Inactive 579 Locked/Infected files on my pc

[Chris Corson]

Lenovo Touch All in One C540
4.00 GB of Ram
Windows 8.1

I just ran a full scan with AVG and it found 579 Locked/Infected files on my pc.I have been dealing with a nasty rootkit infection embedded on my hardrive for a couple months now.I have tried "everything under the sun" to remove it including many rescue cd's,every rootkit remover out there,Antivirus boot cd's,countless wipes with Killdisk,clean installs,etc......It is"always"rearing its head again right after a fresh windows install.If I run regrun Warrior CD,it tells me services.exe and explorer.exe and many other system files are infected along with my Volume Boot Record.If I try to remove those files,windows fails to boot "ever again" until I reinstall the operating system.I feel as though as my hands are tied at this point and I may never be able to use my pc again.I am at my wit's end!!!!the only other security programs I have installed "at this point" are Malwarebytes,Spybot,and YAC.If anyone out there can help or has any suggestions it would be much appreciated!!!!!!!!!!
Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/23/2013 03:15:43 PM in x64 mode.
Windows Version: Windows 8.1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* @(BrandName) (WinDefend) is not Running.
Startup Type set to: Manual
* AllUserInstallAgent [Missing Service]
* SDRSVC [Missing Service]
* adp94xx [Missing Service]
* adpahci [Missing Service]
* adpu320 [Missing Service]
* arc [Missing Service]
* AsyncMac [Missing Service]
* discache [Missing Service]
* iirsp [Missing Service]
* LSI_SCSI [Missing Service]
* nfrd960 [Missing Service]
* PptpMiniport [Missing Service]
* RasAgileVpn [Missing Service]
* Rasl2tp [Missing Service]
* Wanarp [Missing Service]
* Wanarpv6 [Missing Service]
* Wd [Missing Service]
* AppMgmt [Missing Service]
* CSC [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* SystemEventsBroker => %SystemRoot%\system32\svchost.exe -k DcomLaunch [Incorrect ImagePath]
* WinDefend => %SystemRoot%\System32\svchost.exe -k secsvcs [Incorrect ImagePath]
* WSService => %SystemRoot%\System32\svchost.exe -k wsappx [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
20 out of 15491 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 12/23/2013 03:15:46 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

[HJT log removed by Broni]

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Chris Corson]

I can't run DDS in Windows 8.1.Is there an alternative?Would you like me to run Fbar?Will be posting Malwarebytes log shortly.

 

[Broni]

DDS works fine with Windows 8.1.
What happens?

 

[Chris Corson]

It tells me it is not intended to run in compatibility mode,does not appear to be anyway to alter the compability.let me know if you have any suggestions,appreciate your assistance.

 

[Chris Corson]

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.24.05
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Brown :: FAMILY [administrator]
Protection: Enabled
12/24/2013 12:18:46 PM
MBAM-log-2013-12-24 (12-47-07).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 330992
Time elapsed: 23 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (regedit "%1" %*) Good: (regedit.exe "%1") -> No action taken.
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

[Broni]

Your MBAM log says "No action taken".
Re-run MBAM, fix the issue, post new log.

Then...

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

 

[Chris Corson]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2013 01
Ran by Brown (administrator) on FAMILY on 24-12-2013 12:55:16
Running from C:\Users\Brown\AppData\Local\Microsoft\Windows\INetCache\IE\4807UF27
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20586656 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitRmvirus.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: about:blank
CHR RestoreOnStartup: "about:blank"
CHR DefaultSearchKeyword: Google
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Docs) - C:\Users\Brown\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Brown\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Brown\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Brown\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Brown\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Brown\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [452264 2013-12-19] (Elex do Brasil Participações Ltda)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
S0 bqirik; No ImagePath
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWow64\drivers\EMSC.SYS [15160 2012-07-10] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-22] (Microsoft Corporation)
R3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [201216 2013-12-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [44032 2013-12-19] (Elex do Brasil Participações Ltda)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [232576 2012-09-24] (Vimicro Corporation)
R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [13696 2012-05-02] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2013-12-24 12:54 - 2013-12-24 12:54 - 00000000 ____D C:\FRST
2013-12-24 12:34 - 2013-12-24 12:19 - 00688992 _____ (Swearware) C:\WINDOWS\system32\dds.com
2013-12-24 12:33 - 2013-12-24 12:19 - 00688992 _____ (Swearware) C:\dds.com
2013-12-24 12:21 - 2013-12-24 12:21 - 00688992 _____ (Swearware) C:\Users\Brown\Downloads\dds.scr
2013-12-24 12:19 - 2013-12-24 12:19 - 00688992 _____ (Swearware) C:\Users\Brown\Downloads\dds.com
2013-12-23 19:01 - 2013-12-23 19:06 - 00007785 _____ C:\Users\Brown\Downloads\hijackthis.log
2013-12-23 18:58 - 2013-12-23 18:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\Brown\Downloads\HijackThis.exe
2013-12-23 17:30 - 2013-12-24 12:33 - 00000000 ____D C:\Users\Brown\AppData\Roaming\ClassicShell
2013-12-23 17:30 - 2013-12-23 13:47 - 00002171 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-23 16:16 - 2013-12-23 17:37 - 00003338 _____ C:\WINDOWS\PFRO.log
2013-12-23 15:45 - 2013-12-23 15:45 - 00053248 _____ C:\Users\Brown\Downloads\rmstubby.exe
2013-12-23 15:45 - 2013-12-23 15:45 - 00023552 _____ C:\Users\Brown\Downloads\rmska99.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00065536 _____ C:\Users\Brown\Downloads\rmbugbear.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00025600 _____ C:\Users\Brown\Downloads\rmppark.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00015872 _____ C:\Users\Brown\Downloads\rmveronb.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00015872 _____ C:\Users\Brown\Downloads\rmveronb (1).exe
2013-12-23 15:43 - 2013-12-23 15:43 - 00049152 _____ C:\Users\Brown\Downloads\rmmydoom_f2.exe
2013-12-23 15:43 - 2013-12-23 15:43 - 00025600 _____ C:\Users\Brown\Downloads\rmlovgte.exe
2013-12-23 15:42 - 2013-12-23 15:42 - 00022528 _____ C:\Users\Brown\Downloads\rmnavida.com
2013-12-23 15:41 - 2013-12-23 15:41 - 00343552 _____ C:\Users\Brown\Downloads\rmvirus32 (1).nt
2013-12-23 15:41 - 2013-12-23 15:41 - 00212004 _____ C:\Users\Brown\Downloads\rmvirus (1).dos
2013-12-23 15:41 - 2013-12-23 15:41 - 00160768 _____ C:\Users\Brown\Downloads\rmvampir.exe
2013-12-23 15:41 - 2013-12-23 15:41 - 00056320 _____ C:\Users\Brown\Downloads\rmlove.exe
2013-12-23 15:41 - 2013-12-23 15:41 - 00027648 _____ C:\Users\Brown\Downloads\rmswen.exe
2013-12-23 15:40 - 2013-12-23 15:40 - 00029696 _____ C:\Users\Brown\Downloads\rmsircam.com
2013-12-23 15:40 - 2013-12-23 15:40 - 00028672 _____ C:\Users\Brown\Downloads\rmganda.exe
2013-12-23 15:40 - 2013-12-23 15:40 - 00028672 _____ C:\Users\Brown\Downloads\rmganda (1).exe
2013-12-23 15:40 - 2013-12-23 15:40 - 00025392 _____ C:\Users\Brown\Downloads\rmvalla.exe
2013-12-23 15:39 - 2013-12-23 15:39 - 00439296 _____ C:\Users\Brown\Downloads\rmluder.nt
2013-12-23 15:39 - 2013-12-23 15:39 - 00348672 _____ C:\Users\Brown\Downloads\rmbg3svx.nt
2013-12-23 15:39 - 2013-12-23 15:39 - 00258310 _____ C:\Users\Brown\Downloads\rmluder.dos
2013-12-23 15:39 - 2013-12-23 15:39 - 00226816 _____ C:\Users\Brown\Downloads\rmluder.exe
2013-12-23 15:39 - 2013-12-23 15:39 - 00162304 _____ C:\Users\Brown\Downloads\rmbg3svx.exe
2013-12-23 15:38 - 2013-12-23 15:38 - 00339968 _____ C:\Users\Brown\Downloads\rmelkern.exe
2013-12-23 15:38 - 2013-12-23 15:38 - 00287744 _____ C:\Users\Brown\Downloads\rmvirus32.nt
2013-12-23 15:38 - 2013-12-23 15:38 - 00189104 _____ C:\Users\Brown\Downloads\rmvirus.dos
2013-12-23 15:36 - 2013-12-23 15:36 - 00027648 _____ C:\Users\Brown\Downloads\rmmag.exe
2013-12-23 15:35 - 2013-12-23 15:35 - 03454000 _____ C:\Users\Brown\Downloads\avg_remover_virut (1).exe
2013-12-23 15:35 - 2013-12-23 15:35 - 00025968 _____ C:\Users\Brown\Downloads\rmdptor.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 03454000 _____ C:\Users\Brown\Downloads\avg_remover_virut.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 02810112 _____ C:\Users\Brown\Downloads\avg_remover_dundun.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 02175816 _____ C:\Users\Brown\Downloads\avg_remover_alman.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 01258032 _____ C:\Users\Brown\Downloads\avg_remover_bootkit.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_hidrag.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 03411504 _____ C:\Users\Brown\Downloads\avg_remover_expiro.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 02899016 _____ C:\Users\Brown\Downloads\avg_remover_chir.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 02774272 _____ C:\Users\Brown\Downloads\avg_remover_mabezat.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 00339968 _____ C:\Users\Brown\Downloads\avg_remover_kriz.exe
2013-12-23 15:32 - 2013-12-23 15:32 - 04434760 _____ C:\Users\Brown\Downloads\avg_remover_murof.exe
2013-12-23 15:32 - 2013-12-23 15:32 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_neshta.exe
2013-12-23 15:31 - 2013-12-23 15:31 - 02774272 _____ C:\Users\Brown\Downloads\avg_remover_parite (1).exe
2013-12-23 15:31 - 2013-12-23 15:31 - 01279536 _____ C:\Users\Brown\Downloads\avg_remover_nimda.exe
2013-12-23 15:30 - 2013-12-23 15:30 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_prepender.exe
2013-12-23 15:30 - 2013-12-23 15:30 - 02774272 _____ C:\Users\Brown\Downloads\avg_remover_parite.exe
2013-12-23 15:30 - 2013-12-23 15:30 - 02765056 _____ C:\Users\Brown\Downloads\avg_remover_protector.exe
2013-12-23 15:28 - 2013-12-23 15:28 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_serpip.exe
2013-12-23 15:28 - 2013-12-23 15:28 - 03448880 _____ C:\Users\Brown\Downloads\avg_remover_slt.exe
2013-12-23 15:28 - 2013-12-23 15:28 - 02229064 _____ C:\Users\Brown\Downloads\avg_remover_selges.exe
2013-12-23 15:27 - 2013-12-23 15:27 - 02905928 _____ C:\Users\Brown\Downloads\avg_remover_slugin.exe
2013-12-23 15:26 - 2013-12-23 15:27 - 02550272 _____ C:\Users\Brown\Downloads\avg_remover_tanatos.exe
2013-12-23 15:26 - 2013-12-23 15:26 - 03415088 _____ C:\Users\Brown\Downloads\avg_remover_zeroaccess.exe
2013-12-23 15:26 - 2013-12-23 15:26 - 02135368 _____ C:\Users\Brown\Downloads\avg_remover_bamital.exe
2013-12-23 15:25 - 2013-12-23 15:25 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_zbot.exe
2013-12-23 15:25 - 2013-12-23 15:25 - 03429912 _____ C:\Users\Brown\Downloads\avg_remover_gaelicum.exe
2013-12-23 15:25 - 2013-12-23 15:25 - 03412016 _____ C:\Users\Brown\Downloads\avg_remover_downadup.exe
2013-12-23 15:16 - 2013-12-23 15:16 - 00001793 _____ C:\Users\Public\Desktop\YAC.lnk
2013-12-23 15:15 - 2013-12-23 15:15 - 00003126 _____ C:\WINDOWS\System32\Tasks\{EBFE3C06-40BA-4D8D-B9D0-FC0748C052FA}
2013-12-23 15:05 - 2013-12-23 15:05 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-23 15:05 - 2013-12-23 15:05 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Users\Brown\AppData\Local\Apple
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\ProgramData\Apple
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Program Files\Bonjour
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-23 15:01 - 2013-12-23 15:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-23 15:01 - 2013-12-23 15:01 - 00000000 ____D C:\WINDOWS\Panther
2013-12-23 14:43 - 2013-12-23 14:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2013-12-23 14:39 - 2013-12-23 15:16 - 00000000 ____D C:\Program Files (x86)\iSafe
2013-12-23 14:39 - 2013-12-23 14:39 - 00000911 _____ C:\WINDOWS\wininit.ini
2013-12-23 14:16 - 2013-12-23 14:16 - 00450664 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20131223-141655.backup
2013-12-23 14:16 - 2013-12-23 14:16 - 00450664 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20131223-141643.backup
2013-12-23 14:16 - 2013-12-23 13:19 - 00000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20131223-141630.backup
2013-12-23 14:05 - 2013-12-23 14:05 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2013-12-23 14:00 - 2013-12-23 14:00 - 00000000 ____D C:\Users\Brown\AppData\Local\CrashDumps
2013-12-23 13:59 - 2013-12-23 14:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-23 13:59 - 2013-12-23 14:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-23 13:59 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2013-12-23 13:54 - 2013-12-23 13:54 - 00001835 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-12-23 13:54 - 2013-12-23 13:54 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Spotify
2013-12-23 13:53 - 2013-12-23 13:53 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-12-23 13:53 - 2013-12-01 08:10 - 00257624 _____ C:\WINDOWS\system32\unrar64.dll
2013-12-23 13:53 - 2013-12-01 08:10 - 00218200 _____ C:\WINDOWS\SysWOW64\unrar.dll
2013-12-23 13:51 - 2013-12-23 15:18 - 00000000 ____D C:\Users\Brown\AppData\Roaming\vlc
2013-12-23 13:51 - 2013-12-23 15:01 - 00000000 ____D C:\ProgramData\Skype
2013-12-23 13:51 - 2013-12-23 13:51 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-23 13:51 - 2013-12-23 13:51 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-12-23 13:50 - 2013-12-23 13:50 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-23 13:50 - 2013-12-23 13:50 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-12-23 13:49 - 2013-12-23 13:49 - 00000000 ____D C:\Program Files (x86)\GUMF4FD.tmp
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Winamp
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Users\Brown\AppData\Roaming\MediaMonkey
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files\WinRAR
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files\7-Zip
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-12-23 13:46 - 2013-12-23 13:47 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-23 13:46 - 2013-12-23 13:46 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-23 13:46 - 2013-12-23 13:46 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-23 13:46 - 2013-12-23 13:46 - 00000000 ____D C:\Program Files\Java
2013-12-23 13:45 - 2013-12-23 13:46 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-12-23 13:45 - 2013-12-23 13:45 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-12-23 13:45 - 2013-12-23 13:45 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-12-23 13:45 - 2013-12-23 13:45 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-23 13:44 - 2013-12-24 12:54 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-23 13:44 - 2013-12-24 12:15 - 00002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-23 13:44 - 2013-12-24 12:14 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-23 13:44 - 2013-12-23 15:07 - 00000000 ____D C:\Users\Brown\AppData\Local\Google
2013-12-23 13:44 - 2013-12-23 13:57 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-23 13:44 - 2013-12-23 13:49 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-23 13:44 - 2013-12-23 13:49 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-23 13:44 - 2013-12-23 13:45 - 00000000 ____D C:\Program Files (x86)\GUMB874.tmp
2013-12-23 13:40 - 2013-12-23 13:40 - 00003078 _____ C:\WINDOWS\System32\Tasks\{ACFB431C-8D0F-4B24-87CF-36B6ACBDB34C}
2013-12-23 13:38 - 2013-12-23 13:39 - 09117752 _____ C:\Users\Brown\Downloads\yet_another_cleaner.exe
2013-12-23 13:02 - 2013-12-23 19:38 - 00000000 ____D C:\Users\Brown\AppData\Roaming\iSafe
2013-12-23 12:55 - 2013-12-23 12:55 - 00047104 ___SH C:\Users\Brown\Desktop\Thumbs.db
2013-12-23 12:19 - 2013-12-23 12:19 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS.bak
2013-12-23 05:13 - 2013-12-23 05:13 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Comodo
2013-12-23 05:05 - 2013-12-23 05:05 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2013-12-23 04:23 - 2013-12-23 04:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2013-12-23 04:23 - 2013-12-23 04:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2013-12-23 03:50 - 2013-12-23 14:55 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-23 03:48 - 2013-12-23 03:48 - 00000000 ____D C:\Users\Brown\Downloads\tdsskiller
2013-12-23 03:46 - 2013-12-23 03:46 - 04101441 _____ C:\Users\Brown\Downloads\tdsskiller.zip
2013-12-23 03:46 - 2013-12-23 03:46 - 00002374 _____ C:\WINDOWS\System32\Tasks\ASC7U_SkipUac_Brown
2013-12-23 02:37 - 2013-12-23 02:37 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Brown\Downloads\tdsskiller.exe
2013-12-23 02:16 - 2013-12-23 12:19 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2013-12-23 02:00 - 2013-12-23 02:35 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-12-23 01:59 - 2013-12-23 02:02 - 00000000 ____D C:\AdwCleaner
2013-12-23 01:55 - 2013-12-23 01:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-23 01:45 - 2013-12-23 01:45 - 01034531 _____ (Thisisu) C:\Users\Brown\Downloads\JRT.exe
2013-12-23 01:13 - 2013-12-23 01:13 - 00000000 ____D C:\Users\Brown\Downloads\mbam-chameleon-1.62.1.1000
2013-12-23 01:13 - 2013-12-23 01:13 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Malwarebytes
2013-12-23 01:13 - 2013-12-23 01:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-23 01:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-23 00:58 - 2013-12-23 12:19 - 00089304 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00252728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00194872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys.bak
2013-12-23 00:55 - 2013-12-23 12:19 - 00020496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys.bak
2013-12-23 00:50 - 2013-12-23 00:50 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-23 00:47 - 2013-12-23 12:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-23 00:47 - 2013-12-23 00:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-23 00:42 - 2013-12-23 00:43 - 00000000 ____D C:\ProgramData\ProductData
2013-12-23 00:42 - 2013-12-23 00:43 - 00000000 ____D C:\ProgramData\IObit
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\Users\Brown\AppData\Roaming\IObit
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Apple Computer
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-23 00:35 - 2013-12-23 00:35 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Brown\Downloads\mbar-1.07.0.1008.exe
2013-12-23 00:24 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\rkill.scr
2013-12-23 00:24 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\iExplore.exe
2013-12-23 00:24 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\eXplorer.exe
2013-12-23 00:23 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\WiNlOgOn.exe
2013-12-23 00:23 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\uSeRiNiT.exe
2013-12-22 22:42 - 2013-12-22 22:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-22 22:42 - 2013-12-22 22:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-22 22:28 - 2013-12-22 22:28 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-22 22:28 - 2013-12-22 22:28 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-22 22:27 - 2013-12-22 22:27 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-22 22:27 - 2013-12-22 22:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-22 22:27 - 2013-12-22 22:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-22 22:27 - 2013-12-22 22:27 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-22 22:27 - 2013-12-22 22:27 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-22 22:26 - 2013-12-22 22:26 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-22 21:42 - 2013-12-22 21:42 - 00000000 ____D C:\Users\Brown\AppData\Roaming\AVG2014
2013-12-22 21:41 - 2013-12-22 21:42 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-22 21:41 - 2013-12-22 21:41 - 00000000 ____D C:\Users\Brown\AppData\Roaming\TuneUp Software
2013-12-22 21:41 - 2013-12-22 21:41 - 00000000 ____D C:\Program Files (x86)\AVG
2013-12-22 21:41 - 2013-12-22 21:41 - 00000000 ____D C:\$AVG
2013-12-22 21:40 - 2013-12-24 12:13 - 00000000 ____D C:\ProgramData\MFAData
2013-12-22 21:40 - 2013-12-22 21:58 - 00000000 ____D C:\Users\Brown\AppData\Local\Avg2014
2013-12-22 21:40 - 2013-12-22 21:40 - 00000000 ____D C:\Users\Brown\Downloads\wsusoffline88
2013-12-22 21:40 - 2013-12-22 21:40 - 00000000 ____D C:\Users\Brown\AppData\Local\MFAData
2013-12-22 21:36 - 2013-12-22 21:37 - 01973047 _____ C:\Users\Brown\Downloads\wsusoffline88.zip
2013-12-22 21:29 - 2013-12-22 21:29 - 00000000 ___SD C:\Users\Brown\Documents\Passwords Database
2013-12-22 21:18 - 2013-12-22 21:29 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-22 20:35 - 2013-12-24 12:16 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15DC692E-00EA-4977-AF87-652D4FA70C6D}
2013-12-22 20:33 - 2013-12-22 20:33 - 00000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-22 20:17 - 2013-12-23 02:31 - 00000630 _____ C:\WINDOWS\SysWOW64\BroomData.bit
2013-12-22 20:06 - 2013-12-23 12:20 - 00232576 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vmc412.sys.bak
2013-12-22 20:06 - 2013-12-23 12:20 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys.bak
2013-12-22 20:06 - 2013-12-23 12:20 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys.bak
2013-12-22 20:06 - 2013-12-23 12:20 - 00013696 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vmuacflt.sys.bak
2013-12-22 20:05 - 2013-12-23 12:20 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00651248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAV.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00342528 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00269968 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00099320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00081760 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas3.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00039320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\intelaud.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00027032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iwdbus.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00024568 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00017720 _____ C:\WINDOWS\system32\Drivers\EMSC.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00017624 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys.bak
2013-12-22 20:05 - 2013-12-23 12:19 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys.bak
2013-12-22 20:05 - 2013-12-22 20:06 - 00072688 _____ (ENE TECHNOLOGY INC.) C:\WINDOWS\system32\Drivers\enecir.sys.bak
2013-12-22 20:05 - 2013-12-22 20:06 - 00025296 _____ (ENE TECHNOLOGY INC.) C:\WINDOWS\system32\Drivers\enecirhid.sys.bak
2013-12-22 20:04 - 2013-12-23 12:19 - 00782176 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys.bak
2013-12-22 19:41 - 2013-12-23 18:23 - 00000000 __RDO C:\Users\Brown\SkyDrive
2013-12-22 19:39 - 2013-12-22 19:39 - 00001443 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-22 19:39 - 2013-12-22 19:39 - 00000020 ___SH C:\Users\Brown\ntuser.ini
2013-12-22 19:37 - 2013-12-24 12:34 - 01237035 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-22 19:37 - 2013-12-22 19:37 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-22 19:33 - 2013-12-22 19:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-22 19:33 - 2013-12-22 19:33 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-22 19:33 - 2013-12-22 19:33 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-22 19:32 - 2013-12-23 02:11 - 00000000 ____D C:\Users\Brown
2013-12-22 19:32 - 2013-12-22 19:37 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2013-12-22 19:32 - 2013-12-22 19:37 - 00020958 _____ C:\WINDOWS\diagerr.xml
2013-12-22 19:32 - 2013-12-22 19:33 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-22 19:32 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-22 19:32 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-22 19:32 - 2013-08-22 10:36 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-22 19:30 - 2013-12-22 19:33 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-22 19:30 - 2013-12-22 19:30 - 00000000 ____D C:\WINDOWS\VMC412
2013-12-22 19:30 - 2013-10-03 23:43 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2013-12-22 19:30 - 2013-10-03 23:43 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2013-12-22 16:45 - 2013-12-22 16:45 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-12-22 16:44 - 2013-12-22 16:44 - 00015772 _____ C:\WINDOWS\system32\results.xml
2013-12-22 15:32 - 2013-12-22 15:32 - 00000000 ____D C:\Users\Brown\AppData\Local\Adobe
2013-12-22 15:32 - 2013-12-22 15:32 - 00000000 ____D C:\ProgramData\Adobe
2013-12-22 15:32 - 2013-12-22 15:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-22 15:31 - 2013-12-22 15:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-22 15:31 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-22 15:29 - 2013-01-23 10:22 - 00342528 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2013-12-22 15:29 - 2013-01-23 10:22 - 00016896 _____ (Intel(R) Corporation) C:\WINDOWS\system32\IntcDAuC.dll
2013-12-22 15:28 - 2013-12-22 15:28 - 00000000 ____D C:\ProgramData\lenovo Cam_Win8 V93
2013-12-22 15:28 - 2013-12-22 15:28 - 00000000 ____D C:\Program Files (x86)\Vimicro Corporation
2013-12-22 15:28 - 2012-09-24 18:32 - 00232576 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vmc412.sys
2013-12-22 15:28 - 2012-08-24 13:41 - 00131072 _____ (Vimicro Corporation) C:\WINDOWS\SysWOW64\vmctrl.ax
2013-12-22 15:28 - 2012-08-24 13:39 - 00178688 _____ (Vimicro Corporation) C:\WINDOWS\system32\vmctrl.ax
2013-12-22 15:28 - 2012-08-22 10:12 - 00073728 _____ (Vimicro Corporation) C:\WINDOWS\SysWOW64\exvmuvc.ax
2013-12-22 15:28 - 2012-05-02 16:03 - 00013696 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vmuacflt.sys
2013-12-22 15:28 - 2012-03-22 10:35 - 00117760 _____ (Vimicro Corp) C:\WINDOWS\system32\VimicroApoPgExtX64.dll
2013-12-22 15:28 - 2012-03-16 18:13 - 00106496 _____ (Vimicro Corporation) C:\WINDOWS\system32\VimicroAPOX64.dll
2013-12-22 15:27 - 2013-12-22 15:27 - 00000000 ____D C:\Program Files\H339 DVBT TVtunner Driver
2013-12-22 15:27 - 2013-12-22 15:27 - 00000000 ____D C:\Program Files (x86)\H339 ATSC TVtunner Driver
2013-12-22 15:26 - 2013-12-22 16:35 - 00000000 ____D C:\ProgramData\Win864
2013-12-22 15:26 - 2013-12-22 16:35 - 00000000 ____D C:\ProgramData\Win832
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\XP32
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Win764
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Win732
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Vista64
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Vista32
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\Compal Embedded System Control
2013-12-22 15:25 - 2013-12-22 15:25 - 00000117 _____ C:\WINDOWS\system32\netcfg-1523218.txt
2013-12-22 15:25 - 2013-12-22 15:25 - 00000117 _____ C:\WINDOWS\system32\netcfg-1521046.txt
2013-12-22 15:25 - 2013-12-22 15:25 - 00000088 _____ C:\WINDOWS\system32\netcfg-1523421.txt
2013-12-22 15:25 - 2013-12-22 15:25 - 00000000 ____D C:\Users\Brown\AppData\Roaming\InstallShield
2013-12-22 15:24 - 2013-12-22 15:27 - 00000000 ____D C:\Program Files (x86)\AVerMedia
2013-12-22 15:23 - 2013-12-22 19:33 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-12-22 15:23 - 2013-12-22 15:25 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-22 15:23 - 2013-12-22 15:23 - 00000000 ____D C:\Program Files\DIFX
2013-12-22 15:23 - 2012-07-03 14:09 - 09888912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtsP2StorIcon.dll
2013-12-22 15:23 - 2012-07-03 14:09 - 00269968 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2013-12-22 15:22 - 2013-12-23 01:06 - 00000000 ____D C:\WINDOWS\jmesoft
2013-12-22 15:22 - 2013-12-22 15:31 - 00000000 ____D C:\ProgramData\Intel
2013-12-22 15:22 - 2012-06-21 17:13 - 00015168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2013-12-22 15:21 - 2013-12-22 15:21 - 00000000 ____D C:\Program Files\Intel
2013-12-22 15:21 - 2012-07-04 10:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\WINDOWS\SysWOW64\CSVer.dll
2013-12-22 15:21 - 2012-07-02 15:16 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys
2013-12-22 15:18 - 2013-12-22 15:28 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-12-22 15:18 - 2013-12-22 15:25 - 00000000 ____D C:\Program Files (x86)\Lenovo

 

[Chris Corson]

2013-12-22 15:15 - 2013-05-03 23:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2013-12-22 15:15 - 2013-05-03 23:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-12-22 15:13 - 2013-12-22 15:13 - 03088144 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100457.exe
2013-12-22 15:13 - 2013-12-22 15:13 - 03086720 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100456.exe
2013-12-22 15:13 - 2013-12-22 15:13 - 01025984 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100378 (1).exe
2013-12-22 15:12 - 2013-12-22 15:14 - 10249000 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100453 (2).exe
2013-12-22 15:12 - 2013-12-22 15:14 - 10249000 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100453 (1).exe
2013-12-22 15:12 - 2013-12-22 15:12 - 01025984 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100378.exe
2013-12-22 15:11 - 2013-12-22 15:14 - 18918728 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100391.exe
2013-12-22 15:11 - 2013-12-22 15:14 - 10249000 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100453.exe
2013-12-22 15:11 - 2013-12-22 15:13 - 14524840 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100408_64.exe
2013-12-22 15:11 - 2013-12-22 15:12 - 03906688 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100409_64.exe
2013-12-22 15:11 - 2013-12-22 15:12 - 03173184 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100263.exe
2013-12-22 15:10 - 2013-12-22 15:15 - 88575992 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100538.exe
2013-12-22 15:10 - 2013-12-22 15:14 - 31058552 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100358.exe
2013-12-22 15:10 - 2013-12-22 15:13 - 11005168 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100493.exe
2013-12-22 15:10 - 2013-12-22 15:13 - 11005168 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100493 (1).exe
2013-12-22 15:10 - 2013-12-22 15:13 - 07606648 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100376.exe
2013-12-22 15:10 - 2013-12-22 15:12 - 02079072 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100363 (1).exe
2013-12-22 15:10 - 2013-12-22 15:11 - 03366776 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100397.exe
2013-12-22 15:10 - 2013-12-22 15:11 - 02079072 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100363.exe
2013-12-22 15:10 - 2013-12-22 15:11 - 01542552 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100356.exe
2013-12-22 15:08 - 2013-12-22 15:09 - 35792064 _____ (Lenovo Group Limited) C:\Users\Brown\Downloads\lscsetup_x64_23002.exe
2013-12-22 14:54 - 2013-12-22 14:54 - 00033512 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS.bak
2013-12-22 14:44 - 2013-11-26 12:25 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-12-22 14:38 - 2013-12-23 15:05 - 00000000 ____D C:\Users\Brown\Desktop\Essentials
2013-12-22 14:31 - 2013-12-23 13:12 - 00818732 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-12-22 14:25 - 2013-12-23 13:22 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-12-22 14:24 - 2013-12-22 14:24 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-FAMILY-Microsoft-Windows-8-(64-bit).dat
2013-12-22 14:22 - 2013-12-22 14:22 - 00000000 ____D C:\RegBackup
2013-12-22 14:17 - 2013-12-22 14:17 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-22 14:14 - 2013-12-23 13:48 - 00000000 ____D C:\Program Files (x86)\HDD Regenerator
2013-12-22 14:14 - 2013-12-22 14:14 - 00000000 ____D C:\Users\Brown\AppData\Local\Downloaded Installations
2013-12-22 14:13 - 2013-12-22 14:13 - 05045639 _____ C:\Users\Brown\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-12-22 14:11 - 2013-12-22 22:53 - 00000000 ____D C:\Users\Brown\AppData\Roaming\uTorrent
2013-12-22 14:11 - 2013-12-22 14:11 - 00000829 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-12-22 00:18 - 2013-12-22 19:31 - 00000000 ____D C:\Recovery
2013-12-22 00:17 - 2013-12-22 00:17 - 00001136 _____ C:\WINDOWS\system32\netcfg-48453.txt
2013-12-22 00:17 - 2013-12-22 00:17 - 00001135 _____ C:\WINDOWS\system32\netcfg-37093.txt
2013-12-22 00:17 - 2013-12-22 00:17 - 00000197 _____ C:\WINDOWS\system32\netcfg-51484.txt
2013-12-22 00:16 - 2013-12-22 19:18 - 00008192 ___RS C:\BOOTSECT.BAK
2013-12-22 00:16 - 2013-12-22 00:16 - 00000185 _____ C:\WINDOWS\system32\netcfg-34437.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000164 _____ C:\WINDOWS\system32\netcfg-30718.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000161 _____ C:\WINDOWS\system32\netcfg-34109.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000160 _____ C:\WINDOWS\system32\netcfg-33859.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000160 _____ C:\WINDOWS\system32\netcfg-33093.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000160 _____ C:\WINDOWS\system32\netcfg-30531.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000159 _____ C:\WINDOWS\system32\netcfg-32765.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000157 _____ C:\WINDOWS\system32\netcfg-33578.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000157 _____ C:\WINDOWS\system32\netcfg-30109.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000150 _____ C:\WINDOWS\system32\netcfg-32531.txt
2013-12-21 22:00 - 2013-12-23 12:54 - 00001432 _____ C:\WINDOWS\SysWOW64\PCloudCleanerService.log
2013-12-21 21:57 - 2013-12-23 12:13 - 00000000 ____D C:\Users\Brown\AppData\Local\NPE
2013-12-21 21:57 - 2013-12-21 21:57 - 00000000 ____D C:\ProgramData\Norton
2013-12-21 21:57 - 2013-04-08 15:30 - 00022752 _____ C:\WINDOWS\system32\PCloudBroom64.exe
2013-12-21 21:54 - 2013-12-23 12:20 - 00839488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00305504 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00265056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00189792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00168800 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00159584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00142688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00121088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00090944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00089952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00064864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UAGP35.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00061248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbFlt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00049984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umbus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00037216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00034760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBCAMD2.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00028000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00026752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00019808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmiacpi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umpass.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys.bak
2013-12-21 21:54 - 2013-12-23 12:20 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 04185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 03357024 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 02011488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 01936088 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00591360 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00575840 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00531296 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00478048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00412000 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00366432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00274784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00259424 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\1394ohci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00217952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00199520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00168288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00150368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00124768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcmcia.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00114016 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00114016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00109408 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00108896 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sbp2port.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00093536 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00088928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipfltdrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00082784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorClass.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00082784 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sss.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00081760 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rspndr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiex.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00079200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpbCx.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00068960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\GAGP30KX.SYS.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00064352 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00063840 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00057696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00056672 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\megasas.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00051040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00050016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00047632 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00045888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00044896 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\circlass.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssmbios.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00036992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CompositeBus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00035168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filetrace.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RNDISMP.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00031072 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fdc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbatt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00025952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00025472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CmBatt.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npsvctrig.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00021248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kdnic.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00017248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00014688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00014560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipmi.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpitime.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\errdev.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipagr.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidumdf.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidkmdf.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak
2013-12-21 21:54 - 2013-12-23 12:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak
2013-12-21 21:54 - 2013-12-22 14:55 - 00210304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys.bak
2013-12-21 21:54 - 2013-12-22 14:55 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpwd.sys.bak
2013-12-21 21:54 - 2013-12-22 14:55 - 00052464 _____ (IBM Corporation) C:\WINDOWS\system32\Drivers\nfrd960.sys.bak
2013-12-21 21:54 - 2013-12-22 14:55 - 00023792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wd.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00492272 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\adp94xx.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00340720 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\adpahci.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00184048 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\adpu320.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00116976 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_scsi.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00104688 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arc.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\discache.sys.bak
2013-12-21 21:54 - 2013-12-22 14:54 - 00045296 _____ (Intel Corp./ICP vortex GmbH) C:\WINDOWS\system32\Drivers\iirsp.sys.bak
2013-12-21 21:53 - 2013-04-29 08:17 - 00047632 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2013-12-21 21:52 - 2013-12-21 21:52 - 00000000 ___SD C:\32788R22FWJFW
2013-12-21 21:52 - 2013-12-21 21:52 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-12-21 21:49 - 2013-12-21 21:49 - 00003754 _____ C:\ComboFix.txt
2013-12-21 21:46 - 2013-12-21 21:52 - 00000000 ____D C:\WINDOWS\erdnt
2013-12-21 21:45 - 2013-12-21 21:46 - 28230928 _____ (Panda Security ) C:\Users\Brown\Downloads\PandaCloudCleaner.exe
2013-12-21 21:45 - 2013-12-21 21:45 - 03053496 ____N (Symantec Corporation) C:\Users\Brown\Downloads\NPE.exe
2013-12-21 21:44 - 2013-12-21 21:45 - 04359168 _____ C:\Users\Brown\Downloads\RogueKillerX64.exe
2013-12-21 21:40 - 2013-12-22 19:34 - 00000000 ____D C:\WINDOWS\system32\log
2013-12-21 21:40 - 2013-12-21 21:40 - 00000000 ____D C:\Users\Brown\AppData\Roaming\eCyber
2013-12-21 21:35 - 2013-12-24 12:21 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2172578277-3556371044-303664867-1001
2013-12-21 21:35 - 2013-12-21 21:35 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Macromedia
2013-12-21 21:34 - 2013-12-22 15:29 - 00000000 ____D C:\Intel
2013-12-21 21:28 - 2013-12-21 21:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-21 21:27 - 2013-12-23 05:49 - 00000000 ____D C:\Users\Brown\AppData\Local\Packages
2013-12-21 21:27 - 2013-12-22 19:39 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-21 21:27 - 2013-12-22 19:39 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-21 21:27 - 2013-12-22 19:33 - 00000000 ____D C:\ProgramData\PRICache
2013-12-21 21:27 - 2013-12-22 15:32 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Adobe
2013-12-21 21:27 - 2013-12-21 21:27 - 00000000 ____D C:\Users\Brown\AppData\Local\VirtualStore
2013-12-21 21:26 - 2013-12-21 21:26 - 00001027 _____ C:\WINDOWS\system32\netcfg-482046.txt
2013-12-21 21:26 - 2013-12-21 21:26 - 00000199 _____ C:\WINDOWS\system32\netcfg-481843.txt
2013-12-21 21:26 - 2013-12-21 21:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-481921.txt
2013-12-21 21:26 - 2013-12-21 21:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-477750.txt
2013-12-18 20:56 - 2013-12-18 20:56 - 04558848 _____ (Google Inc.) C:\WINDOWS\SysWOW64\GPhotos.scr

 

[Chris Corson]

==================== One Month Modified Files and Folders =======
2013-12-24 12:54 - 2013-12-24 12:54 - 00000000 ____D C:\FRST
2013-12-24 12:54 - 2013-12-23 13:44 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-24 12:34 - 2013-12-22 19:37 - 01237035 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-24 12:33 - 2013-12-23 17:30 - 00000000 ____D C:\Users\Brown\AppData\Roaming\ClassicShell
2013-12-24 12:21 - 2013-12-24 12:21 - 00688992 _____ (Swearware) C:\Users\Brown\Downloads\dds.scr
2013-12-24 12:21 - 2013-12-21 21:35 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2172578277-3556371044-303664867-1001
2013-12-24 12:19 - 2013-12-24 12:34 - 00688992 _____ (Swearware) C:\WINDOWS\system32\dds.com
2013-12-24 12:19 - 2013-12-24 12:33 - 00688992 _____ (Swearware) C:\dds.com
2013-12-24 12:19 - 2013-12-24 12:19 - 00688992 _____ (Swearware) C:\Users\Brown\Downloads\dds.com
2013-12-24 12:16 - 2013-12-22 20:35 - 00003918 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{15DC692E-00EA-4977-AF87-652D4FA70C6D}
2013-12-24 12:15 - 2013-12-23 13:44 - 00002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-24 12:14 - 2013-12-23 13:44 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-24 12:13 - 2013-12-22 21:40 - 00000000 ____D C:\ProgramData\MFAData
2013-12-24 12:13 - 2013-11-14 02:28 - 00818732 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-24 12:08 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-23 19:38 - 2013-12-23 13:02 - 00000000 ____D C:\Users\Brown\AppData\Roaming\iSafe
2013-12-23 19:06 - 2013-12-23 19:01 - 00007785 _____ C:\Users\Brown\Downloads\hijackthis.log
2013-12-23 19:00 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-23 18:58 - 2013-12-23 18:58 - 00388608 _____ (Trend Micro Inc.) C:\Users\Brown\Downloads\HijackThis.exe
2013-12-23 18:23 - 2013-12-22 19:41 - 00000000 __RDO C:\Users\Brown\SkyDrive
2013-12-23 17:37 - 2013-12-23 16:16 - 00003338 _____ C:\WINDOWS\PFRO.log
2013-12-23 15:45 - 2013-12-23 15:45 - 00053248 _____ C:\Users\Brown\Downloads\rmstubby.exe
2013-12-23 15:45 - 2013-12-23 15:45 - 00023552 _____ C:\Users\Brown\Downloads\rmska99.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00065536 _____ C:\Users\Brown\Downloads\rmbugbear.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00025600 _____ C:\Users\Brown\Downloads\rmppark.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00015872 _____ C:\Users\Brown\Downloads\rmveronb.exe
2013-12-23 15:44 - 2013-12-23 15:44 - 00015872 _____ C:\Users\Brown\Downloads\rmveronb (1).exe
2013-12-23 15:43 - 2013-12-23 15:43 - 00049152 _____ C:\Users\Brown\Downloads\rmmydoom_f2.exe
2013-12-23 15:43 - 2013-12-23 15:43 - 00025600 _____ C:\Users\Brown\Downloads\rmlovgte.exe
2013-12-23 15:42 - 2013-12-23 15:42 - 00022528 _____ C:\Users\Brown\Downloads\rmnavida.com
2013-12-23 15:41 - 2013-12-23 15:41 - 00343552 _____ C:\Users\Brown\Downloads\rmvirus32 (1).nt
2013-12-23 15:41 - 2013-12-23 15:41 - 00212004 _____ C:\Users\Brown\Downloads\rmvirus (1).dos
2013-12-23 15:41 - 2013-12-23 15:41 - 00160768 _____ C:\Users\Brown\Downloads\rmvampir.exe
2013-12-23 15:41 - 2013-12-23 15:41 - 00056320 _____ C:\Users\Brown\Downloads\rmlove.exe
2013-12-23 15:41 - 2013-12-23 15:41 - 00027648 _____ C:\Users\Brown\Downloads\rmswen.exe
2013-12-23 15:40 - 2013-12-23 15:40 - 00029696 _____ C:\Users\Brown\Downloads\rmsircam.com
2013-12-23 15:40 - 2013-12-23 15:40 - 00028672 _____ C:\Users\Brown\Downloads\rmganda.exe
2013-12-23 15:40 - 2013-12-23 15:40 - 00028672 _____ C:\Users\Brown\Downloads\rmganda (1).exe
2013-12-23 15:40 - 2013-12-23 15:40 - 00025392 _____ C:\Users\Brown\Downloads\rmvalla.exe
2013-12-23 15:39 - 2013-12-23 15:39 - 00439296 _____ C:\Users\Brown\Downloads\rmluder.nt
2013-12-23 15:39 - 2013-12-23 15:39 - 00348672 _____ C:\Users\Brown\Downloads\rmbg3svx.nt
2013-12-23 15:39 - 2013-12-23 15:39 - 00258310 _____ C:\Users\Brown\Downloads\rmluder.dos
2013-12-23 15:39 - 2013-12-23 15:39 - 00226816 _____ C:\Users\Brown\Downloads\rmluder.exe
2013-12-23 15:39 - 2013-12-23 15:39 - 00162304 _____ C:\Users\Brown\Downloads\rmbg3svx.exe
2013-12-23 15:38 - 2013-12-23 15:38 - 00339968 _____ C:\Users\Brown\Downloads\rmelkern.exe
2013-12-23 15:38 - 2013-12-23 15:38 - 00287744 _____ C:\Users\Brown\Downloads\rmvirus32.nt
2013-12-23 15:38 - 2013-12-23 15:38 - 00189104 _____ C:\Users\Brown\Downloads\rmvirus.dos
2013-12-23 15:36 - 2013-12-23 15:36 - 00027648 _____ C:\Users\Brown\Downloads\rmmag.exe
2013-12-23 15:35 - 2013-12-23 15:35 - 03454000 _____ C:\Users\Brown\Downloads\avg_remover_virut (1).exe
2013-12-23 15:35 - 2013-12-23 15:35 - 00025968 _____ C:\Users\Brown\Downloads\rmdptor.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 03454000 _____ C:\Users\Brown\Downloads\avg_remover_virut.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 02810112 _____ C:\Users\Brown\Downloads\avg_remover_dundun.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 02175816 _____ C:\Users\Brown\Downloads\avg_remover_alman.exe
2013-12-23 15:34 - 2013-12-23 15:34 - 01258032 _____ C:\Users\Brown\Downloads\avg_remover_bootkit.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_hidrag.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 03411504 _____ C:\Users\Brown\Downloads\avg_remover_expiro.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 02899016 _____ C:\Users\Brown\Downloads\avg_remover_chir.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 02774272 _____ C:\Users\Brown\Downloads\avg_remover_mabezat.exe
2013-12-23 15:33 - 2013-12-23 15:33 - 00339968 _____ C:\Users\Brown\Downloads\avg_remover_kriz.exe
2013-12-23 15:32 - 2013-12-23 15:32 - 04434760 _____ C:\Users\Brown\Downloads\avg_remover_murof.exe
2013-12-23 15:32 - 2013-12-23 15:32 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_neshta.exe
2013-12-23 15:31 - 2013-12-23 15:31 - 02774272 _____ C:\Users\Brown\Downloads\avg_remover_parite (1).exe
2013-12-23 15:31 - 2013-12-23 15:31 - 01279536 _____ C:\Users\Brown\Downloads\avg_remover_nimda.exe
2013-12-23 15:30 - 2013-12-23 15:30 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_prepender.exe
2013-12-23 15:30 - 2013-12-23 15:30 - 02774272 _____ C:\Users\Brown\Downloads\avg_remover_parite.exe
2013-12-23 15:30 - 2013-12-23 15:30 - 02765056 _____ C:\Users\Brown\Downloads\avg_remover_protector.exe
2013-12-23 15:28 - 2013-12-23 15:28 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_serpip.exe
2013-12-23 15:28 - 2013-12-23 15:28 - 03448880 _____ C:\Users\Brown\Downloads\avg_remover_slt.exe
2013-12-23 15:28 - 2013-12-23 15:28 - 02229064 _____ C:\Users\Brown\Downloads\avg_remover_selges.exe
2013-12-23 15:27 - 2013-12-23 15:27 - 02905928 _____ C:\Users\Brown\Downloads\avg_remover_slugin.exe
2013-12-23 15:27 - 2013-12-23 15:26 - 02550272 _____ C:\Users\Brown\Downloads\avg_remover_tanatos.exe
2013-12-23 15:26 - 2013-12-23 15:26 - 03415088 _____ C:\Users\Brown\Downloads\avg_remover_zeroaccess.exe
2013-12-23 15:26 - 2013-12-23 15:26 - 02135368 _____ C:\Users\Brown\Downloads\avg_remover_bamital.exe
2013-12-23 15:25 - 2013-12-23 15:25 - 03640880 _____ C:\Users\Brown\Downloads\avg_remover_zbot.exe
2013-12-23 15:25 - 2013-12-23 15:25 - 03429912 _____ C:\Users\Brown\Downloads\avg_remover_gaelicum.exe
2013-12-23 15:25 - 2013-12-23 15:25 - 03412016 _____ C:\Users\Brown\Downloads\avg_remover_downadup.exe
2013-12-23 15:18 - 2013-12-23 13:51 - 00000000 ____D C:\Users\Brown\AppData\Roaming\vlc
2013-12-23 15:16 - 2013-12-23 15:16 - 00001793 _____ C:\Users\Public\Desktop\YAC.lnk
2013-12-23 15:16 - 2013-12-23 14:39 - 00000000 ____D C:\Program Files (x86)\iSafe
2013-12-23 15:15 - 2013-12-23 15:15 - 00003126 _____ C:\WINDOWS\System32\Tasks\{EBFE3C06-40BA-4D8D-B9D0-FC0748C052FA}
2013-12-23 15:07 - 2013-12-23 13:44 - 00000000 ____D C:\Users\Brown\AppData\Local\Google
2013-12-23 15:05 - 2013-12-23 15:05 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-23 15:05 - 2013-12-23 15:05 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-23 15:05 - 2013-12-22 14:38 - 00000000 ____D C:\Users\Brown\Desktop\Essentials
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Users\Brown\AppData\Local\Apple
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\ProgramData\Apple
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Program Files\Bonjour
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-23 15:04 - 2013-12-23 15:04 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-23 15:01 - 2013-12-23 15:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-23 15:01 - 2013-12-23 15:01 - 00000000 ____D C:\WINDOWS\Panther
2013-12-23 15:01 - 2013-12-23 13:51 - 00000000 ____D C:\ProgramData\Skype
2013-12-23 14:55 - 2013-12-23 03:50 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-12-23 14:43 - 2013-12-23 14:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2013-12-23 14:41 - 2013-12-23 13:59 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-23 14:41 - 2013-12-23 13:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-23 14:39 - 2013-12-23 14:39 - 00000911 _____ C:\WINDOWS\wininit.ini
2013-12-23 14:16 - 2013-12-23 14:16 - 00450664 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20131223-141655.backup
2013-12-23 14:16 - 2013-12-23 14:16 - 00450664 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20131223-141643.backup
2013-12-23 14:05 - 2013-12-23 14:05 - 00000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2013-12-23 14:00 - 2013-12-23 14:00 - 00000000 ____D C:\Users\Brown\AppData\Local\CrashDumps
2013-12-23 13:57 - 2013-12-23 13:44 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-23 13:54 - 2013-12-23 13:54 - 00001835 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2013-12-23 13:54 - 2013-12-23 13:54 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Spotify
2013-12-23 13:53 - 2013-12-23 13:53 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-12-23 13:51 - 2013-12-23 13:51 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-23 13:51 - 2013-12-23 13:51 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-12-23 13:50 - 2013-12-23 13:50 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-23 13:50 - 2013-12-23 13:50 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-12-23 13:49 - 2013-12-23 13:49 - 00000000 ____D C:\Program Files (x86)\GUMF4FD.tmp
2013-12-23 13:49 - 2013-12-23 13:44 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-23 13:49 - 2013-12-23 13:44 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Winamp
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Users\Brown\AppData\Roaming\MediaMonkey
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-12-23 13:48 - 2013-12-23 13:48 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-12-23 13:48 - 2013-12-22 14:14 - 00000000 ____D C:\Program Files (x86)\HDD Regenerator
2013-12-23 13:47 - 2013-12-23 17:30 - 00002171 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files\WinRAR
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files\Classic Shell
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files\7-Zip
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-23 13:47 - 2013-12-23 13:47 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-12-23 13:47 - 2013-12-23 13:46 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-12-23 13:46 - 2013-12-23 13:46 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-12-23 13:46 - 2013-12-23 13:46 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-12-23 13:46 - 2013-12-23 13:46 - 00000000 ____D C:\Program Files\Java
2013-12-23 13:46 - 2013-12-23 13:45 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-12-23 13:45 - 2013-12-23 13:45 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-12-23 13:45 - 2013-12-23 13:45 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-12-23 13:45 - 2013-12-23 13:45 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-23 13:45 - 2013-12-23 13:44 - 00000000 ____D C:\Program Files (x86)\GUMB874.tmp
2013-12-23 13:40 - 2013-12-23 13:40 - 00003078 _____ C:\WINDOWS\System32\Tasks\{ACFB431C-8D0F-4B24-87CF-36B6ACBDB34C}
2013-12-23 13:39 - 2013-12-23 13:38 - 09117752 _____ C:\Users\Brown\Downloads\yet_another_cleaner.exe
2013-12-23 13:26 - 2013-08-22 09:44 - 00335784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-23 13:23 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-23 13:22 - 2013-12-22 14:25 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-12-23 13:19 - 2013-12-23 14:16 - 00000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20131223-141630.backup
2013-12-23 13:18 - 2012-07-26 00:26 - 00000128 _____ C:\WINDOWS\win.ini
2013-12-23 13:12 - 2013-12-22 14:31 - 00818732 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2013-12-23 12:55 - 2013-12-23 12:55 - 00047104 ___SH C:\Users\Brown\Desktop\Thumbs.db
2013-12-23 12:54 - 2013-12-21 22:00 - 00001432 _____ C:\WINDOWS\SysWOW64\PCloudCleanerService.log
2013-12-23 12:20 - 2013-12-22 20:06 - 00232576 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vmc412.sys.bak
2013-12-23 12:20 - 2013-12-22 20:06 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys.bak
2013-12-23 12:20 - 2013-12-22 20:06 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys.bak
2013-12-23 12:20 - 2013-12-22 20:06 - 00013696 _____ (Vimicro Corporation) C:\WINDOWS\system32\Drivers\vmuacflt.sys.bak
2013-12-23 12:20 - 2013-12-22 20:05 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00839488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00305504 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00265056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00189792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00168800 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00159584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00142688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00121088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00090944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00089952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00064864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UAGP35.SYS.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00061248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbFlt.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00049984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umbus.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00037216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00034760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBCAMD2.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00028000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00026752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00019808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmiacpi.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umpass.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys.bak
2013-12-23 12:20 - 2013-12-21 21:54 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys.bak
2013-12-23 12:20 - 2012-07-26 00:26 - 00000741 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_609
2013-12-23 12:19 - 2013-12-23 12:19 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS.bak
2013-12-23 12:19 - 2013-12-23 02:16 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2013-12-23 12:19 - 2013-12-23 00:58 - 00089304 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00252728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00194872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys.bak
2013-12-23 12:19 - 2013-12-23 00:55 - 00020496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys.bak
2013-12-23 12:19 - 2013-12-23 00:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-23 12:19 - 2013-12-22 20:05 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00651248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAV.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00342528 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00269968 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00099320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00081760 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas3.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00039320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\intelaud.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00027032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iwdbus.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00024568 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00017720 _____ C:\WINDOWS\system32\Drivers\EMSC.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00017624 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys.bak
2013-12-23 12:19 - 2013-12-22 20:05 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys.bak
2013-12-23 12:19 - 2013-12-22 20:04 - 00782176 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 04185600 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 03357024 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 02011488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 01936088 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00591360 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00575840 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00531296 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00478048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00412000 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00366432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00274784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00259424 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\1394ohci.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00217952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00199520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00168288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00150368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00124768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcmcia.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00114016 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00114016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00109408 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00108896 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sbp2port.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00093536 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00088928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipfltdrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00082784 _____ (Microsoft Corporation)

 

[Chris Corson]

2013-12-23 12:19 - 2013-12-21 21:54 - 00082784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorClass.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00082784 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sss.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00081760 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rspndr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiex.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00079200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpbCx.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00068960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\GAGP30KX.SYS.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00064352 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00063840 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00057696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00056672 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\megasas.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00051040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00050016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00047632 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00045888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00044896 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\circlass.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssmbios.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00036992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CompositeBus.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00035168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filetrace.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RNDISMP.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00031072 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fdc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbatt.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00025952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00025472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CmBatt.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npsvctrig.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00021248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kdnic.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00017248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00014688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00014560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipmi.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpitime.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\errdev.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipagr.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidumdf.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidkmdf.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak
2013-12-23 12:19 - 2013-12-21 21:54 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak
2013-12-23 12:13 - 2013-12-21 21:57 - 00000000 ____D C:\Users\Brown\AppData\Local\NPE
2013-12-23 11:54 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-23 05:49 - 2013-12-21 21:27 - 00000000 ____D C:\Users\Brown\AppData\Local\Packages
2013-12-23 05:13 - 2013-12-23 05:13 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Comodo
2013-12-23 05:09 - 2012-07-26 00:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-23 05:05 - 2013-12-23 05:05 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2013-12-23 04:23 - 2013-12-23 04:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\IObit
2013-12-23 04:23 - 2013-12-23 04:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\IObit
2013-12-23 03:48 - 2013-12-23 03:48 - 00000000 ____D C:\Users\Brown\Downloads\tdsskiller
2013-12-23 03:46 - 2013-12-23 03:46 - 04101441 _____ C:\Users\Brown\Downloads\tdsskiller.zip
2013-12-23 03:46 - 2013-12-23 03:46 - 00002374 _____ C:\WINDOWS\System32\Tasks\ASC7U_SkipUac_Brown
2013-12-23 02:37 - 2013-12-23 02:37 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Brown\Downloads\tdsskiller.exe
2013-12-23 02:35 - 2013-12-23 02:00 - 00000000 ____D C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2013-12-23 02:31 - 2013-12-22 20:17 - 00000630 _____ C:\WINDOWS\SysWOW64\BroomData.bit
2013-12-23 02:11 - 2013-12-22 19:32 - 00000000 ____D C:\Users\Brown
2013-12-23 02:02 - 2013-12-23 01:59 - 00000000 ____D C:\AdwCleaner
2013-12-23 01:55 - 2013-12-23 01:55 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-23 01:45 - 2013-12-23 01:45 - 01034531 _____ (Thisisu) C:\Users\Brown\Downloads\JRT.exe
2013-12-23 01:13 - 2013-12-23 01:13 - 00000000 ____D C:\Users\Brown\Downloads\mbam-chameleon-1.62.1.1000
2013-12-23 01:13 - 2013-12-23 01:13 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Malwarebytes
2013-12-23 01:13 - 2013-12-23 01:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-23 01:06 - 2013-12-22 15:22 - 00000000 ____D C:\WINDOWS\jmesoft
2013-12-23 00:50 - 2013-12-23 00:50 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-23 00:47 - 2013-12-23 00:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-23 00:43 - 2013-12-23 00:42 - 00000000 ____D C:\ProgramData\ProductData
2013-12-23 00:43 - 2013-12-23 00:42 - 00000000 ____D C:\ProgramData\IObit
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\Users\Brown\AppData\Roaming\IObit
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Apple Computer
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-12-23 00:42 - 2013-12-23 00:42 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-23 00:35 - 2013-12-23 00:35 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Brown\Downloads\mbar-1.07.0.1008.exe
2013-12-23 00:24 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\rkill.scr
2013-12-23 00:24 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\iExplore.exe
2013-12-23 00:24 - 2013-12-23 00:24 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\eXplorer.exe
2013-12-23 00:24 - 2013-12-23 00:23 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\WiNlOgOn.exe
2013-12-23 00:24 - 2013-12-23 00:23 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\Brown\Downloads\uSeRiNiT.exe
2013-12-22 22:53 - 2013-12-22 14:11 - 00000000 ____D C:\Users\Brown\AppData\Roaming\uTorrent
2013-12-22 22:42 - 2013-12-22 22:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-22 22:42 - 2013-12-22 22:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-22 22:28 - 2013-12-22 22:28 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-22 22:28 - 2013-12-22 22:28 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-22 22:28 - 2013-08-22 10:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-12-22 22:27 - 2013-12-22 22:27 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-22 22:27 - 2013-12-22 22:27 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-22 22:27 - 2013-12-22 22:27 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-22 22:27 - 2013-12-22 22:27 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-22 22:27 - 2013-12-22 22:27 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-22 22:27 - 2013-12-22 22:27 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-22 22:27 - 2013-12-22 22:27 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-22 22:27 - 2013-12-22 22:27 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-22 22:27 - 2013-12-22 22:27 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-22 22:27 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-22 22:27 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-22 22:27 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-22 22:27 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-22 22:27 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-22 22:26 - 2013-12-22 22:26 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-22 21:58 - 2013-12-22 21:40 - 00000000 ____D C:\Users\Brown\AppData\Local\Avg2014
2013-12-22 21:44 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-22 21:42 - 2013-12-22 21:42 - 00000000 ____D C:\Users\Brown\AppData\Roaming\AVG2014
2013-12-22 21:42 - 2013-12-22 21:41 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-22 21:41 - 2013-12-22 21:41 - 00000000 ____D C:\Users\Brown\AppData\Roaming\TuneUp Software
2013-12-22 21:41 - 2013-12-22 21:41 - 00000000 ____D C:\Program Files (x86)\AVG
2013-12-22 21:41 - 2013-12-22 21:41 - 00000000 ____D C:\$AVG
2013-12-22 21:41 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2013-12-22 21:40 - 2013-12-22 21:40 - 00000000 ____D C:\Users\Brown\Downloads\wsusoffline88
2013-12-22 21:40 - 2013-12-22 21:40 - 00000000 ____D C:\Users\Brown\AppData\Local\MFAData
2013-12-22 21:37 - 2013-12-22 21:36 - 01973047 _____ C:\Users\Brown\Downloads\wsusoffline88.zip
2013-12-22 21:29 - 2013-12-22 21:29 - 00000000 ___SD C:\Users\Brown\Documents\Passwords Database
2013-12-22 21:29 - 2013-12-22 21:18 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-22 20:33 - 2013-12-22 20:33 - 00000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-22 20:32 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-12-22 20:06 - 2013-12-22 20:05 - 00072688 _____ (ENE TECHNOLOGY INC.) C:\WINDOWS\system32\Drivers\enecir.sys.bak
2013-12-22 20:06 - 2013-12-22 20:05 - 00025296 _____ (ENE TECHNOLOGY INC.) C:\WINDOWS\system32\Drivers\enecirhid.sys.bak
2013-12-22 19:39 - 2013-12-22 19:39 - 00001443 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-22 19:39 - 2013-12-22 19:39 - 00000020 ___SH C:\Users\Brown\ntuser.ini
2013-12-22 19:39 - 2013-12-21 21:27 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-22 19:39 - 2013-12-21 21:27 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-22 19:38 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-22 19:37 - 2013-12-22 19:37 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-22 19:37 - 2013-12-22 19:32 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2013-12-22 19:37 - 2013-12-22 19:32 - 00020958 _____ C:\WINDOWS\diagerr.xml
2013-12-22 19:37 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-22 19:35 - 2013-08-22 10:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-22 19:35 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\Public\Libraries
2013-12-22 19:34 - 2013-12-21 21:40 - 00000000 ____D C:\WINDOWS\system32\log
2013-12-22 19:33 - 2013-12-22 19:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-22 19:33 - 2013-12-22 19:33 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-22 19:33 - 2013-12-22 19:33 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-22 19:33 - 2013-12-22 19:32 - 00000000 ___RD C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-22 19:33 - 2013-12-22 19:30 - 00000000 ____D C:\Program Files (x86)\Intel
2013-12-22 19:33 - 2013-12-22 15:23 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-12-22 19:33 - 2013-12-21 21:27 - 00000000 ____D C:\ProgramData\PRICache
2013-12-22 19:33 - 2013-11-14 02:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-22 19:33 - 2013-11-14 02:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-22 19:33 - 2013-11-14 02:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-22 19:33 - 2013-08-22 10:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ___SD C:\Program Files\Windows Sidebar
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ___SD C:\Program Files (x86)\Windows Sidebar
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-22 19:33 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-22 19:33 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-22 19:31 - 2013-12-22 00:18 - 00000000 ____D C:\Recovery
2013-12-22 19:31 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-22 19:30 - 2013-12-22 19:30 - 00000000 ____D C:\WINDOWS\VMC412
2013-12-22 19:29 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Default
2013-12-22 19:18 - 2013-12-22 00:16 - 00008192 ___RS C:\BOOTSECT.BAK
2013-12-22 19:03 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-22 16:45 - 2013-12-22 16:45 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2013-12-22 16:44 - 2013-12-22 16:44 - 00015772 _____ C:\WINDOWS\system32\results.xml
2013-12-22 16:35 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Win864
2013-12-22 16:35 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Win832
2013-12-22 15:32 - 2013-12-22 15:32 - 00000000 ____D C:\Users\Brown\AppData\Local\Adobe
2013-12-22 15:32 - 2013-12-22 15:32 - 00000000 ____D C:\ProgramData\Adobe
2013-12-22 15:32 - 2013-12-22 15:32 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-22 15:32 - 2013-12-22 15:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-22 15:32 - 2013-12-21 21:27 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Adobe
2013-12-22 15:31 - 2013-12-22 15:22 - 00000000 ____D C:\ProgramData\Intel
2013-12-22 15:29 - 2013-12-21 21:34 - 00000000 ____D C:\Intel
2013-12-22 15:28 - 2013-12-22 15:28 - 00000000 ____D C:\ProgramData\lenovo Cam_Win8 V93
2013-12-22 15:28 - 2013-12-22 15:28 - 00000000 ____D C:\Program Files (x86)\Vimicro Corporation
2013-12-22 15:28 - 2013-12-22 15:18 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-12-22 15:27 - 2013-12-22 15:27 - 00000000 ____D C:\Program Files\H339 DVBT TVtunner Driver
2013-12-22 15:27 - 2013-12-22 15:27 - 00000000 ____D C:\Program Files (x86)\H339 ATSC TVtunner Driver
2013-12-22 15:27 - 2013-12-22 15:24 - 00000000 ____D C:\Program Files (x86)\AVerMedia
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\XP32
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Win764
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Win732
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Vista64
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\ProgramData\Vista32
2013-12-22 15:26 - 2013-12-22 15:26 - 00000000 ____D C:\Compal Embedded System Control
2013-12-22 15:25 - 2013-12-22 15:25 - 00000117 _____ C:\WINDOWS\system32\netcfg-1523218.txt
2013-12-22 15:25 - 2013-12-22 15:25 - 00000117 _____ C:\WINDOWS\system32\netcfg-1521046.txt
2013-12-22 15:25 - 2013-12-22 15:25 - 00000088 _____ C:\WINDOWS\system32\netcfg-1523421.txt
2013-12-22 15:25 - 2013-12-22 15:25 - 00000000 ____D C:\Users\Brown\AppData\Roaming\InstallShield
2013-12-22 15:25 - 2013-12-22 15:23 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-22 15:25 - 2013-12-22 15:18 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-12-22 15:23 - 2013-12-22 15:23 - 00000000 ____D C:\Program Files\DIFX
2013-12-22 15:21 - 2013-12-22 15:21 - 00000000 ____D C:\Program Files\Intel
2013-12-22 15:15 - 2013-12-22 15:10 - 88575992 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100538.exe
2013-12-22 15:14 - 2013-12-22 15:12 - 10249000 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100453 (2).exe
2013-12-22 15:14 - 2013-12-22 15:12 - 10249000 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100453 (1).exe
2013-12-22 15:14 - 2013-12-22 15:11 - 18918728 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100391.exe
2013-12-22 15:14 - 2013-12-22 15:11 - 10249000 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100453.exe
2013-12-22 15:14 - 2013-12-22 15:10 - 31058552 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100358.exe
2013-12-22 15:13 - 2013-12-22 15:13 - 03088144 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100457.exe
2013-12-22 15:13 - 2013-12-22 15:13 - 03086720 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100456.exe
2013-12-22 15:13 - 2013-12-22 15:13 - 01025984 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100378 (1).exe
2013-12-22 15:13 - 2013-12-22 15:11 - 14524840 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100408_64.exe
2013-12-22 15:13 - 2013-12-22 15:10 - 11005168 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100493.exe
2013-12-22 15:13 - 2013-12-22 15:10 - 11005168 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100493 (1).exe
2013-12-22 15:13 - 2013-12-22 15:10 - 07606648 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100376.exe
2013-12-22 15:12 - 2013-12-22 15:12 - 01025984 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100378.exe
2013-12-22 15:12 - 2013-12-22 15:11 - 03906688 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100409_64.exe
2013-12-22 15:12 - 2013-12-22 15:11 - 03173184 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100263.exe
2013-12-22 15:12 - 2013-12-22 15:10 - 02079072 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100363 (1).exe
2013-12-22 15:11 - 2013-12-22 15:10 - 03366776 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100397.exe
2013-12-22 15:11 - 2013-12-22 15:10 - 02079072 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100363.exe
2013-12-22 15:11 - 2013-12-22 15:10 - 01542552 _____ (Lenovo Group Limited ) C:\Users\Brown\Downloads\h1100356.exe
2013-12-22 15:09 - 2013-12-22 15:08 - 35792064 _____ (Lenovo Group Limited) C:\Users\Brown\Downloads\lscsetup_x64_23002.exe
2013-12-22 14:55 - 2013-12-21 21:54 - 00210304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys.bak
2013-12-22 14:55 - 2013-12-21 21:54 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpwd.sys.bak
2013-12-22 14:55 - 2013-12-21 21:54 - 00052464 _____ (IBM Corporation) C:\WINDOWS\system32\Drivers\nfrd960.sys.bak
2013-12-22 14:55 - 2013-12-21 21:54 - 00023792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wd.sys.bak
2013-12-22 14:54 - 2013-12-22 14:54 - 00033512 _____ C:\WINDOWS\system32\Drivers\DasPtct.SYS.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00492272 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\adp94xx.sys.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00340720 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\adpahci.sys.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00184048 _____ (Adaptec, Inc.) C:\WINDOWS\system32\Drivers\adpu320.sys.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00116976 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_scsi.sys.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00104688 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arc.sys.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\discache.sys.bak
2013-12-22 14:54 - 2013-12-21 21:54 - 00045296 _____ (Intel Corp./ICP vortex GmbH) C:\WINDOWS\system32\Drivers\iirsp.sys.bak
2013-12-22 14:24 - 2013-12-22 14:24 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-FAMILY-Microsoft-Windows-8-(64-bit).dat
2013-12-22 14:22 - 2013-12-22 14:22 - 00000000 ____D C:\RegBackup
2013-12-22 14:17 - 2013-12-22 14:17 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-12-22 14:14 - 2013-12-22 14:14 - 00000000 ____D C:\Users\Brown\AppData\Local\Downloaded Installations
2013-12-22 14:13 - 2013-12-22 14:13 - 05045639 _____ C:\Users\Brown\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-12-22 14:11 - 2013-12-22 14:11 - 00000829 _____ C:\Users\Brown\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-12-22 00:17 - 2013-12-22 00:17 - 00001136 _____ C:\WINDOWS\system32\netcfg-48453.txt
2013-12-22 00:17 - 2013-12-22 00:17 - 00001135 _____ C:\WINDOWS\system32\netcfg-37093.txt
2013-12-22 00:17 - 2013-12-22 00:17 - 00000197 _____ C:\WINDOWS\system32\netcfg-51484.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000185 _____ C:\WINDOWS\system32\netcfg-34437.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000164 _____ C:\WINDOWS\system32\netcfg-30718.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000161 _____ C:\WINDOWS\system32\netcfg-34109.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000160 _____ C:\WINDOWS\system32\netcfg-33859.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000160 _____ C:\WINDOWS\system32\netcfg-33093.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000160 _____ C:\WINDOWS\system32\netcfg-30531.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000159 _____ C:\WINDOWS\system32\netcfg-32765.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000157 _____ C:\WINDOWS\system32\netcfg-33578.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000157 _____ C:\WINDOWS\system32\netcfg-30109.txt
2013-12-22 00:16 - 2013-12-22 00:16 - 00000150 _____ C:\WINDOWS\system32\netcfg-32531.txt
2013-12-21 21:57 - 2013-12-21 21:57 - 00000000 ____D C:\ProgramData\Norton
2013-12-21 21:55 - 2012-07-26 00:26 - 00000741 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_893
2013-12-21 21:52 - 2013-12-21 21:52 - 00000000 ___SD C:\32788R22FWJFW
2013-12-21 21:52 - 2013-12-21 21:52 - 00000000 ____D C:\Program Files (x86)\Panda Security
2013-12-21 21:52 - 2013-12-21 21:46 - 00000000 ____D C:\WINDOWS\erdnt
2013-12-21 21:49 - 2013-12-21 21:49 - 00003754 _____ C:\ComboFix.txt
2013-12-21 21:48 - 2012-07-26 00:26 - 00000215 _____ C:\WINDOWS\system.ini
2013-12-21 21:46 - 2013-12-21 21:45 - 28230928 _____ (Panda Security ) C:\Users\Brown\Downloads\PandaCloudCleaner.exe
2013-12-21 21:45 - 2013-12-21 21:45 - 03053496 ____N (Symantec Corporation) C:\Users\Brown\Downloads\NPE.exe
2013-12-21 21:45 - 2013-12-21 21:44 - 04359168 _____ C:\Users\Brown\Downloads\RogueKillerX64.exe
2013-12-21 21:40 - 2013-12-21 21:40 - 00000000 ____D C:\Users\Brown\AppData\Roaming\eCyber
2013-12-21 21:35 - 2013-12-21 21:35 - 00000000 ____D C:\Users\Brown\AppData\Roaming\Macromedia
2013-12-21 21:28 - 2013-12-21 21:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-21 21:27 - 2013-12-21 21:27 - 00000000 ____D C:\Users\Brown\AppData\Local\VirtualStore
2013-12-21 21:26 - 2013-12-21 21:26 - 00001027 _____ C:\WINDOWS\system32\netcfg-482046.txt
2013-12-21 21:26 - 2013-12-21 21:26 - 00000199 _____ C:\WINDOWS\system32\netcfg-481843.txt
2013-12-21 21:26 - 2013-12-21 21:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-481921.txt
2013-12-21 21:26 - 2013-12-21 21:26 - 00000117 _____ C:\WINDOWS\system32\netcfg-477750.txt
2013-12-18 20:56 - 2013-12-18 20:56 - 04558848 _____ (Google Inc.) C:\WINDOWS\SysWOW64\GPhotos.scr
2013-12-03 19:05 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-03 19:05 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 14:42 - 2013-12-22 15:31 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-01 08:10 - 2013-12-23 13:53 - 00257624 _____ C:\WINDOWS\system32\unrar64.dll
2013-12-01 08:10 - 2013-12-23 13:53 - 00218200 _____ C:\WINDOWS\SysWOW64\unrar.dll
2013-11-26 12:25 - 2013-12-22 14:44 - 00267936 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-22 19:29
==================== End Of Log ============================

 

[Chris Corson]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2013 01
Ran by Brown at 2013-12-24 12:56:14
Running from C:\Users\Brown\AppData\Local\Microsoft\Windows\INetCache\IE\4807UF27
Boot Mode: Normal
==========================================================

==================== Security Center ========================
AV: AVG AntiVirus 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
µTorrent (HKCU Version: 3.3.2.30416)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.9.0.1380)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.7.148)
Apple Application Support (x32 Version: 2.3.6)
Apple Software Update (x32 Version: 2.1.3.127)
Audacity 2.0.5 (x32 Version: 2.0.5)
AVerMedia H334 MiniCard Hybrid TV Tuner 10.2.64.70 (x32 Version: 10.2.64.70)
AVerMedia H339 Hybrid Analog/ATSC/QAM 2.2.64.82 (x32 Version: 2.2.64.82)
AVerMedia H339 Hybrid Analog/DVBT 2.2.64.82 (x32 Version: 2.2.64.82)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
Bonjour (Version: 3.0.0.10)
Classic Shell (Version: 4.0.2)
EMSC (x32 Version: 0.0.0.24C)
ENE CIR Receiver Driver (Version: 4.0.0.0)
Google Chrome (x32 Version: 65.156.32831)
Google Earth (x32 Version: 7.1.2.2041)
Google Update Helper (x32 Version: 1.3.22.3)
Hulu Desktop (HKCU Version: 0.9.14)
ImgBurn (x32 Version: 2.5.8.0)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3316)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
K-Lite Codec Pack 10.2.0 Full (x32 Version: 10.2.0)
Lenovo Blacksilk USB Keyboard Driver (x32 Version: V1.4.11.0608)
Lenovo Silver Silk Wireless Keyboard (x32 Version: 1.03)
Lenovo USB2.0 UVC Camera (x32 Version: 1.00.0000)
Lenovo_Wireless_Driver (x32 Version: 10.00.75)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MediaMonkey 4.0 (x32 Version: 4.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Panda Cloud Cleaner (x32 Version: 1.0.85)
Picasa 3 (x32 Version: 3.9)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.29029)
Skype™ 6.11 (x32 Version: 6.11.102)
Spotify (HKCU Version: 0.9.6.81.gd359a796)
Steam (x32)
SUPERAntiSpyware (x32 Version: 5.7.1016)
swMSM (x32 Version: 12.0.0.1)
Tweaking.com - Windows Repair (All in One) (x32 Version: 2.1.0)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
VLC media player 2.1.2 (x32 Version: 2.1.2)
Winamp (x32 Version: 5.666 )
WinRAR 5.01 (64-bit) (Version: 5.01.0)
YAC (x32)
Yahoo! Messenger (x32)
==================== Restore Points =========================
23-12-2013 01:32:52 Windows Update
==================== Hosts content: ==========================
2012-07-26 00:26 - 2013-12-23 14:16 - 00450664 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {108FCD0D-18CD-44BA-839F-B44FDED65F53} - System32\Tasks\ASC7U_SkipUac_Brown => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E7B1595-167C-4B6D-8B1D-CB5F84C5A012} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-23] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8C74AD5C-ACBD-4EDF-82B3-2F3A02EC1221} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B087BB56-0FD8-47B9-80AD-9CDC74F6ABDF} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\System32\oobe\setupsqm.exe [2013-08-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D9B19B3C-83DC-47F4-ADB4-58539F33C31F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-23] (Google Inc.)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-23 13:59 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-23 13:59 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-23 13:59 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-23 13:59 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-23 13:59 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-12-22 15:21 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-23 14:39 - 2013-12-19 02:12 - 00185000 _____ () C:\Program Files (x86)\iSafe\libpng.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\Users\Brown\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00095294.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\05289865.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\08939629.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09524282.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\11226484.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13882617.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\14058706.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\23141775.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\23360036.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\25145629.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27753723.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\35893354.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\36384445.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\43738985.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\47828499.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\49875317.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\54988181.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56777180.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58317080.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60322857.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60566522.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\64108381.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66180375.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68826867.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68983019.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70485074.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77188690.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80127601.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80323721.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\82304942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\86052492.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90891717.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\91111443.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92317356.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93692476.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00095294.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\05289865.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\08939629.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09524282.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\11226484.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13882617.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\14058706.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\23141775.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\23360036.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\25145629.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27753723.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\35893354.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\36384445.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\43738985.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\47828499.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\49875317.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\54988181.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56777180.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58317080.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60322857.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60566522.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\64108381.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66180375.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68826867.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68983019.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70485074.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77188690.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80127601.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80323721.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\82304942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\86052492.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\90891717.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\91111443.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92317356.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93692476.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"
==================== Faulty Device Manager Devices =============
Name: ENE CIR Receiver
Description: ENE CIR Receiver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: ENE
Service: enecir
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

==================== Event log errors: =========================
Application errors:
==================
Error: (12/23/2013 06:06:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: FAMILY)
Description: Activation of app DefaultBrowser_NOPUBLISHERID!Chrome failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/23/2013 03:07:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: FAMILY)
Description: Activation of app DefaultBrowser_NOPUBLISHERID!Chrome failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/23/2013 03:05:08 PM) (Source: MsiInstaller) (User: FAMILY)
Description: Product: Apple Application Support -- A later version of Apple Application Support is already installed on this computer.
Error: (12/23/2013 02:40:02 PM) (Source: iSafeService) (User: )
Description: iSafeService error: 1063StartServiceCtrlDispatcher failed. ErrorCode=1063
Error: (12/23/2013 02:18:45 PM) (Source: iSafeService) (User: )
Description: iSafeService error: 1063StartServiceCtrlDispatcher failed. ErrorCode=1063
Error: (12/23/2013 02:08:42 PM) (Source: iSafeService) (User: )
Description: iSafeService error: 1063StartServiceCtrlDispatcher failed. ErrorCode=1063
Error: (12/23/2013 02:00:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: iSafeTray.exe, version: 3.7.39.6114, time stamp: 0x52b29bcd
Faulting module name: combase.dll, version: 6.3.9600.16408, time stamp: 0x523d3001
Exception code: 0xc0000005
Fault offset: 0x000058d5
Faulting process id: 0xe94
Faulting application start time: 0xiSafeTray.exe0
Faulting application path: iSafeTray.exe1
Faulting module path: iSafeTray.exe2
Report Id: iSafeTray.exe3
Faulting package full name: iSafeTray.exe4
Faulting package-relative application ID: iSafeTray.exe5
Error: (12/23/2013 01:57:12 PM) (Source: MsiInstaller) (User: FAMILY)
Description: Product: Apple Application Support -- Error 1406. Could not write value APSDaemon to key \SOFTWARE\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (12/23/2013 01:56:33 PM) (Source: MsiInstaller) (User: FAMILY)
Description: Product: Apple Application Support -- Error 1406. Could not write value APSDaemon to key \SOFTWARE\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (12/23/2013 01:52:15 PM) (Source: MsiInstaller) (User: FAMILY)
Description: Product: Skype™ 6.11 -- Error 1406. Could not write value Skype to key \Software\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.

System errors:
=============
Error: (12/24/2013 00:15:42 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).
Error: (12/24/2013 00:15:27 PM) (Source: DCOM) (User: FAMILY)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/24/2013 00:11:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB2267602 (Definition 1.165.566.0).
Error: (12/24/2013 00:11:07 PM) (Source: Service Control Manager) (User: )
Description: The @(BrandName) service failed to start due to the following error:
%%1053
Error: (12/24/2013 00:11:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the @(BrandName) service to connect.
Error: (12/23/2013 06:23:24 PM) (Source: DCOM) (User: FAMILY)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (12/23/2013 05:39:49 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s).
Error: (12/23/2013 05:30:07 PM) (Source: DCOM) (User: FAMILY)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (12/23/2013 05:29:44 PM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:
%%1068
Error: (12/23/2013 05:29:44 PM) (Source: DCOM) (User: FAMILY)
Description: 1084WSearchUnavailable{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Microsoft Office Sessions:
=========================
Error: (12/23/2013 06:06:29 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: FAMILY)
Description: DefaultBrowser_NOPUBLISHERID!Chrome-2144927148
Error: (12/23/2013 03:07:29 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: FAMILY)
Description: DefaultBrowser_NOPUBLISHERID!Chrome-2144927148
Error: (12/23/2013 03:05:08 PM) (Source: MsiInstaller)(User: FAMILY)
Description: Product: Apple Application Support -- A later version of Apple Application Support is already installed on this computer.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/23/2013 02:40:02 PM) (Source: iSafeService)(User: )
Description: iSafeService error: 1063StartServiceCtrlDispatcher failed. ErrorCode=1063
Error: (12/23/2013 02:18:45 PM) (Source: iSafeService)(User: )
Description: iSafeService error: 1063StartServiceCtrlDispatcher failed. ErrorCode=1063
Error: (12/23/2013 02:08:42 PM) (Source: iSafeService)(User: )
Description: iSafeService error: 1063StartServiceCtrlDispatcher failed. ErrorCode=1063
Error: (12/23/2013 02:00:10 PM) (Source: Application Error)(User: )
Description: iSafeTray.exe3.7.39.611452b29bcdcombase.dll6.3.9600.16408523d3001c0000005000058d5e9401cf000d08f3c3fbC:\Program Files (x86)\iSafe\iSafeTray.exeC:\WINDOWS\SYSTEM32\combase.dll71982950-6c04-11e3-beaf-20898495d243
Error: (12/23/2013 01:57:12 PM) (Source: MsiInstaller)(User: FAMILY)
Description: Product: Apple Application Support -- Error 1406. Could not write value APSDaemon to key \SOFTWARE\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/23/2013 01:56:33 PM) (Source: MsiInstaller)(User: FAMILY)
Description: Product: Apple Application Support -- Error 1406. Could not write value APSDaemon to key \SOFTWARE\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/23/2013 01:52:15 PM) (Source: MsiInstaller)(User: FAMILY)
Description: Product: Skype™ 6.11 -- Error 1406. Could not write value Skype to key \Software\Microsoft\Windows\CurrentVersion\Run. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)

CodeIntegrity Errors:
===================================
Date: 2013-12-23 14:00:03.380
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-12-23 11:57:06.931
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-12-23 11:56:20.308
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-12-23 11:55:19.849
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-23 11:52:57.449
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-23 11:52:56.276
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-12-23 11:39:54.753
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-23 10:39:45.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-23 09:39:45.264
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-12-23 09:03:56.308
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================
Percentage of memory in use: 59%
Total physical RAM: 3998.35 MB
Available physical RAM: 1615.49 MB
Total Pagefile: 5406.35 MB
Available Pagefile: 3025.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (0) (Fixed) (Total:931.51 GB) (Free:903.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (BootDisk) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DDDC1BF7)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================

 

[Chris Corson]

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.24.05
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Brown :: FAMILY [limited]
Protection: Enabled
12/24/2013 12:53:57 PM
mbam-log-2013-12-24 (12-53-57).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 331352
Time elapsed: 19 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[Chris Corson]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-12-2013 01
Ran by Brown at 2013-12-24 13:33:10 Run:1
Running from C:\Users\Brown\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
S0 bqirik; No ImagePath
AlternateDataStreams: C:\ProgramData\TEMP:B755D674
AlternateDataStreams: C:\Users\Brown\SkyDrive:ms-properties
*****************
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} => Key deleted successfully.
bqirik => Service deleted successfully.
C:\ProgramData\TEMP => ":B755D674" ADS removed successfully.
"C:\Users\Brown\SkyDrive" => ":ms-properties" ADS not found.
==== End of Fixlog ====

 

[Broni]

Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.

• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[Chris Corson]

RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Brown [Admin rights]
Mode : Remove -- Date : 12/24/2013 14:03:42
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 3 ¤¤¤
[SHELL][HJNAME] HKLM\[...]\Winlogon : shell (explorer.exe [7]) -> REPLACED (explorer.exe)
[SHELL][HJNAME] HKLM\[...]\Wow6432Node\[...]\Winlogon : shell (explorer.exe [7]) -> REPLACED (explorer.exe)
[SHELL][HJNAME] HKLM\[...]\Wow6432Node\[...]\Winlogon : userinit (userinit.exe, [7]) -> REPLACED (userinit.exe)
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

[Chris Corson]

RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Brown [Admin rights]
Mode : Scan -- Date : 12/24/2013 14:03:04
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 3 ¤¤¤
[SHELL][HJNAME] HKLM\[...]\Winlogon : shell (explorer.exe [7]) -> FOUND
[SHELL][HJNAME] HKLM\[...]\Wow6432Node\[...]\Winlogon : shell (explorer.exe [7]) -> FOUND
[SHELL][HJNAME] HKLM\[...]\Wow6432Node\[...]\Winlogon : userinit (userinit.exe, [7]) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

[Chris Corson]

RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Brown [Admin rights]
Mode : Remove -- Date : 12/24/2013 14:03:42
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 3 ¤¤¤
[SHELL][HJNAME] HKLM\[...]\Winlogon : shell (explorer.exe [7]) -> REPLACED (explorer.exe)
[SHELL][HJNAME] HKLM\[...]\Wow6432Node\[...]\Winlogon : shell (explorer.exe [7]) -> REPLACED (explorer.exe)
[SHELL][HJNAME] HKLM\[...]\Wow6432Node\[...]\Winlogon : userinit (userinit.exe, [7]) -> REPLACED (userinit.exe)
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts



127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 77f7b31a022c6e087fe4b7b6b7a35424
[BSP] 663e1bffd157c44d3d782a880fbb7634 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_12242013_140342.txt >>
RKreport[0]_S_12242013_140304.txt

 

[Chris Corson]

There was 2 RK reports and believe I did not select "everything" to paste the first time.

 

[Chris Corson]

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
(c) Malwarebytes Corporation 2011-2012
OS version: 6.2.9200 Windows 8 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16476
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.993000 GHz
Memory total: 4192575488, free: 1918803968
Downloaded database version: v2013.12.24.05
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
12/24/2013 14:07:34
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\pciide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\DRIVERS\avgloga.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\EMSC.SYS
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\avgwfpa.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\??\C:\Program Files (x86)\iSafe\iSafeNetFilter.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\system32\DRIVERS\avgdiska.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\rtwlane.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsP2Stor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\circlass.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\VMC412.sys
\SystemRoot\System32\Drivers\vmuacflt.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\??\C:\Program Files (x86)\iSafe\iSafeKrnl.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffe000015f2060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xffffe0000105a060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe000015f2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe000015f2b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe000015f2060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0000101be50, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe0000105a060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DDDC1BF7
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
Done!
Read File: File "c:\programdata\avg2014\chjw\f20c41670c412845.dat:27d89872-26c8-4076-8d82-f139e4045b60" is sparse (flags = 32768)
Scan finished

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  If the connection is not there use restore point you created prior to running Combofix.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.

 

[Chris Corson]

Combofix is giving the "not meant to run in compability mode" error.What should I do?

 

[Chris Corson]

Combofix just won't run in 8.1.Removed AVG,tried safe mode,and tried Rkill.I get the compatibility warning everytime.Here is my Rkill log,btw:

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/24/2013 03:54:46 PM in x64 mode. (Safe Mode)
Windows Version: Windows 8.1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic
* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic
* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic
* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic
* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic
* Network Store Interface Service (nsi) is not Running.
Startup Type set to: Automatic
* @(BrandName) (WinDefend) is not Running.
Startup Type set to: Manual
* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic
* Ancillary Function Driver for Winsock (AFD) is not Running.
Startup Type set to: System
* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual
* NetBT (NetBT) is not Running.
Startup Type set to: System
* NSI Proxy Service Driver (nsiproxy) is not Running.
Startup Type set to: System
* NetIO Legacy TDI Support Driver (tdx) is not Running.
Startup Type set to: System
* AllUserInstallAgent [Missing Service]
* SDRSVC [Missing Service]
* adp94xx [Missing Service]
* adpahci [Missing Service]
* adpu320 [Missing Service]
* arc [Missing Service]
* AsyncMac [Missing Service]
* discache [Missing Service]
* iirsp [Missing Service]
* LSI_SCSI [Missing Service]
* nfrd960 [Missing Service]
* PptpMiniport [Missing Service]
* RasAgileVpn [Missing Service]
* Rasl2tp [Missing Service]
* Wanarp [Missing Service]
* Wanarpv6 [Missing Service]
* Wd [Missing Service]
* AppMgmt [Missing Service]
* CSC [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* SystemEventsBroker => %SystemRoot%\system32\svchost.exe -k DcomLaunch [Incorrect ImagePath]
* WinDefend => %SystemRoot%\System32\svchost.exe -k secsvcs [Incorrect ImagePath]
* WSService => %SystemRoot%\System32\svchost.exe -k wsappx [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
20 out of 15491 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 12/24/2013 03:55:09 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)

 

[Chris Corson]

Combofix is giving the "not meant to run in compatibility mode" error.What should I do?