TechSpot

Virus causing pc to shut down and reboot

By morphy201180
Jan 25, 2014
  1. Hi

    I hope someone can help. Due to grade in memory on my pc I was looking to change my operating system. A friend advised me to run a piece of software to scan my pc for all software before adding new OS. I downloaded he software however half way through the scan my computer shut down and rebooted itself. Since then my pc loads up and starts windows but then shuts down and reboots. I ran malwarebytes and it detected about 16 warnings straight away however before the scan can finish and remove them my pc shuts down and reboots.

    At the moment I cannot produce any logs as my pc is constantly shutting down and reboot. I assume the viruses are causing the issue.

    Is there anything I can do before re formatting drive? Is there a way of running any virus removal via dos or in safe mode?

    Any help will be greatly appreciated.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==================================

    What Windows version is it?
     
  3. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    Windows XP
     
  4. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Using another working computer....
    • Download Farbar Recovery Scan Tool and save it to a flash drive.
    • Download OTLPENet.exe to your Desktop
    • Ensure that you have a blank CD in the drive
    • Double click OTLPENet.exe and this will then open ImgBurn to burn the file to CD
    • Boot your BAD computer using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
    • Your system should now display a Reatogo desktop.
    • Insert the flash drive with FRST on it
    • Open My Computer to locate the flash drive and run FRST
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
  5. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-01-2014 01
    Ran by SYSTEM on REATOGO on 25-01-2014 18:02:13
    Running from D:\
    Microsoft Windows XP (X86) OS Language: English(US)
    Internet Explorer Version 8
    Boot Mode: Recovery

    The current controlset is ControlSet003
    ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-28] (AVAST Software)
    HKLM\...\Run: [MSConfig] - C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [169984 2008-04-13] (Microsoft Corporation)
    HKLM\...\Run: [UserFaultCheck] - %systemroot%\system32\dumprep 0 -u
    HKLM\...\Policies\Explorer: [NoCDBurning] 0
    HKU\Administrator\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe
    HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe
    HKU\Max New\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
    ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)

    ========================== Services (Whitelisted) =================

    S2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-11] (Microsoft Corporation)
    S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-28] (AVAST Software)
    S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2013-12-28] (AVAST Software)
    S3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
    S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [139264 2005-02-24] ()
    S4 ForcewareWebInterface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2004-11-30] (Apache Software Foundation)
    S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131133 2005-02-24] (NVIDIA)
    S4 nSvcLog; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [57409 2005-02-24] (NVIDIA)
    S2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
    S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
    S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software)
    S4 UserAccess7; C:\WINDOWS\system32\UAService7.exe [126976 2011-06-19] ()

    ==================== Drivers (Whitelisted) ====================

    S3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4030144 2007-04-26] (Realtek Semiconductor Corp.)
    S1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2013-12-28] (AVAST Software)
    S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-28] (AVAST Software)
    S0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2013-09-25] (ALWIL Software)
    S0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [252336 2013-12-28] (AVAST Software)
    S1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-28] (AVAST Software)
    S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-28] ()
    S1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-28] (AVAST Software)
    S1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-28] (AVAST Software)
    S1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-28] (AVAST Software)
    S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-28] ()
    S2 fssfltr; C:\Windows\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
    S3 HSFHWBS2; C:\Windows\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-03] (Conexant Systems, Inc.)
    S3 HSF_DP; C:\Windows\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-03] (Conexant Systems, Inc.)
    S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2014-01-25] (Malwarebytes Corporation)
    S0 nvatabus; C:\Windows\System32\DRIVERS\nvatabus.sys [89856 2005-02-11] (NVIDIA Corporation)
    S0 nvcchflt; C:\Windows\System32\DRIVERS\nvcchflt.sys [16640 2005-02-11] (NVIDIA Corporation)
    S3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33408 2005-02-24] (NVIDIA Corporation)
    S3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2005-02-24] (NVIDIA Corporation)
    S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)
    S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-06-12] (Duplex Secure Ltd.)
    S1 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5632 2010-09-13] ()
    S1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
    S3 vaxscsi; C:\Windows\System32\Drivers\vaxscsi.sys [223128 2010-06-12] (Alcohol Soft Co., Ltd.)
    S3 winachsf; C:\Windows\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-03] (Conexant Systems, Inc.)
    S5 AppMgmt; C:\Windows\system32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
    S2 aswFsBlk; No ImagePath
    S5 Cdrom; C:\Windows\System32\Drivers\Cdrom.sys [62976 2008-05-02] (Microsoft Corporation)
    S5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 TlntSvr;

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-01-25 18:02 - 2014-01-25 18:02 - 00000000 ____D C:\FRST
    2014-01-25 12:38 - 2014-01-25 12:38 - 00114688 _____ C:\Windows\Minidump\Mini012514-01.dmp
    2014-01-01 12:37 - 2014-01-01 12:37 - 00114688 _____ C:\Windows\Minidump\Mini010114-03.dmp
    2014-01-01 05:33 - 2014-01-01 05:33 - 00114688 _____ C:\Windows\Minidump\Mini010114-02.dmp
    2014-01-01 05:22 - 2014-01-01 05:22 - 00114688 _____ C:\Windows\Minidump\Mini010114-01.dmp
    2013-12-31 13:07 - 2013-12-31 13:07 - 00114688 _____ C:\Windows\Minidump\Mini123113-03.dmp
    2013-12-31 12:59 - 2013-12-31 12:59 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\Malwarebytes
    2013-12-31 12:49 - 2013-12-31 12:49 - 00114688 _____ C:\Windows\Minidump\Mini123113-02.dmp
    2013-12-31 11:35 - 2013-12-31 11:35 - 00000000 __SHD C:\Documents and Settings\Max New.MAX\PrivacIE
    2013-12-31 11:33 - 2013-12-31 11:32 - 00114688 _____ C:\Windows\Minidump\Mini123113-01.dmp
    2013-12-31 11:29 - 2013-12-31 11:29 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Local Settings\Application Data\Secunia PSI
    2013-12-31 11:10 - 2013-12-31 11:10 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\AVAST Software
    2013-12-31 11:10 - 2013-12-31 11:10 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\Adobe
    2013-12-30 11:13 - 2013-12-31 11:37 - 00000178 ___SH C:\Documents and Settings\Max New.MAX\ntuser.ini
    2013-12-30 11:13 - 2012-11-04 05:56 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\TuneUp Software
    2013-12-30 11:13 - 2011-12-08 21:06 - 00000000 __SHD C:\Documents and Settings\Max New.MAX\IETldCache
    2013-12-30 11:13 - 2010-07-10 11:11 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Local Settings\Application Data\Adobe
    2013-12-30 11:13 - 2010-07-10 11:08 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\Macromedia
    2013-12-30 11:12 - 2013-12-30 11:12 - 00114688 _____ C:\Windows\Minidump\Mini123013-05.dmp
    2013-12-30 11:11 - 2013-12-30 11:11 - 00000020 ___SH C:\Documents and Settings\Max New\ntuser.ini
    2013-12-30 11:11 - 2012-11-04 05:56 - 00000000 ____D C:\Documents and Settings\Max New\Application Data\TuneUp Software
    2013-12-30 11:11 - 2011-12-08 21:06 - 00000000 __SHD C:\Documents and Settings\Max New\IETldCache
    2013-12-30 11:11 - 2010-07-10 11:11 - 00000000 ____D C:\Documents and Settings\Max New\Local Settings\Application Data\Adobe
    2013-12-30 11:11 - 2010-07-10 11:08 - 00000000 ____D C:\Documents and Settings\Max New\Application Data\Macromedia
    2013-12-30 11:00 - 2013-12-30 11:00 - 00114688 _____ C:\Windows\Minidump\Mini123013-04.dmp
    2013-12-30 10:56 - 2013-12-30 10:55 - 00098304 _____ C:\Windows\Minidump\Mini123013-03.dmp
    2013-12-30 10:54 - 2013-12-30 10:54 - 00090112 _____ C:\Windows\Minidump\Mini123013-02.dmp
    2013-12-30 10:48 - 2013-12-30 10:48 - 00114688 _____ C:\Windows\Minidump\Mini123013-01.dmp
    2013-12-30 10:45 - 2013-12-30 10:47 - 00000000 ____D C:\Program Files\Wajam
    2013-12-30 10:45 - 2013-12-30 10:45 - 00000000 ____D C:\Documents and Settings\Max\Local Settings\Application Data\Wajam
    2013-12-30 10:43 - 2013-12-30 10:43 - 00000000 ____D C:\Documents and Settings\Max\Desktop\CPUZ_TSV3RBOD
    2013-12-30 10:42 - 2013-12-30 10:42 - 01078112 _____ (Conduit) C:\Documents and Settings\Max\Desktop\CPUZ_TSV3RBOD.exe
    2013-12-29 18:58 - 2013-12-29 18:58 - 00000000 ____D C:\Program Files\ESET
    2013-12-29 17:19 - 2013-12-29 17:24 - 00000000 ____D C:\AdwCleaner
    2013-12-29 08:08 - 2013-12-29 08:08 - 01327264 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2013-12-28 19:41 - 2014-01-25 12:25 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
    2013-12-28 19:40 - 2013-12-28 19:40 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
    2013-12-28 19:30 - 2013-12-28 19:30 - 12648960 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 01309184 _____ (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 01041536 _____ (Conexant Systems, Inc.) C:\Windows\System32\Drivers\HSFDPSP2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00799744 _____ (Microsoft Corp., Veritas Software) C:\Windows\System32\Drivers\dmboot.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00691696 _____ (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00685056 _____ (Conexant Systems, Inc.) C:\Windows\System32\Drivers\HSFCXTS2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00456320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00452736 _____ (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00444136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wdf01000.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00404990 _____ (Smart Link) C:\Windows\System32\Drivers\slntamr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00384768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\update.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00361600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00357888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00265728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00261504 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvnrm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00226880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip6.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00223128 _____ (Alcohol Soft Co., Ltd.) C:\Windows\System32\Drivers\vaxscsi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00220032 _____ (Conexant Systems, Inc.) C:\Windows\System32\Drivers\HSFBS2S2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00208256 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvsnpu.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00203136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00196224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00182656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00180608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00180360 _____ (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00175744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00172416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kmixer.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00166912 _____ (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00162816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00153344 _____ (Microsoft Corp., Veritas Software) C:\Windows\System32\Drivers\dmio.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00152832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00146048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00144384 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00143744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00141056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00139784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00129792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fltmgr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00129535 _____ (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00126686 _____ (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00125056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ftdisk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00121984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00120192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00108680 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115mdm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00105472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00100488 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115mgmt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00098568 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115obex.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00096384 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00095424 _____ (Smart Link) C:\Windows\System32\Drivers\slnthal.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00092928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00091520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00089856 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvatabus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00088320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkipx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00083208 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115bus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00083072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wdmaud.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00081664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00080128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00079232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipsec.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00073472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00071168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\psched.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00068224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00067072 _____ (Research In Motion Limited) C:\Windows\System32\Drivers\RimUsb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00064512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00063744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mf.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00063232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnknb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00061824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nic1394.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00060800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sysaudio.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00060160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00060032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00059520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00059136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00058112 _____ (RAVISENT Technologies Inc.) C:\Windows\System32\Drivers\vdmindvd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00057600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\redbook.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00056576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\swmidi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00055936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkspx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00054760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fssfltr_tdi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00052864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dmusic.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00052480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00052352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tosdvd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00051328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00049408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00048384 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00046464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00045648 _____ (Sonic Solutions) C:\Windows\System32\Drivers\pxhelp20.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00044672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fips.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\p3.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042112 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\imapi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040960 _____ (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nmnt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00037608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wdfldr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00037248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\crusoe.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ip6fw.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00035840 _____ (Research in Motion Ltd) C:\Windows\System32\Drivers\RimSerial.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00035072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msgpc.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00034688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00034560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00034432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rawwan.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00033408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\NVENETFD.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00032512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkfwd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00032128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rndismp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00027392 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00026600 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00026368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbstor.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcamd2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcamd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025471 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sonydcam.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00024960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00024960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00023040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00022271 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00021896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00021376 _____ (Toshiba Corporation) C:\Windows\System32\Drivers\tsbvcap.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vga.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipinip.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wpdusb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00017792 _____ (Parallel Technologies, Inc.) C:\Windows\System32\Drivers\ptilink.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00017152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00016640 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvcchflt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00016512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspti.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00016024 _____ (Secunia) C:\Windows\System32\Drivers\psi_mf_x86.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbintel.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015616 _____ C:\Windows\System32\Drivers\TrueSight.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015112 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115mdfl.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015104 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\diskdump.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00013776 _____ (Smart Link) C:\Windows\System32\Drivers\recagent.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00013240 _____ (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012928 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvnetbus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115whnt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115wh.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115cmnt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115cm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkflt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tunmp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fsvga.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\Windows\System32\Drivers\riodrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\Windows\System32\Drivers\rio8drv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\Windows\System32\Drivers\nikedrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011935 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011871 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011868 _____ (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011807 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011776 _____ (Compaq Computer Corporation) C:\Windows\System32\Drivers\cpqdap01.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011392 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011295 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxapi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00009600 _____ (Leadtek Research Inc.) C:\Windows\System32\Drivers\WINFOXIO.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00008832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00007936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00007552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00006784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\parvdm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00006272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\splitter.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005888 _____ (Microsoft Corp., Veritas Software.) C:\Windows\System32\Drivers\dmload.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005632 _____ C:\Windows\System32\Drivers\StarOpen.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpcdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mnmdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00003456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\oprghdlr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00003328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00003328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgthk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00002944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00002944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:30 - 00049536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\classpnp.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 04030144 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\alcxwdm.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00701440 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00352256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmuni.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00327040 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00272128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00262528 _____ (RAVISENT Technologies Inc.) C:\Windows\System32\Drivers\cinemst2.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00187776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00142592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\aec.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00138496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00104960 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00101120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00096512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00073216 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00071552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00063744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00063663 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00063488 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00060800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\arp1394.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmarpc.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00057856 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00056623 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00055808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmlane.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00052224 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00044928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00043008 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00042752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00042368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00037760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdk7.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdk6.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00036480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00036463 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00034735 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00031744 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00031360 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmepvc.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00030671 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00029455 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00026367 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00021343 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00018688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdaudio.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00017024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00014336 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00013952 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cbidf2k.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00013824 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00013824 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00012047 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00011648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpiec.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00011615 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00009464 _____ (Sonic Solutions) C:\Windows\System32\Drivers\cdralw2k.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00009336 _____ (Sonic Solutions) C:\Windows\System32\Drivers\cdr4_xp.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00004224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\audstub.sys.bak
    2013-12-28 17:11 - 2013-12-28 17:11 - 00000000 ____D C:\Documents and Settings\Max\Application Data\AVAST Software
    2013-12-28 17:08 - 2013-12-28 17:08 - 00001799 _____ C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
    2013-12-28 17:01 - 2013-12-28 17:07 - 00026136 _____ (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
    2013-12-28 17:01 - 2013-12-28 17:06 - 00252336 _____ (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
    2013-12-28 17:01 - 2013-12-19 08:11 - 00104752 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys
    2013-12-28 17:01 - 2013-09-25 07:15 - 00012112 _____ (ALWIL Software) C:\Windows\System32\Drivers\aswNdis.sys
    2013-12-28 16:57 - 2013-12-28 17:08 - 00001739 _____ C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
     
  6. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    ==================== One Month Modified Files and Folders =======

    2014-01-25 18:02 - 2014-01-25 18:02 - 00000000 ____D C:\FRST
    2014-01-25 12:38 - 2014-01-25 12:38 - 00114688 _____ C:\Windows\Minidump\Mini012514-01.dmp
    2014-01-25 12:38 - 2013-02-21 20:20 - 00000000 ____D C:\Windows\Minidump
    2014-01-25 12:26 - 2013-06-11 17:35 - 01766701 _____ C:\Windows\WindowsUpdate.log
    2014-01-25 12:25 - 2013-12-28 19:41 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
    2014-01-25 12:24 - 2013-06-12 15:14 - 00001208 _____ C:\Windows\setupact.log
    2014-01-25 12:24 - 2013-06-11 18:36 - 00087454 _____ C:\Windows\setupapi.log
    2014-01-25 12:22 - 2010-06-12 10:26 - 00000159 _____ C:\Windows\wiadebug.log
    2014-01-25 12:22 - 2010-06-12 10:26 - 00000050 _____ C:\Windows\wiaservc.log
    2014-01-25 12:22 - 2004-08-04 07:00 - 00013646 _____ C:\Windows\System32\wpa.dbl
    2014-01-01 12:37 - 2014-01-01 12:37 - 00114688 _____ C:\Windows\Minidump\Mini010114-03.dmp
    2014-01-01 05:33 - 2014-01-01 05:33 - 00114688 _____ C:\Windows\Minidump\Mini010114-02.dmp
    2014-01-01 05:22 - 2014-01-01 05:22 - 00114688 _____ C:\Windows\Minidump\Mini010114-01.dmp
    2013-12-31 13:07 - 2013-12-31 13:07 - 00114688 _____ C:\Windows\Minidump\Mini123113-03.dmp
    2013-12-31 12:59 - 2013-12-31 12:59 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\Malwarebytes
    2013-12-31 12:49 - 2013-12-31 12:49 - 00114688 _____ C:\Windows\Minidump\Mini123113-02.dmp
    2013-12-31 12:49 - 2010-06-12 09:38 - 00000178 ___SH C:\Documents and Settings\LocalService\ntuser.ini
    2013-12-31 11:37 - 2013-12-30 11:13 - 00000178 ___SH C:\Documents and Settings\Max New.MAX\ntuser.ini
    2013-12-31 11:35 - 2013-12-31 11:35 - 00000000 __SHD C:\Documents and Settings\Max New.MAX\PrivacIE
    2013-12-31 11:32 - 2013-12-31 11:33 - 00114688 _____ C:\Windows\Minidump\Mini123113-01.dmp
    2013-12-31 11:29 - 2013-12-31 11:29 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Local Settings\Application Data\Secunia PSI
    2013-12-31 11:10 - 2013-12-31 11:10 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\AVAST Software
    2013-12-31 11:10 - 2013-12-31 11:10 - 00000000 ____D C:\Documents and Settings\Max New.MAX\Application Data\Adobe
    2013-12-31 11:09 - 2013-06-22 12:16 - 00001187 _____ C:\Windows\wmsetup.log
    2013-12-30 11:12 - 2013-12-30 11:12 - 00114688 _____ C:\Windows\Minidump\Mini123013-05.dmp
    2013-12-30 11:11 - 2013-12-30 11:11 - 00000020 ___SH C:\Documents and Settings\Max New\ntuser.ini
    2013-12-30 11:10 - 2012-10-14 16:27 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
    2013-12-30 11:00 - 2013-12-30 11:00 - 00114688 _____ C:\Windows\Minidump\Mini123013-04.dmp
    2013-12-30 10:55 - 2013-12-30 10:56 - 00098304 _____ C:\Windows\Minidump\Mini123013-03.dmp
    2013-12-30 10:55 - 2013-08-11 08:50 - 00114688 _____ C:\Windows\DUMP1e55.tmp
    2013-12-30 10:54 - 2013-12-30 10:54 - 00090112 _____ C:\Windows\Minidump\Mini123013-02.dmp
    2013-12-30 10:53 - 2013-08-11 08:50 - 00114688 _____ C:\Windows\DUMP2838.tmp
    2013-12-30 10:52 - 2013-08-11 08:50 - 00114688 _____ C:\Windows\DUMP3008.tmp
    2013-12-30 10:48 - 2013-12-30 10:48 - 00114688 _____ C:\Windows\Minidump\Mini123013-01.dmp
    2013-12-30 10:47 - 2013-12-30 10:45 - 00000000 ____D C:\Program Files\Wajam
    2013-12-30 10:45 - 2013-12-30 10:45 - 00000000 ____D C:\Documents and Settings\Max\Local Settings\Application Data\Wajam
    2013-12-30 10:43 - 2013-12-30 10:43 - 00000000 ____D C:\Documents and Settings\Max\Desktop\CPUZ_TSV3RBOD
    2013-12-30 10:42 - 2013-12-30 10:42 - 01078112 _____ (Conduit) C:\Documents and Settings\Max\Desktop\CPUZ_TSV3RBOD.exe
    2013-12-30 10:29 - 2010-06-12 10:21 - 00000327 __RSH C:\boot.ini
    2013-12-30 10:29 - 2004-08-04 07:00 - 00000573 _____ C:\Windows\win.ini
    2013-12-30 10:29 - 2004-08-04 07:00 - 00000227 _____ C:\Windows\system.ini
    2013-12-29 21:54 - 2012-03-20 13:13 - 00000000 ____D C:\Documents and Settings\Max\Application Data\BitComet
    2013-12-29 21:53 - 2010-07-04 06:32 - 00000000 ____D C:\Program Files\MSXML 4.0
    2013-12-29 21:45 - 2013-06-11 17:24 - 00070088 _____ C:\Documents and Settings\Max\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2013-12-29 21:29 - 2013-06-11 17:39 - 02180448 _____ C:\Windows\System32\FNTCACHE.DAT
    2013-12-29 21:27 - 2010-06-12 09:38 - 00000278 ___SH C:\Documents and Settings\Max\ntuser.ini
    2013-12-29 21:20 - 2010-06-12 09:33 - 00000000 ____D C:\Windows\System32\Restore
    2013-12-29 18:58 - 2013-12-29 18:58 - 00000000 ____D C:\Program Files\ESET
    2013-12-29 17:24 - 2013-12-29 17:19 - 00000000 ____D C:\AdwCleaner
    2013-12-29 16:51 - 2010-12-14 01:58 - 00000000 ____D C:\Documents and Settings\Max\Application Data\vlc
    2013-12-29 15:05 - 2013-06-13 01:29 - 00000539 _____ C:\Documents and Settings\Max\Application Data\Rim.Transcoder.Exception.log
    2013-12-29 15:05 - 2013-06-13 01:28 - 00000462 _____ C:\Documents and Settings\Max\Application Data\Rim.DesktopHelper.Exception.log
    2013-12-29 15:05 - 2013-06-13 01:27 - 00000462 _____ C:\Documents and Settings\Max\Application Data\Rim.Desktop.Exception.log
    2013-12-29 08:08 - 2013-12-29 08:08 - 01327264 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
    2013-12-28 20:05 - 2013-06-11 20:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
    2013-12-28 19:40 - 2013-12-28 19:40 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
    2013-12-28 19:30 - 2013-12-28 19:30 - 12648960 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 01309184 _____ (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 01041536 _____ (Conexant Systems, Inc.) C:\Windows\System32\Drivers\HSFDPSP2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00799744 _____ (Microsoft Corp., Veritas Software) C:\Windows\System32\Drivers\dmboot.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00691696 _____ (Duplex Secure Ltd.) C:\Windows\System32\Drivers\sptd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00685056 _____ (Conexant Systems, Inc.) C:\Windows\System32\Drivers\HSFCXTS2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00456320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00452736 _____ (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00444136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wdf01000.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00404990 _____ (Smart Link) C:\Windows\System32\Drivers\slntamr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00384768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\update.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00361600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00357888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00265728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00261504 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvnrm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00226880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip6.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00223128 _____ (Alcohol Soft Co., Ltd.) C:\Windows\System32\Drivers\vaxscsi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00220032 _____ (Conexant Systems, Inc.) C:\Windows\System32\Drivers\HSFBS2S2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00208256 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvsnpu.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00203136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rmcast.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00196224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00182656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00180608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00180360 _____ (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00175744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00172416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kmixer.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00166912 _____ (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00162816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00153344 _____ (Microsoft Corp., Veritas Software) C:\Windows\System32\Drivers\dmio.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00152832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00146048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00144384 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00143744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00141056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00139784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00129792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fltmgr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00129535 _____ (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00126686 _____ (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00125056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ftdisk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00121984 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00120192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pcmcia.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00108680 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115mdm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00105472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00100488 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115mgmt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00098568 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115obex.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00096384 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\scsiport.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00095424 _____ (Smart Link) C:\Windows\System32\Drivers\slnthal.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00092928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00091520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00089856 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvatabus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00088320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkipx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00083208 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115bus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00083072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wdmaud.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00081664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00080128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\parport.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00079232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00075264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipsec.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00073472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00071168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxg.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\psched.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00068224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00067072 _____ (Research In Motion Limited) C:\Windows\System32\Drivers\RimUsb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00064512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\serial.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00063744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mf.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00063232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnknb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00061824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nic1394.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00060800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sysaudio.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00060160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00060032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBAUDIO.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00059520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00059136 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00058112 _____ (RAVISENT Technologies Inc.) C:\Windows\System32\Drivers\vdmindvd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00057600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\redbook.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00056576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\swmidi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00055936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkspx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00054760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fssfltr_tdi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00052864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dmusic.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00052480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\i8042prt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00052352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tosdvd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00051328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rasl2tp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00049408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stream.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00048384 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspptp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00046464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00045648 _____ (Sonic Solutions) C:\Windows\System32\Drivers\pxhelp20.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00044672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00044544 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fips.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\p3.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00042112 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\imapi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspppoe.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040960 _____ (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00040320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nmnt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00037608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wdfldr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00037248 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\crusoe.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ip6fw.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00035840 _____ (Research in Motion Ltd) C:\Windows\System32\Drivers\RimSerial.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00035072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msgpc.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00034688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbios.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00034560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00034432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rawwan.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00033408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\NVENETFD.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00032896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipfltdrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00032512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkfwd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00032128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rndismp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00030080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\modem.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00027392 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fdc.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00026600 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00026368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbstor.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbprint.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcamd2.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbcamd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025471 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00025344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sonydcam.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00024960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00024960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kbdclass.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00023040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouclass.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00022271 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00021896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00021376 _____ (Toshiba Corporation) C:\Windows\System32\Drivers\tsbvcap.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vga.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020864 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipinip.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\flpydisk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\System32\Drivers\secdrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00019072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wpdusb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00017792 _____ (Parallel Technologies, Inc.) C:\Windows\System32\Drivers\ptilink.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00017152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00016640 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvcchflt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00016512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\raspti.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00016024 _____ (Secunia) C:\Windows\System32\Drivers\psi_mf_x86.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbintel.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\serenum.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015616 _____ C:\Windows\System32\Drivers\TrueSight.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015488 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015112 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115mdfl.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00015104 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tape.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\smclib.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\kbdhid.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00014208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\diskdump.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00013776 _____ (Smart Link) C:\Windows\System32\Drivers\recagent.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00013240 _____ (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012928 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvnetbus.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012672 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115whnt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115wh.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115cmnt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012424 _____ (MCCI Corporation) C:\Windows\System32\Drivers\s115cm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwlnkflt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tunmp.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012160 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fsvga.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\Windows\System32\Drivers\riodrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\Windows\System32\Drivers\rio8drv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (S3/Diamond Multimedia Systems) C:\Windows\System32\Drivers\nikedrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00012032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011935 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011871 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011868 _____ (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011807 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011776 _____ (Compaq Computer Corporation) C:\Windows\System32\Drivers\cpqdap01.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011392 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sfloppy.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011295 _____ (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00011008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxapi.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00009600 _____ (Leadtek Research Inc.) C:\Windows\System32\Drivers\WINFOXIO.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00008832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rasacd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00007936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mcd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00007552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mskssrv.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00006784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\parvdm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00006272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\splitter.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rootmdm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005888 _____ (Microsoft Corp., Veritas Software.) C:\Windows\System32\Drivers\dmload.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005632 _____ C:\Windows\System32\Drivers\StarOpen.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00005376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mspclock.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mspqm.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wmilib.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004352 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\swenum.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpcdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00004224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mnmdd.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00003456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\oprghdlr.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00003328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00003328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgthk.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00002944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\null.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:30 - 00002944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys.bak
    2013-12-28 19:30 - 2013-12-28 19:29 - 00049536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\classpnp.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 04030144 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\alcxwdm.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00701440 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtag.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00352256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmuni.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00327040 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00272128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00262528 _____ (RAVISENT Technologies Inc.) C:\Windows\System32\Drivers\cinemst2.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00187776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00142592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\aec.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00138496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00104960 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00101120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00096512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00073216 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00071552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00063744 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00063663 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00063488 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdrom.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00060800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\arp1394.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmarpc.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00057856 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00056623 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00055808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmlane.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00052224 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00044928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00043008 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00042752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00042368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00037760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdk7.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00037376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\amdk6.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00036480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00036463 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00034735 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00031744 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00031360 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\atmepvc.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00030671 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00029455 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00026367 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00021343 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00018688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cdaudio.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00017024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00014336 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\asyncmac.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00014336 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00013952 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cbidf2k.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00013824 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00013824 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00012047 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00011648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpiec.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00011615 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00009464 _____ (Sonic Solutions) C:\Windows\System32\Drivers\cdralw2k.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00009336 _____ (Sonic Solutions) C:\Windows\System32\Drivers\cdr4_xp.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00004224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\beep.sys.bak
    2013-12-28 19:29 - 2013-12-28 19:29 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\audstub.sys.bak
    2013-12-28 18:53 - 2012-06-13 11:50 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-12-28 18:53 - 2011-06-09 03:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2013-12-28 17:29 - 2010-07-10 11:08 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
    2013-12-28 17:11 - 2013-12-28 17:11 - 00000000 ____D C:\Documents and Settings\Max\Application Data\AVAST Software
    2013-12-28 17:08 - 2013-12-28 17:08 - 00001799 _____ C:\Documents and Settings\All Users\Desktop\avast! SafeZone.lnk
    2013-12-28 17:08 - 2013-12-28 16:57 - 00001739 _____ C:\Documents and Settings\All Users\Desktop\avast! Internet Security.lnk
    2013-12-28 17:07 - 2013-12-28 17:01 - 00026136 _____ (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00775952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00410528 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00270240 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
    2013-12-28 17:07 - 2013-08-11 11:13 - 00180248 _____ C:\Windows\System32\Drivers\aswVmm.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00067824 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00057672 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00054832 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys
    2013-12-28 17:07 - 2013-08-11 11:13 - 00049944 _____ C:\Windows\System32\Drivers\aswRvrt.sys
    2013-12-28 17:07 - 2013-08-11 11:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2013-12-28 17:06 - 2013-12-28 17:01 - 00252336 _____ (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
    2013-12-28 17:02 - 2013-08-11 11:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
    2013-12-28 17:01 - 2010-06-12 09:35 - 00002577 _____ C:\Windows\System32\CONFIG.NT
    2013-12-28 16:54 - 2010-06-12 10:17 - 00000000 ____D C:\Windows\Connection Wizard
    2013-12-28 12:43 - 2010-06-13 11:43 - 00086016 _____ C:\Documents and Settings\Max\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-12-27 11:56 - 2013-04-23 17:32 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
    2013-12-27 10:54 - 2010-06-12 12:50 - 00000000 ____D C:\Program Files\Winamp
    2013-12-27 10:51 - 2010-06-12 12:52 - 00000654 _____ C:\Documents and Settings\All Users\Desktop\Winamp.lnk
    2013-12-27 10:51 - 2010-06-12 12:52 - 00000000 ____D C:\Program Files\Winamp Detect
    2013-12-27 10:13 - 2013-06-25 07:46 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

    Some content of TEMP:
    ====================
    C:\Documents and Settings\Max\Local Settings\Temp\nsd22.exe
    C:\Documents and Settings\Max\Local Settings\Temp\nsn29.exe
    C:\Documents and Settings\Max New.MAX\Local Settings\Temp\{786ABE6D-BCFF-48D4-A644-D682149E3338}-32.0.1700.76_31.0.1650.63_chrome_updater.exe


    ==================== Known DLLs (Whitelisted) ============


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points (XP) =====================

    RP: -> 2013-12-29 21:53 - 020480 _restore{525BA4ED-4524-4359-90FD-52AC95608C25}\RP1001

    RP: -> 2013-12-29 21:20 - 020480 _restore{525BA4ED-4524-4359-90FD-52AC95608C25}\RP1000


    ==================== Memory info ===========================

    Percentage of memory in use: 8%
    Total physical RAM: 3327.48 MB
    Available physical RAM: 3044.39 MB
    Total Pagefile: 3150.7 MB
    Available Pagefile: 3082.98 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 2000.53 MB

    ==================== Drives ================================

    Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
    Drive c: () (Fixed) (Total:146.88 GB) (Free:29.38 GB) NTFS ==>[Drive with boot components (Windows XP)]
    Drive d: () (Removable) (Total:3.74 GB) (Free:3.47 GB) FAT32
    Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: E168E168)
    Partition 1: (Active) - (Size=147 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=2 GB) - (Type=12)

    ========================================================
    Disk: 1 (Size: 4 GB) (Disk ID: 01117399)
    Partition 1: (Active) - (Size=4 GB) - (Type=0B)

    ==================== End Of Log ============================
     
  7. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    I don't actually see anything malicious there.

    Did you try to boot to safe mode?
     
  8. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    No I just let the PC boot up from the cd
     
  9. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    See if safe mode will work.

    If so I can see couple of restore points:

    RP: -> 2013-12-29 21:53 - 020480 _restore{525BA4ED-4524-4359-90FD-52AC95608C25}\RP1001
    RP: -> 2013-12-29 21:20 - 020480 _restore{525BA4ED-4524-4359-90FD-52AC95608C25}\RP1000

    Try to use one of them.
     
  10. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    I have been able to restart the PC in safe mode and have used an earlier restore point. The pc has started up again with the Reatogo desktop
     
  11. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    I have just received a blue screen error message saying IRQL_NOT_LESS_OR_EQUAL
     
  12. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    I have rebooted and the pc started up from the restore point. It then cut out , rebooted and loaded the Reatogo desktop
     
  13. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Remove OTLPE CD restart computer and see if you can boot to normal or safe mode.
     
  14. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    My Pc booted up to my desktop then pc cut out and rebooted. I have rebooted it in safe mode
     
  15. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    [​IMG] Download Malwarebytes' Anti-Malware (MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.
    Alternate download: http://www.filehippo.com/download_malwarebytes_anti_malware/
    NOTE. If you already have MBAM installed, update it before running the scan.

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    Be sure to restart the computer IF MBAM asks you to do so.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    [​IMG] Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
     
  16. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    I managed to start the malware bytes program, during the scan it detected 10 warnings then the pc shut down and rebooted before it could finish
     
  17. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Try the other two.
     
  18. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    I tried rouge killer and it got part way through the scan then pc cut out and rebooted. when I tried to start safe mode again it loaded up to desktop then cut out and rebooted and is continuing to do so
     
  19. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Since I don't see anything malicious there I suspect you may have some hardware issue.
    In any case....

    In this forum, we make sure, your computer is free of malware and your computer is clean :)
    Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
    You'll get more attention.

    Good luck :)
     
  20. morphy201180

    morphy201180 TS Enthusiast Topic Starter Posts: 79

    I have checked the hardware and there are no issues. It must be something do with malware as every scan I have ran has detected multiple viruses but shuts down my pc before I can remove them
     
  21. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    As I said FRST scan does show anything malicious.
    You may see something in MBAM scan but those would be most likely some adwares - nothing so serious as to causing your computer to reboot.

    Your best option is to create new topic in Windows forum.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...