with the MBR.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Suggested Solutions

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now