Jump to content

BrowseFox/HDSports Adware (Scan Included)


Coleon
 Share

Recommended Posts

Opened some shady software without Avast being enabled. Did a system restore and the stuff had already altered my restore point.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-09-2013 05
Ran by Cole (administrator) on LENOVO on 15-09-2013 16:56:18
Running from C:\Users\Cole\Downloads
Windows 7 Home Basic (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWow64\IntelCpHeciSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-16] (Synaptics Incorporated)
HKLM\...\Run: [synLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-16] (Synaptics)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8076848 2013-09-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6199344 2013-09-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [updatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Runonce: [WinSATRestorePower] - powercfg -setactive 381b4222-f694-41f0-9685-ff5bb260df2e
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [updatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6BAA7B97EFB1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========

==================== Services (Whitelisted) =================

R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [1086752 2011-12-22] (Broadcom Corporation.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-12-23] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-12-23] (Broadcom Corporation.)

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AcpiVpc.sys 5E813B11629007309E4FC0F0FD2B7C30
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys B9384E03479D2506BC924C16A3DB87BC
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsata.sys 7A4B413614C055935567CF88A9734D38
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AMPPAL.sys 449D90F1FB6402773C2F1ECCEAE15F74
C:\Windows\System32\DRIVERS\amppal.sys 449D90F1FB6402773C2F1ECCEAE15F74
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\bcbtums.sys 638AC077E7EF7D27D03062E486E8BF01
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys A51FA9D0E85D5ADABEF72E67F386309C
C:\Windows\System32\Drivers\BTHUSB.sys F740B9A16B2C06700F2130E19986BF3B
C:\Windows\system32\drivers\btwampfl.sys 52700700E776E0F78D5199883CA87037
C:\Windows\System32\drivers\btwaudio.sys 404063E7ECE29E38816D3E152966EA36
C:\Windows\System32\DRIVERS\btwavdt.sys 8CA7CABD13316ABACE386D9F380B4CF3
C:\Windows\System32\DRIVERS\btwdpan.sys 41933521A618475644B6E8D8487AF326
C:\Windows\System32\DRIVERS\btwl2cap.sys B1ACFD00CDD13B48D86F46BFEC153BF9
C:\Windows\System32\DRIVERS\btwrchid.sys 71A04F2D9DEB21B162561EB574D7D629
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys 3F1DC527070ACB87E40AFE46EF6DA749
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 7CB7D2B73813CE05C7BC0F5F95D27CEC
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys 0638D16029B1C800908D965AC78970C7
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys 6C9FFFECA9FED31347D211C5D1FFBD2D
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys BBE1BF6D9B661C354D4857D5FADB943B
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys CFDCD8CA87C2A657DEBC150AC35B5E08
C:\Windows\System32\DRIVERS\mrxsmb10.sys 1BEE517B220B7F024F411AEC1571DD5A
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6B2D5FEF385828B6E485C1C90AFB8195
C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwNs64.sys B51E9AD4F4E4F8DBE0AB882756BC5DAB
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvraid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 074AC702D8B8B660B0E1371555995386
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 54E47AD086782D3AE9417C155CDCEB9B
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys EC8F67289105BF270498095F14963464
C:\Windows\System32\DRIVERS\srv2.sys F773D2ED090B7BAA1C1A034F3CA476C8
C:\Windows\System32\DRIVERS\srvnet.sys 26E84D3649019C3244622E654DFCD75B
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys E6A9BD45EF10EFA2EB2D380A32FBA7B6
C:\Windows\System32\drivers\tcpip.sys 912107716BAB424C7870E8E6AF5E07E1
C:\Windows\System32\DRIVERS\tcpip.sys 912107716BAB424C7870E8E6AF5E07E1
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wsvd.sys 83575C43B2BFE9AB0661A7F957E843C0
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-15 16:52 - 2013-09-15 16:52 - 01951146 _____ (Farbar) C:\Users\Cole\Downloads\FRST64.exe
2013-09-15 16:48 - 2013-09-15 16:48 - 00000000 ____D C:\FRST
2013-09-15 16:46 - 2013-09-15 16:46 - 00000000 ____D C:\ProgramData\CyberLink
2013-09-15 16:45 - 2013-09-15 16:45 - 00000000 ___HD C:\Lenovo
2013-09-15 16:28 - 2013-09-15 16:43 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-09-15 16:28 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\SweetPacks
2013-09-15 16:28 - 2013-09-15 16:33 - 00000000 ____D C:\Users\Cole\AppData\Roaming\SearchProtect
2013-09-15 16:28 - 2013-09-15 16:28 - 00000000 ____D C:\ProgramData\Conduit
2013-09-15 16:27 - 2013-09-15 16:28 - 00000000 _____ C:\END
2013-09-15 16:26 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-09-15 16:26 - 2013-09-15 16:41 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2013-09-15 16:26 - 2013-09-15 16:28 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-09-15 15:54 - 2013-09-15 15:58 - 91788981 _____ C:\Users\Cole\Downloads\Asheru & Blue Black - Soon Come.rar
2013-09-15 02:50 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files\GIMP 2
2013-09-15 02:48 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-15 02:48 - 2013-09-15 02:48 - 04188160 _____ C:\Program Files (x86)\GUTA0A2.tmp
2013-09-15 02:48 - 2013-09-15 02:48 - 00000000 ____D C:\Users\Cole\AppData\Local\Google
2013-09-15 02:47 - 2013-09-15 16:42 - 00000000 ____D C:\Users\Cole\AppData\Roaming\MediaMonkey
2013-09-15 02:47 - 2013-09-15 02:47 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-09-15 02:47 - 2013-09-15 02:47 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-15 02:46 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files\7-Zip
2013-09-15 02:46 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-15 02:46 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-09-15 02:46 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\Everything
2013-09-15 02:46 - 2013-09-15 02:46 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-15 02:46 - 2013-09-14 23:50 - 00000000 ____D C:\Users\Cole\AppData\Roaming\uTorrent
2013-09-15 02:40 - 2013-09-15 02:41 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-15 02:39 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-15 02:39 - 2013-09-15 02:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-15 02:38 - 2013-09-15 16:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-15 02:36 - 2013-09-15 02:36 - 00000000 ____D C:\Intel
2013-09-15 02:36 - 2011-12-29 07:07 - 05885720 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00511256 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00440600 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00398104 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00274200 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00248600 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00184600 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-09-15 02:36 - 2011-12-29 07:07 - 00170264 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-09-15 02:36 - 2011-12-16 09:39 - 00018496 _____ C:\Windows\system32\iglhxs64.vp
2013-09-15 02:36 - 2011-12-16 09:23 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2598.dll
2013-09-15 02:36 - 2011-12-16 09:19 - 00734772 _____ C:\Windows\SysWOW64\igkrng700.bin
2013-09-15 02:36 - 2011-12-16 09:19 - 00734772 _____ C:\Windows\system32\igkrng700.bin
2013-09-15 02:36 - 2011-12-16 09:19 - 00479528 _____ C:\Windows\SysWOW64\igfcg700m.bin
2013-09-15 02:36 - 2011-12-16 09:19 - 00479528 _____ C:\Windows\system32\igfcg700m.bin
2013-09-15 02:36 - 2011-12-16 09:01 - 14646560 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-09-15 02:36 - 2011-12-16 09:01 - 08018944 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2013-09-15 02:36 - 2011-12-16 08:59 - 00079360 _____ C:\Windows\system32\igdde64.dll
2013-09-15 02:36 - 2011-12-16 08:52 - 06067712 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2013-09-15 02:36 - 2011-12-16 08:52 - 00058880 _____ C:\Windows\SysWOW64\igdde32.dll
2013-09-15 02:36 - 2011-12-16 08:44 - 09525248 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2013-09-15 02:36 - 2011-12-16 08:28 - 07732736 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2013-09-15 02:36 - 2011-12-16 08:15 - 03721728 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2013-09-15 02:36 - 2011-12-16 08:15 - 00585728 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2013-09-15 02:36 - 2011-12-16 08:15 - 00236032 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2013-09-15 02:36 - 2011-12-16 08:09 - 02843136 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2013-09-15 02:36 - 2011-12-16 08:09 - 00512512 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2013-09-15 02:36 - 2011-12-16 08:09 - 00188416 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2013-09-15 02:36 - 2011-12-16 07:55 - 29019136 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2013-09-15 02:36 - 2011-12-16 07:28 - 23504896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2013-09-15 02:36 - 2011-12-16 07:06 - 17155584 _____ C:\Windows\system32\ig7icd64.dll
2013-09-15 02:36 - 2011-12-16 06:48 - 12985344 _____ C:\Windows\SysWOW64\ig7icd32.dll
2013-09-15 02:36 - 2011-12-16 06:41 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00430592 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-09-15 02:36 - 2011-12-16 06:41 - 00221099 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00207830 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00191775 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00164334 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00161613 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00157226 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00148033 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00146675 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00145687 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00145579 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00144338 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00143805 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00143155 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00142664 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00142335 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00142189 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00141644 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00141435 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00140923 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00140885 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00140549 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00140122 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00139499 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00136451 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00136369 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00135868 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00131317 _____ C:\Windows\system32\Gfxres.en-US.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-09-15 02:36 - 2011-12-16 06:41 - 00124962 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-09-15 02:36 - 2011-12-16 06:41 - 00123467 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-09-15 02:36 - 2011-12-16 06:40 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-09-15 02:36 - 2011-12-16 06:40 - 00385536 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-09-15 02:36 - 2011-12-16 06:40 - 00110080 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-09-15 02:36 - 2011-12-16 06:40 - 00062976 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-09-15 02:36 - 2011-12-16 06:40 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-09-15 02:36 - 2011-12-16 06:39 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-09-15 02:36 - 2011-12-16 06:39 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-09-15 02:36 - 2011-12-16 06:39 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-09-15 02:36 - 2011-12-16 06:39 - 00172032 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-09-15 02:36 - 2011-12-16 06:39 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-09-15 02:36 - 2011-12-16 06:39 - 00009216 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-09-15 02:36 - 2011-12-16 06:38 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-09-15 02:36 - 2011-12-16 06:37 - 00321024 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 02780160 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 02191872 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2013-09-15 02:36 - 2011-12-16 06:34 - 00524800 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00519680 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00246784 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00244224 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00219136 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00201728 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2013-09-15 02:36 - 2011-12-16 06:34 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2013-09-15 02:36 - 2011-12-16 06:34 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2013-09-15 02:36 - 2011-12-16 06:34 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2013-09-15 02:36 - 2011-12-16 06:34 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2013-09-15 02:36 - 2011-12-16 06:34 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2013-09-15 02:36 - 2011-12-16 06:34 - 00052736 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00051200 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-09-15 02:36 - 2011-12-16 06:34 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2013-09-15 02:36 - 2011-12-06 19:23 - 00331264 _____ (Intel® Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2013-09-15 02:36 - 2011-12-06 19:22 - 00014848 _____ (Intel® Corporation) C:\Windows\system32\IntcDAuC.dll
2013-09-15 02:26 - 2013-08-07 04:22 - 00278800 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-15 02:19 - 2013-09-15 16:45 - 00002243 _____ C:\Users\Cole\Desktop\OneKey Recovery.lnk
2013-09-15 02:19 - 2013-09-15 02:19 - 00002104 _____ C:\Users\Default\Desktop\OneKey Recovery.lnk
2013-09-15 02:19 - 2013-09-15 02:19 - 00002104 _____ C:\Users\Default User\Desktop\OneKey Recovery.lnk
2013-09-15 02:19 - 2013-09-15 02:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-15 02:19 - 2013-09-15 02:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-15 02:19 - 2013-09-15 02:19 - 00000000 ____D C:\ProgramData\OneKey Recovery
2013-09-15 02:06 - 2013-09-15 01:12 - 00000000 ____D C:\Windows\Panther
2013-09-15 02:04 - 2013-09-15 16:42 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-15 02:04 - 2013-09-15 02:19 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-09-15 02:04 - 2013-09-15 02:04 - 00000000 ____D C:\Program Files\DIFX
2013-09-15 02:04 - 2013-09-15 02:03 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2013-09-15 02:04 - 2013-09-15 02:03 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2013-09-15 02:03 - 2013-09-15 02:04 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-09-15 02:03 - 2013-09-15 02:03 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-15 02:01 - 2013-09-15 02:01 - 00000000 ____D C:\Users\Cole\Documents\Bluetooth Exchange Folder
2013-09-15 02:01 - 2013-09-15 02:01 - 00000000 ____D C:\Users\Cole\AppData\Local\Broadcom
2013-09-15 01:59 - 2011-12-23 09:44 - 00621096 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2013-09-15 01:58 - 2011-12-23 09:44 - 00178728 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2013-09-15 01:58 - 2011-12-23 09:44 - 00167976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2013-09-15 01:58 - 2011-12-23 09:44 - 00134696 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys
2013-09-15 01:58 - 2011-12-23 09:44 - 00089640 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwdpan.sys
2013-09-15 01:58 - 2011-12-23 09:44 - 00046265 _____ C:\Windows\system32\Drivers\BCM20702A1_001.002.014.0226.0245.hex
2013-09-15 01:58 - 2011-12-23 09:44 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2013-09-15 01:58 - 2011-12-23 09:44 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2013-09-15 01:57 - 2013-09-15 02:18 - 00000000 ____D C:\Program Files\Lenovo
2013-09-15 01:48 - 2013-09-15 01:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-09-15 01:47 - 2013-09-15 01:47 - 00001372 _____ C:\Windows\Synaptics.log
2013-09-15 01:47 - 2013-09-15 01:47 - 00000000 ____D C:\Program Files\Synaptics
2013-09-15 01:46 - 2012-02-14 23:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-09-15 01:46 - 2012-02-14 22:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-09-15 01:46 - 2012-02-14 21:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-09-15 01:46 - 2012-02-14 21:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-09-15 01:46 - 2010-01-09 00:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-09-15 01:46 - 2010-01-08 23:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-09-15 01:42 - 2012-06-02 15:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-15 01:42 - 2012-06-02 15:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-15 01:42 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-15 01:42 - 2012-06-02 15:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-15 01:42 - 2012-06-02 15:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-15 01:42 - 2012-06-02 15:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-15 01:42 - 2012-06-02 15:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-15 01:42 - 2012-06-02 15:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-15 01:42 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-15 01:40 - 2013-09-15 01:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2013-09-15 01:39 - 2013-09-15 02:04 - 00013314 _____ C:\Windows\DPINST.LOG
2013-09-15 01:39 - 2013-09-15 01:39 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Intel
2013-09-15 01:38 - 2013-09-15 02:37 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-09-15 01:38 - 2013-09-15 02:37 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-15 01:38 - 2013-09-15 01:40 - 00000000 ____D C:\Program Files\Intel
2013-09-15 01:38 - 2013-09-15 01:38 - 00000000 ____D C:\ProgramData\Intel
2013-09-15 01:38 - 2013-09-15 01:38 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-09-15 01:31 - 2013-09-15 01:31 - 00003032 _____ C:\Windows\System32\Tasks\{6C7C657D-8C10-42BB-ACBC-C903D558E640}
2013-09-15 01:30 - 2013-09-15 01:31 - 38185410 _____ C:\Users\Cole\Downloads\Cool Edit Pro 2.1 - Full working and registered.zip
2013-09-15 01:30 - 2013-09-15 01:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-09-15 01:14 - 2013-09-15 01:14 - 00001447 _____ C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-15 01:14 - 2013-09-15 01:14 - 00001413 _____ C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-15 01:14 - 2013-09-15 01:14 - 00000000 ___RD C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-15 01:14 - 2013-09-15 01:14 - 00000000 ___RD C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-15 01:13 - 2013-09-15 01:13 - 00000000 ____D C:\Users\Cole\AppData\Local\VirtualStore
2013-09-15 01:12 - 2013-09-15 16:44 - 00000000 ____D C:\Users\Cole
2013-09-15 01:12 - 2013-09-15 01:12 - 00000020 ___SH C:\Users\Cole\ntuser.ini
2013-09-15 01:12 - 2013-09-15 01:12 - 00000000 __SHD C:\Recovery
2013-09-15 01:12 - 2009-07-13 21:54 - 00000000 ___RD C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-15 01:12 - 2009-07-13 21:49 - 00000000 ___RD C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-15 01:09 - 2013-09-15 16:56 - 01523290 _____ C:\Windows\WindowsUpdate.log
2013-09-15 01:09 - 2013-09-15 01:09 - 00001313 _____ C:\Windows\TSSysprep.log
2013-09-14 23:57 - 2013-09-14 23:57 - 00000000 ____D C:\Users\Cole\AppData\Local\transmission
2013-09-14 23:56 - 2013-09-15 01:33 - 00000000 ____D C:\Users\Cole\AppData\Roaming\transmission
2013-09-14 23:55 - 2013-09-15 16:42 - 00000000 ____D C:\Program Files\Transmission
2013-09-14 23:39 - 2013-09-14 23:39 - 00000000 ____D C:\Users\Cole\AppData\Local\MediaMonkey
2013-09-14 23:33 - 2013-09-15 16:42 - 00000000 ____D C:\Users\Cole\Google Drive
2013-09-14 23:28 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Macromedia
2013-09-14 23:28 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Adobe
2013-09-14 23:28 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Local\Macromedia
2013-09-14 23:24 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Local\Adobe
2013-09-14 23:13 - 2013-09-15 16:46 - 00060368 _____ C:\Users\Cole\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-14 23:13 - 2013-09-15 12:25 - 00000000 ____D C:\Users\Cole\Documents\Simple Sticky Notes
2013-09-14 23:13 - 2013-09-14 23:13 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Simnet
2013-09-14 23:13 - 2013-09-14 23:13 - 00000000 ____D C:\Program Files (x86)\Simnet
2013-09-14 23:05 - 2013-09-14 23:05 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Mozilla
2013-09-14 23:05 - 2013-09-14 23:05 - 00000000 ____D C:\Users\Cole\AppData\Local\Mozilla
2013-09-14 22:59 - 2013-09-14 22:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-14 22:59 - 2013-09-14 22:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-14 22:56 - 2013-09-14 22:56 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4

==================== One Month Modified Files and Folders =======

2013-09-15 16:56 - 2013-09-15 01:09 - 01523290 _____ C:\Windows\WindowsUpdate.log
2013-09-15 16:52 - 2013-09-15 16:52 - 01951146 _____ (Farbar) C:\Users\Cole\Downloads\FRST64.exe
2013-09-15 16:51 - 2009-07-13 22:13 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 16:51 - 2009-07-13 21:45 - 00017536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 16:51 - 2009-07-13 21:45 - 00017536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-15 16:48 - 2013-09-15 16:48 - 00000000 ____D C:\FRST
2013-09-15 16:46 - 2013-09-15 16:46 - 00000000 ____D C:\ProgramData\CyberLink
2013-09-15 16:46 - 2013-09-14 23:13 - 00060368 _____ C:\Users\Cole\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-15 16:45 - 2013-09-15 16:45 - 00000000 ___HD C:\Lenovo
2013-09-15 16:45 - 2013-09-15 02:19 - 00002243 _____ C:\Users\Cole\Desktop\OneKey Recovery.lnk
2013-09-15 16:44 - 2013-09-15 01:12 - 00000000 ____D C:\Users\Cole
2013-09-15 16:44 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-15 16:44 - 2009-07-13 21:51 - 00020779 _____ C:\Windows\setupact.log
2013-09-15 16:44 - 2009-07-13 21:45 - 00282424 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-15 16:43 - 2013-09-15 16:28 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-09-15 16:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-09-15 16:42 - 2013-09-15 16:28 - 00000000 ____D C:\Program Files (x86)\SweetPacks
2013-09-15 16:42 - 2013-09-15 16:26 - 00000000 ____D C:\Program Files (x86)\FreeHDSport.TV
2013-09-15 16:42 - 2013-09-15 02:50 - 00000000 ____D C:\Program Files\GIMP 2
2013-09-15 16:42 - 2013-09-15 02:48 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-15 16:42 - 2013-09-15 02:47 - 00000000 ____D C:\Users\Cole\AppData\Roaming\MediaMonkey
2013-09-15 16:42 - 2013-09-15 02:46 - 00000000 ____D C:\Program Files\7-Zip
2013-09-15 16:42 - 2013-09-15 02:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-15 16:42 - 2013-09-15 02:46 - 00000000 ____D C:\Program Files (x86)\MediaMonkey
2013-09-15 16:42 - 2013-09-15 02:46 - 00000000 ____D C:\Program Files (x86)\Everything
2013-09-15 16:42 - 2013-09-15 02:39 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-15 16:42 - 2013-09-15 02:04 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-15 16:42 - 2013-09-14 23:55 - 00000000 ____D C:\Program Files\Transmission
2013-09-15 16:42 - 2013-09-14 23:33 - 00000000 ____D C:\Users\Cole\Google Drive
2013-09-15 16:42 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2013-09-15 16:42 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-15 16:42 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Services
2013-09-15 16:41 - 2013-09-15 16:26 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2013-09-15 16:40 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-09-15 16:39 - 2013-09-15 02:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-15 16:33 - 2013-09-15 16:28 - 00000000 ____D C:\Users\Cole\AppData\Roaming\SearchProtect
2013-09-15 16:28 - 2013-09-15 16:28 - 00000000 ____D C:\ProgramData\Conduit
2013-09-15 16:28 - 2013-09-15 16:27 - 00000000 _____ C:\END
2013-09-15 16:28 - 2013-09-15 16:26 - 00000000 ____D C:\Program Files (x86)\FirstRowSportApp.com
2013-09-15 15:58 - 2013-09-15 15:54 - 91788981 _____ C:\Users\Cole\Downloads\Asheru & Blue Black - Soon Come.rar
2013-09-15 12:25 - 2013-09-14 23:13 - 00000000 ____D C:\Users\Cole\Documents\Simple Sticky Notes
2013-09-15 02:48 - 2013-09-15 02:48 - 04188160 _____ C:\Program Files (x86)\GUTA0A2.tmp
2013-09-15 02:48 - 2013-09-15 02:48 - 00000000 ____D C:\Users\Cole\AppData\Local\Google
2013-09-15 02:47 - 2013-09-15 02:47 - 00000000 ____D C:\ProgramData\MediaMonkey
2013-09-15 02:47 - 2013-09-15 02:47 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-09-15 02:46 - 2013-09-15 02:46 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-15 02:41 - 2013-09-15 02:40 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-15 02:39 - 2013-09-15 02:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-15 02:37 - 2013-09-15 01:38 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-09-15 02:37 - 2013-09-15 01:38 - 00000000 ____D C:\Program Files (x86)\Intel
2013-09-15 02:36 - 2013-09-15 02:36 - 00000000 ____D C:\Intel
2013-09-15 02:19 - 2013-09-15 02:19 - 00002104 _____ C:\Users\Default\Desktop\OneKey Recovery.lnk
2013-09-15 02:19 - 2013-09-15 02:19 - 00002104 _____ C:\Users\Default User\Desktop\OneKey Recovery.lnk
2013-09-15 02:19 - 2013-09-15 02:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-15 02:19 - 2013-09-15 02:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-09-15 02:19 - 2013-09-15 02:19 - 00000000 ____D C:\ProgramData\OneKey Recovery
2013-09-15 02:19 - 2013-09-15 02:04 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-09-15 02:18 - 2013-09-15 01:57 - 00000000 ____D C:\Program Files\Lenovo
2013-09-15 02:06 - 2009-07-13 22:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-09-15 02:06 - 2009-07-13 22:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-09-15 02:04 - 2013-09-15 02:04 - 00000000 ____D C:\Program Files\DIFX
2013-09-15 02:04 - 2013-09-15 02:03 - 00000000 ____D C:\Program Files (x86)\Lenovo
2013-09-15 02:04 - 2013-09-15 01:39 - 00013314 _____ C:\Windows\DPINST.LOG
2013-09-15 02:03 - 2013-09-15 02:04 - 00039008 _____ (Lenovo.) C:\Windows\system32\Drivers\LhdX64.sys
2013-09-15 02:03 - 2013-09-15 02:04 - 00019872 _____ (Lenovo (Beijing) Limited) C:\Windows\system32\LenovoSDKEmSubSystem.dll
2013-09-15 02:03 - 2013-09-15 02:03 - 00000000 ____D C:\ProgramData\Downloaded Installations
2013-09-15 02:03 - 2011-12-15 14:09 - 00030816 _____ (Lenovo Corporation) C:\Windows\system32\Drivers\AcpiVpc.sys
2013-09-15 02:01 - 2013-09-15 02:01 - 00000000 ____D C:\Users\Cole\Documents\Bluetooth Exchange Folder
2013-09-15 02:01 - 2013-09-15 02:01 - 00000000 ____D C:\Users\Cole\AppData\Local\Broadcom
2013-09-15 01:48 - 2013-09-15 01:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2013-09-15 01:47 - 2013-09-15 01:47 - 00001372 _____ C:\Windows\Synaptics.log
2013-09-15 01:47 - 2013-09-15 01:47 - 00000000 ____D C:\Program Files\Synaptics
2013-09-15 01:40 - 2013-09-15 01:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2013-09-15 01:40 - 2013-09-15 01:38 - 00000000 ____D C:\Program Files\Intel
2013-09-15 01:39 - 2013-09-15 01:39 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Intel
2013-09-15 01:39 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default
2013-09-15 01:38 - 2013-09-15 01:38 - 00000000 ____D C:\ProgramData\Intel
2013-09-15 01:38 - 2013-09-15 01:38 - 00000000 ____D C:\Program Files (x86)\Cisco
2013-09-15 01:38 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\restore
2013-09-15 01:33 - 2013-09-14 23:56 - 00000000 ____D C:\Users\Cole\AppData\Roaming\transmission
2013-09-15 01:31 - 2013-09-15 01:31 - 00003032 _____ C:\Windows\System32\Tasks\{6C7C657D-8C10-42BB-ACBC-C903D558E640}
2013-09-15 01:31 - 2013-09-15 01:30 - 38185410 _____ C:\Users\Cole\Downloads\Cool Edit Pro 2.1 - Full working and registered.zip
2013-09-15 01:30 - 2013-09-15 01:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-09-15 01:14 - 2013-09-15 01:14 - 00001447 _____ C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-15 01:14 - 2013-09-15 01:14 - 00001413 _____ C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-15 01:14 - 2013-09-15 01:14 - 00000000 ___RD C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-15 01:14 - 2013-09-15 01:14 - 00000000 ___RD C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-15 01:13 - 2013-09-15 01:13 - 00000000 ____D C:\Users\Cole\AppData\Local\VirtualStore
2013-09-15 01:13 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-09-15 01:12 - 2013-09-15 02:06 - 00000000 ____D C:\Windows\Panther
2013-09-15 01:12 - 2013-09-15 01:12 - 00000020 ___SH C:\Users\Cole\ntuser.ini
2013-09-15 01:12 - 2013-09-15 01:12 - 00000000 __SHD C:\Recovery
2013-09-15 01:12 - 2009-07-13 21:45 - 00000000 ____D C:\Windows\Setup
2013-09-15 01:09 - 2013-09-15 01:09 - 00001313 _____ C:\Windows\TSSysprep.log
2013-09-15 01:09 - 2009-07-13 21:46 - 00001774 _____ C:\Windows\DtcInstall.log
2013-09-15 01:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-14 23:57 - 2013-09-14 23:57 - 00000000 ____D C:\Users\Cole\AppData\Local\transmission
2013-09-14 23:50 - 2013-09-15 02:46 - 00000000 ____D C:\Users\Cole\AppData\Roaming\uTorrent
2013-09-14 23:39 - 2013-09-14 23:39 - 00000000 ____D C:\Users\Cole\AppData\Local\MediaMonkey
2013-09-14 23:28 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Macromedia
2013-09-14 23:28 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Adobe
2013-09-14 23:28 - 2013-09-14 23:28 - 00000000 ____D C:\Users\Cole\AppData\Local\Macromedia
2013-09-14 23:28 - 2013-09-14 23:24 - 00000000 ____D C:\Users\Cole\AppData\Local\Adobe
2013-09-14 23:13 - 2013-09-14 23:13 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Simnet
2013-09-14 23:13 - 2013-09-14 23:13 - 00000000 ____D C:\Program Files (x86)\Simnet
2013-09-14 23:05 - 2013-09-14 23:05 - 00000000 ____D C:\Users\Cole\AppData\Roaming\Mozilla
2013-09-14 23:05 - 2013-09-14 23:05 - 00000000 ____D C:\Users\Cole\AppData\Local\Mozilla
2013-09-14 22:59 - 2013-09-14 22:59 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-14 22:59 - 2013-09-14 22:59 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-14 22:56 - 2013-09-14 22:56 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=E:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {18910e05-1de6-11e3-b8e4-bb5ad40ec800}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {18910e07-1de6-11e3-b8e4-bb5ad40ec800}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {18910e05-1de6-11e3-b8e4-bb5ad40ec800}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {18910e07-1de6-11e3-b8e4-bb5ad40ec800}
device                  ramdisk=[C:]\Recovery\18910e07-1de6-11e3-b8e4-bb5ad40ec800\Winre.wim,{18910e08-1de6-11e3-b8e4-bb5ad40ec800}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\18910e07-1de6-11e3-b8e4-bb5ad40ec800\Winre.wim,{18910e08-1de6-11e3-b8e4-bb5ad40ec800}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {18910e05-1de6-11e3-b8e4-bb5ad40ec800}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=E:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {18910e08-1de6-11e3-b8e4-bb5ad40ec800}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\18910e07-1de6-11e3-b8e4-bb5ad40ec800\boot.sdi

 

LastRegBack: 2013-09-15 01:06

==================== End Of Log ============================

 

 

Link to post
Share on other sites

Hello Coleon! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.