VirusME Posted December 16, 2013 ID:765234 Share Posted December 16, 2013 DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 10.40.2Run by Jinxdory at 17:01:57 on 2013-12-16Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3978.2249 [GMT -5:00].AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k GPSvcGroupC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\system32\WLANExt.exeC:\windows\System32\spoolsv.exeC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\windows\system32\Dwm.exeC:\windows\system32\taskhost.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\windows\Explorer.EXEC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\windows\system32\svchost.exe -k imgsvcC:\Windows\system32\TODDSrv.exeC:\Program Files\Toshiba\Power Saver\TosCoSrv.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exeC:\Program Files\TOSHIBA\TECO\TecoService.exeC:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Toshiba\Power Saver\TBatmgrTrayicon.exeC:\Program Files\Toshiba\FlashCards\TCrdMain.exeC:\Program Files\Toshiba\Power Saver\TPwrMain.exeC:\Program Files\Toshiba\TECO\Teco.exeC:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exeC:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exeC:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exeC:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\windows\System32\svchost.exe -k LocalServicePeerNetC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\windows\system32\taskhost.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exeC:\Program Files\Toshiba\TECO\TecoHook.exeC:\Program Files (x86)\Opera\opera.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uWindow Title = Internet Explorer provided by TOSHIBAmWindow Title = Internet Explorer provided by TOSHIBAmWinlogon: Userinit = userinit.exeBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dlluRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [HP Photosmart 5510d series (NET)] "C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1961BFD105RW:NW" -scfn "HP Photosmart 5510d series (NET)" -AutoStart 1mRun: [DTS Sound] "C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe" /HIDEMEmRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minmRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exemRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-startuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0TCP: NameServer = 208.59.247.45 208.59.247.46TCP: Interfaces\{404049C1-B53B-4518-B9C0-32F1CE5FA895} : DHCPNameServer = 208.59.247.45 208.59.247.46TCP: Interfaces\{404049C1-B53B-4518-B9C0-32F1CE5FA895}\071627473716E646362716664737 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{404049C1-B53B-4518-B9C0-32F1CE5FA895}\26C61636B616E6467786964756B696474797 : DHCPNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{404049C1-B53B-4518-B9C0-32F1CE5FA895}\45865602B41607F6770284F6573756 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{404049C1-B53B-4518-B9C0-32F1CE5FA895}\B496F67716 : DHCPNameServer = 10.0.1.1Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mWindow Title = Internet Explorer provided by TOSHIBAx64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -sx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [batteryManager] C:\Program Files (x86)\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXEx64-Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exex64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXEx64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /rx64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exex64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 iaStorA;iaStorA;C:\windows\System32\drivers\iaStorA.sys [2013-3-11 652784]R0 iaStorF;iaStorF;C:\windows\System32\drivers\iaStorF.sys [2013-3-11 28656]R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-12-4 20024]R1 avkmgr;avkmgr;C:\windows\System32\drivers\avkmgr.sys [2013-11-9 28600]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-11-9 440376]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-11-9 440376]R2 avgntflt;avgntflt;C:\windows\System32\drivers\avgntflt.sys [2013-11-9 107416]R2 avnetflt;avnetflt;C:\windows\System32\drivers\avnetflt.sys [2013-11-9 83160]R2 dts_apo_service;DTS APO Service;C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-5-31 16720]R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-9-14 130592]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-9-14 165488]R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-10-6 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-6 701512]R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2013-9-14 9216]R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-9-14 169752]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2013-3-12 342528]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-12-4 358456]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-12-4 791608]R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2013-4-3 128200]R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-10-6 25928]R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2013-10-29 38096]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUVStor.sys [2013-9-14 327240]R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\drivers\rtwlane.sys [2013-9-14 1480776]R3 SmbDrvI;SmbDrvI;C:\windows\System32\drivers\Smb_driver_Intel.sys [2013-2-6 32496]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-9 123856]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 ccSet_NARA;NARA Settings Manager;C:\windows\System32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2013-9-14 168608]S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]S3 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2013-1-28 4230016]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-6-6 19456]S3 terminpt;Microsoft Remote Desktop Input Driver;C:\windows\System32\drivers\terminpt.sys [2013-6-6 29696]S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-6-6 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-6-6 30208]S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2013-11-9 1164360].=============== Created Last 30 ================.2013-12-16 16:15:14 -------- d-----w- C:\Users\Jinxdory\AppData\Roaming\Processing2013-12-14 11:30:13 -------- d-----w- C:\Users\Jinxdory\AppData\Roaming\Little Inferno2013-12-11 02:13:37 -------- d-----w- C:\Users\Jinxdory\AppData\Local\Daedalic Entertainment2013-12-11 02:10:52 -------- d-----w- C:\ProgramData\Package Cache2013-12-10 23:59:28 -------- d-----w- C:\AdwCleaner2013-12-07 15:38:11 -------- d-----w- C:\Users\Jinxdory\AppData\Roaming\39092013-12-05 21:13:52 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi2013-12-03 20:39:27 -------- d-----w- C:\Users\Jinxdory\AppData\Local\cache2013-12-03 20:39:25 -------- d-----w- C:\Users\Jinxdory\AppData\Local\Mobogenie2013-12-03 20:38:31 -------- d-----w- C:\Program Files (x86)\Mobogenie2013-12-03 20:38:30 -------- d-----w- C:\ProgramData\Pivot Animator2013-12-03 20:37:29 -------- d-----w- C:\Program Files (x86)\Pivot Animator2013-11-27 18:03:47 -------- d-----w- C:\Users\Jinxdory\AppData\Roaming\Awesomium.==================== Find3M ====================.2013-12-05 21:13:55 107416 ----a-w- C:\windows\System32\drivers\avgntflt.sys2013-10-13 17:02:12 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll2013-10-13 17:02:10 868264 ----a-w- C:\windows\SysWow64\npDeployJava1.dll2013-10-13 17:02:10 790440 ----a-w- C:\windows\SysWow64\deployJava1.dll2013-10-11 00:14:15 83160 ----a-w- C:\windows\System32\drivers\avnetflt.sys2013-10-11 00:14:15 28600 ----a-w- C:\windows\System32\drivers\avkmgr.sys2013-10-07 01:16:56 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-07 01:16:56 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe.============= FINISH: 17:02:39.34 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 10/6/2013 7:15:40 PMSystem Uptime: 12/15/2013 8:09:14 AM (33 hours ago).Motherboard: TOSHIBA | | Portable PCProcessor: Intel® Core i3-3110M CPU @ 2.40GHz | U3E1 | 1200/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 454 GiB total, 346.636 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: lsnfdDevice ID: ROOT\LEGACY_LSNFD\0000Manufacturer:Name: lsnfdPNP Device ID: ROOT\LEGACY_LSNFD\0000Service: lsnfd.==== System Restore Points ===================.RP21: 12/9/2013 10:39:29 PM - Scheduled CheckpointRP22: 12/10/2013 9:10:15 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610RP23: 12/10/2013 9:11:13 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610.==== Installed Programs ======================.AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the AwesomeAdobe Flash Player 11 ActiveX 64-bitAdobe Flash Player 11 PluginAdobe Reader X (10.1.8) MUIAvira Free AntivirusBioShockBioShock 2Breath of Death VIICthulhu Saves the WorldDino D-DayDLC QuestDTS SoundEdna & Harvey: The BreakoutGone HomeGoogle ChromeGoogle Update HelperHP Photosmart 5510d series Basic Device SoftwareIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® SDK for OpenCL - CPU Only Runtime PackageIntel® USB 3.0 eXtensible Host Controller DriverIntel® Trusted Connect Service ClientJava 7 Update 40Java Auto UpdaterJava 7Little InfernoLogMeIn HamachiMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4.5Microsoft OfficeMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Microsoft XNA Framework Redistributable 4.0 RefreshMirror's EdgeMSXML 4.0 SP3 Parser (KB2758694)NeverwinterNorton Online BackupNorton Online Backup ARANVIDIA PhysX v8.10.17Opera 12.16Organ Trail: Director's CutOriginPapers, PleasePivot Animator version 4.1.10PlayReady PC Runtime amd64PortalPortal 2Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverRealtek High Definition Audio DriverRealtek USB Card ReaderRealtek WLAN DriverSecurity Update for Microsoft .NET Framework 4.5 (KB2737083)Security Update for Microsoft .NET Framework 4.5 (KB2742613)Security Update for Microsoft .NET Framework 4.5 (KB2789648)Skype™ 6.10SpelunkySteamSuper Meat BoySurgeon Simulator 2013Synaptics Pointing Device DriverTeam Fortress 2TEdit 3TerrariaThe Wonderful End of the WorldToshiba App PlaceTOSHIBA Application InstallerTOSHIBA AssistToshiba Book PlaceTOSHIBA Disc CreatorTOSHIBA eco UtilityTOSHIBA Hardware SetupTOSHIBA Quality ApplicationTOSHIBA Recovery Media CreatorTOSHIBA Service StationTOSHIBA Supervisor PasswordTOSHIBA User's GuideTOSHIBA Value Added PackageTOSHIBA Web Camera ApplicationTOSHIBARegistrationUpdate for Microsoft .NET Framework 4.5 (KB2750147)VLC media player 2.1.0WordBiz 1.8.7.==== Event Viewer Messages From Past Week ========.12/9/2013 8:37:13 PM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).12/9/2013 3:53:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.12/16/2013 4:39:19 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer SCARLET that believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}. The master browser is stopping or an election is being forced.12/16/2013 3:59:29 AM, Error: volmgr [45] - The system could not sucessfully load the crash dump driver.12/12/2013 3:32:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.12/12/2013 3:32:43 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.12/10/2013 7:04:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: lsnfd.==== End Of File =========================== Link to post Share on other sites More sharing options...
MrCharlie Posted December 16, 2013 ID:765240 Share Posted December 16, 2013 Welcome to the forum. Please download and run RogueKiller 32 Bit to your desktop. RogueKiller 64 Bit <---use this one for 64 bit systems Which system am I using? Quit all running programs. For Windows XP, double-click to start. For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run. Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything! Don't run any other options, they're not all bad!!!!!!! Post back the report which should be located on your desktop. (please don't put logs in code or quotes and use the default font) General P2P/Piracy Warning: 1. If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided. 2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy. Failure to remove such software will result in your topic being closed and no further assistance being provided. MrC Note: Please read all of my instructions completely including these. Make sure system restore is turned on and running Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive <+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you. <+>The removal of malware isn't instantaneous, please be patient. <+>When we are done, I'll give to instructions on how to cleanup all the tools and logs <+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. ------->Your topic will be closed if you haven't replied within 3 days!<-------- (If I don't respond within 24 hours, please send me a PM) Link to post Share on other sites More sharing options...
VirusME Posted December 16, 2013 Author ID:765247 Share Posted December 16, 2013 RogueKiller V8.7.12 _x64_ [Nov 25 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Jinxdory [Admin rights]Mode : Scan -- Date : 12/16/2013 17:39:59| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 2 ¤¤¤[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Scheduled tasks : 0 ¤¤¤¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤¤¤¤ External Hives: ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ATA TOSHIBA MQ01ABF0 SCSI Disk Device +++++--- User ---[MBR] c2edf598613829722bca92ba31b0a9e4[bSP] 41b2af6be35472c728bc8aedf31a5706 : Windows Vista MBR CodePartition table:0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464829 Mo2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 955043840 | Size: 10610 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_S_12162013_173959.txt >> Link to post Share on other sites More sharing options...
MrCharlie Posted December 16, 2013 ID:765252 Share Posted December 16, 2013 Please try this procedure first: Lets clean out any adware/spyware now: (this will require a reboot so save all your work) Please download AdwCleaner by Xplode and save to your Desktop. Make sure you click on download buttons that look similar to this, not "sponsored ad links": Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As AdministratorClick on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.When it's done you'll see: Pending: Please uncheck elements you don't want removed.Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.Look over the log especially under Files/Folders for any program you want to save.If there's a program you may want to save, just uncheck it from AdwCleaner.If you're not sure, post the log for review. (all items found are adware/spyware/foistware)If you're ready to clean it all up.....click the Clean button.After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A copy of that logfile will also be saved in the C:\AdwCleaner folder.Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\QuarantineTo restore an item that has been deleted:Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.Then.................. Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal. Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report. Make sure that everything is checked, and click Remove Selected. Please let me know how computer is running now, MrC Link to post Share on other sites More sharing options...
VirusME Posted December 16, 2013 Author ID:765269 Share Posted December 16, 2013 I have already done both of theses things, i will try them again # AdwCleaner v3.015 - Report created 16/12/2013 at 18:37:07# Updated 10/12/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Jinxdory - JINXDORY-PC# Running from : C:\Users\Jinxdory\Desktop\Virus Stuff\AdwCleaner.exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] ********** [ Shortcuts ] ********** [ Registry ] ********** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16521-\\ Google Chrome v31.0.1650.63[ File : C:\Users\Jinxdory\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [4211 octets] - [10/12/2013 18:59:31]AdwCleaner[R1].txt - [904 octets] - [16/12/2013 18:36:19]AdwCleaner[s0].txt - [3667 octets] - [10/12/2013 19:01:43]AdwCleaner[s1].txt - [826 octets] - [16/12/2013 18:37:07]########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [885 octets] ########## Link to post Share on other sites More sharing options...
VirusME Posted December 16, 2013 Author ID:765270 Share Posted December 16, 2013 Malwarebytes Anti-Malware (PRO) 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.12.16.01Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16521Jinxdory :: JINXDORY-PC [administrator]Protection: Enabled12/16/2013 6:47:27 PMmbam-log-2013-12-16 (18-47-27).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 225575Time elapsed: 4 minute(s), 15 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
MrCharlie Posted December 16, 2013 ID:765272 Share Posted December 16, 2013 OK, looks like you already ran these. Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?) Please make sure you click download buttons that look similar to this, not "sponsored ad links": Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.MrC Link to post Share on other sites More sharing options...
VirusME Posted December 17, 2013 Author ID:765274 Share Posted December 17, 2013 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2013 02Ran by Jinxdory at 2013-12-16 19:02:15Running from C:\Users\Jinxdory\DesktopBoot Mode: Normal============================================================================== Security Center ========================AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome (x32)Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)Avira Free Antivirus (x32 Version: 14.0.1.759)BioShock (x32)BioShock 2 (x32)Breath of Death VII (x32)Cthulhu Saves the World (x32)Dino D-Day (x32)DLC Quest (x32)DTS Sound (x32 Version: 1.00.0079)Edna & Harvey: The Breakout (x32)Gone Home (x32)Google Chrome (x32 Version: 31.0.1650.63)Google Update Helper (x32 Version: 1.3.22.3)HP Photosmart 5510d series Basic Device Software (Version: 28.0.1315.0)Intel® Management Engine Components (x32 Version: 8.1.30.1349)Intel® Processor Graphics (x32 Version: 9.17.10.3062)Intel® Rapid Storage Technology (Version: 12.0.4.1001)Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.7.248)Intel® Trusted Connect Service Client (Version: 1.27.757.1)Java 7 Update 40 (x32 Version: 7.0.400)Java Auto Updater (x32 Version: 2.1.9.8)Java 7 (x32 Version: 7.0.0)Little Inferno (x32)LogMeIn Hamachi (x32 Version: 2.2.0.109)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Microsoft .NET Framework 4.5 (Version: 4.5.50709)Microsoft Office (x32 Version: 15.0.4454.1510)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610)Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610)Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0)Mirror's Edge (x32)MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)Neverwinter (x32)Norton Online Backup (x32 Version: 2.7.0.24)Norton Online Backup ARA (x32 Version: 4.3.0.14)NVIDIA PhysX v8.10.17 (x32 Version: 8.10.17)Opera 12.16 (x32 Version: 12.16.1860)Organ Trail: Director's Cut (x32)Origin (x32 Version: 9.1.12.73)Papers, Please (x32)Pivot Animator version 4.1.10 (x32 Version: 4.1.10)PlayReady PC Runtime amd64 (Version: 1.3.0)Portal (x32)Portal 2 (x32)Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.16)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6899)Realtek USB Card Reader (x32 Version: 6.2.9200.39041)Realtek WLAN Driver (x32 Version: 2.00.0021)Skype™ 6.10 (x32 Version: 6.10.104)Spelunky (x32)Steam (x32 Version: 1.0.0.0)Super Meat Boy (x32)Surgeon Simulator 2013 (x32)Synaptics Pointing Device Driver (Version: 16.3.10.4)Team Fortress 2 (x32)TEdit 3 (x32 Version: 3.4.13298.0)Terraria (x32)The Wonderful End of the World (x32)Toshiba App Place (x32 Version: 1.0.6.3)TOSHIBA Application Installer (x32 Version: 9.0.1.2)TOSHIBA Assist (x32 Version: 4.2.3.1)Toshiba Book Place (x32 Version: 3.3.9661)TOSHIBA Disc Creator (Version: 2.1.0.12 for x64)TOSHIBA eco Utility (Version: 1.3.23.64)TOSHIBA Hardware Setup (x32 Version: 3.1.0.10)TOSHIBA Quality Application (x32 Version: 1.0.4)TOSHIBA Recovery Media Creator (x32 Version: 2.1.7.52020010)TOSHIBA Service Station (x32 Version: 2.2.13)TOSHIBA Supervisor Password (x32 Version: 3.1.0.2)TOSHIBA User's Guide (x32 Version: 1.00.02)TOSHIBA Value Added Package (Version: 1.6.0035.6406)TOSHIBA Value Added Package (x32 Version: 1.6.0035.6406)TOSHIBA Web Camera Application (x32 Version: 2.0.3.37)TOSHIBARegistration (x32 Version: 1.1.1)Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)VLC media player 2.1.0 (x32 Version: 2.1.0)WordBiz 1.8.7 (x32)==================== Restore Points =========================10-12-2013 03:39:29 Scheduled Checkpoint11-12-2013 02:10:15 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.6061011-12-2013 02:11:13 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610==================== Hosts content: ==========================2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystemTask: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystemTask: {102074DC-FA25-4703-B2D3-AAEC70761FFF} - \MySearchDial No Task FileTask: {2B4BBDC1-449D-4733-B688-8372528F838C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-06] (Google Inc.)Task: {684EAFE4-FA85-4D06-B334-8E9FE193F170} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exeTask: {87249DD1-1DC5-4147-9C12-AD882E9AB706} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMARTTask: {98141E89-3764-40AE-978B-F8B2B4AE4780} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-06] (Google Inc.)Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationTask: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdateTask: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperationsTask: {D90D9C9B-F0E3-4223-A150-3055BA0C0DB7} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exeTask: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChangeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe==================== Loaded Modules (whitelisted) =============2013-03-08 21:06 - 2013-03-08 21:06 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2011-08-22 16:19 - 2011-08-22 16:19 - 11204992 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll2010-12-15 17:19 - 2010-12-15 17:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ===================HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"==================== Faulty Device Manager Devices =============Name: lsnfdDescription: lsnfdClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: lsnfdProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved.==================== Event log errors: =========================Application errors:==================Error: (12/16/2013 06:40:10 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/16/2013 06:38:58 PM) (Source: Toshiba App Place) (User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/16/2013 05:35:14 PM) (Source: Application Hang) (User: )Description: The program hl2.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.Process ID: 24fcStart Time: 01cefaabb7be1dc7Termination Time: 170Application Path: C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exeReport Id:Error: (12/10/2013 07:05:10 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/10/2013 07:03:51 PM) (Source: Toshiba App Place) (User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/09/2013 09:03:39 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/09/2013 09:03:12 PM) (Source: Toshiba App Place) (User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/09/2013 08:38:23 PM) (Source: Toshiba App Place) (User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/09/2013 08:37:49 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/09/2013 08:36:24 PM) (Source: Application Error) (User: )Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5252e730Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x5252e730Exception code: 0xc0000005Fault offset: 0x00002c60Faulting process id: 0x7d4Faulting application start time: 0xDefaultTabSearch.exe0Faulting application path: DefaultTabSearch.exe1Faulting module path: DefaultTabSearch.exe2Report Id: DefaultTabSearch.exe3System errors:=============Error: (12/16/2013 06:51:22 PM) (Source: bowser) (User: )Description: The master browser has received a server announcement from the computer SCARLETthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}.The master browser is stopping or an election is being forced.Error: (12/16/2013 06:39:44 PM) (Source: Service Control Manager) (User: )Description: The following boot-start or system-start driver(s) failed to load:lsnfdError: (12/16/2013 04:39:19 PM) (Source: bowser) (User: )Description: The master browser has received a server announcement from the computer SCARLETthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}.The master browser is stopping or an election is being forced.Error: (12/16/2013 03:59:29 AM) (Source: volmgr) (User: )Description: The system could not sucessfully load the crash dump driver.Error: (12/12/2013 03:32:43 PM) (Source: Service Control Manager) (User: )Description: The Steam Client Service service failed to start due to the following error:%%1053Error: (12/12/2013 03:32:43 PM) (Source: Service Control Manager) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.Error: (12/11/2013 06:39:26 PM) (Source: bowser) (User: )Description: The master browser has received a server announcement from the computer SCARLETthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}.The master browser is stopping or an election is being forced.Error: (12/10/2013 08:16:18 PM) (Source: bowser) (User: )Description: The master browser has received a server announcement from the computer SCARLETthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}.The master browser is stopping or an election is being forced.Error: (12/10/2013 08:04:19 PM) (Source: bowser) (User: )Description: The master browser has received a server announcement from the computer SCARLETthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}.The master browser is stopping or an election is being forced.Error: (12/10/2013 07:39:25 PM) (Source: bowser) (User: )Description: The master browser has received a server announcement from the computer SCARLETthat believes that it is the master browser for the domain on transport NetBT_Tcpip_{404049C1-B53B-4518-B9C0-32F1CE5FA895}.The master browser is stopping or an election is being forced.Microsoft Office Sessions:=========================Error: (12/16/2013 06:40:10 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/16/2013 06:38:58 PM) (Source: Toshiba App Place)(User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/16/2013 05:35:14 PM) (Source: Application Hang)(User: )Description: hl2.exe0.0.0.024fc01cefaabb7be1dc7170C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exeError: (12/10/2013 07:05:10 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/10/2013 07:03:51 PM) (Source: Toshiba App Place)(User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/09/2013 09:03:39 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/09/2013 09:03:12 PM) (Source: Toshiba App Place)(User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/09/2013 08:38:23 PM) (Source: Toshiba App Place)(User: )Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.Parameter name: dueTimeStack Trace:at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)at System.Timers.Timer.set_Enabled(Boolean value)at SnappCloud.ActivationReminder.AraClient.PostInit()at SnappCloud.ActivationReminder.Program.Main(String[] args)Error: (12/09/2013 08:37:49 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003Error: (12/09/2013 08:36:24 PM) (Source: Application Error)(User: )Description: DefaultTabSearch.exe0.0.0.05252e730DefaultTabSearch.exe0.0.0.05252e730c000000500002c607d401cef54833e012fbC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exeC:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe7aa70107-613b-11e3-9db6-008cfa720bda==================== Memory info ===========================Percentage of memory in use: 44%Total physical RAM: 3978.36 MBAvailable physical RAM: 2224.01 MBTotal Pagefile: 7954.89 MBAvailable Pagefile: 5670.39 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.8 MB==================== Drives ================================Drive c: (TI10668700E) (Fixed) (Total:453.93 GB) (Free:346.69 GB) NTFS ==>[system with boot components (obtained from reading drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 57350F76)Partition 1: (Active) - (Size=1 GB) - (Type=27)Partition 2: (Not Active) - (Size=454 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=10 GB) - (Type=17)==================== End Of Log ============================ Link to post Share on other sites More sharing options...
VirusME Posted December 17, 2013 Author ID:765275 Share Posted December 17, 2013 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-12-2013 02Ran by Jinxdory (administrator) on JINXDORY-PC on 16-12-2013 19:01:25Running from C:\Users\Jinxdory\DesktopWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal==================== Processes (Whitelisted) =================(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TBatmgrTrayicon.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe() C:\Program Files\Toshiba\Power Saver\TPwrMain.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoHook.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe(DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Opera Software) C:\Program Files (x86)\Opera\opera.exe() C:\Users\Jinxdory\Desktop\FRST64.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [] - [x]HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13535304 2013-05-07] (Realtek Semiconductor)HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3014384 2013-02-06] (Synaptics Incorporated)HKLM\...\Run: [batteryManager] - C:\Program Files\Toshiba\Power Saver\TBatmgrTrayicon.exe [293760 2013-02-20] (TOSHIBA Corporation)HKLM\...\Run: [TCrdMain] - C:\Program Files\Toshiba\FlashCards\TCrdMain.exe [997216 2013-05-07] (TOSHIBA Corporation)HKLM\...\Run: [TPwrMain] - C:\Program Files\Toshiba\Power Saver\TPwrMain.exe [595840 2012-03-02] ()HKLM\...\Run: [Teco] - C:\Program Files\Toshiba\TECO\Teco.exe [1562032 2012-02-28] (TOSHIBA Corporation)HKLM\...\Run: [TosVolRegulator] - C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)HKCU\...\Run: [HP Photosmart 5510d series (NET)] - C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKLM-x32\...\Run: [DTS Sound] - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe [1471296 2013-05-31] (DTS, Inc.)HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-20] (Intel Corporation)HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)HKLM-x32\...\Run: [ToshibaAppPlace] - C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exeHKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)AppInit_DLLs: [ ] ()==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.comSearchScopes: HKLM - DefaultScope {0E88976F-86B4-4AE9-8036-58312BB30A59} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0CyBzz0EtC0C0CzzyB0DtN0D0Tzu0SyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1385915399&ir=SearchScopes: HKLM - {0E88976F-86B4-4AE9-8036-58312BB30A59} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0CyBzz0EtC0C0CzzyB0DtN0D0Tzu0SyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1385915399&ir=SearchScopes: HKLM-x32 - {0E88976F-86B4-4AE9-8036-58312BB30A59} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJSSearchScopes: HKCU - {0E88976F-86B4-4AE9-8036-58312BB30A59} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0CyBzz0EtC0C0CzzyB0DtN0D0Tzu0SyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1385915399&ir=BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Chrome:=======CHR DefaultSearchProvider: "name": "Mysearchdial"CHR Extension: (Norton Identity Protection) - C:\Users\Jinxdory\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Jinxdory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0==================== Services (Whitelisted) =================R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-31] ()S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-26] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165488 2012-12-18] (Intel Corporation)R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)==================== Drivers (Whitelisted) ====================R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-05] (Avira Operations GmbH & Co. KG)R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-10-10] (Avira Operations GmbH & Co. KG)S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-11] (Intel Corporation)R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2013-04-03] (Qualcomm Atheros Co., Ltd.)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1480776 2013-02-08] (Realtek Semiconductor Corporation )S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-02-06] (Synaptics Incorporated)S1 lsnfd; system32\drivers\lsnfd.sys [x]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-12-16 19:01 - 2013-12-16 19:01 - 00011517 _____ C:\Users\Jinxdory\Desktop\FRST.txt2013-12-16 19:01 - 2013-12-16 19:01 - 00000000 ____D C:\FRST2013-12-16 17:43 - 2013-12-16 19:01 - 00000000 ____D C:\Users\Jinxdory\Desktop\Virus Stuff2013-12-16 17:39 - 2013-12-16 17:39 - 05358016 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 03395656 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 03286016 _____ (Broadcom Corporation) C:\windows\system32\Drivers\evbda.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01913192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01659760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01524816 _____ (QLogic Corporation) C:\windows\system32\Drivers\ql2300.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01480776 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01225832 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8192se.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00982912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00791608 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3xhc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00785512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00652784 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorA.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00651264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00626792 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl819xp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00530496 _____ (Emulex) C:\windows\system32\Drivers\elxstor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00498688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00491088 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\adp94xx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00469744 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00468480 _____ (Broadcom Corporation) C:\windows\system32\Drivers\bxvbda.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00450048 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8187B.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00442368 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8187Se.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00426496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spsys.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00410112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00376688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00366976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00363392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00358456 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hub.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00350208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00342528 _____ (Intel® Corporation) C:\windows\system32\Drivers\IntcDAud.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00339536 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\adpahci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00334208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00327240 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUVStor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00318976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00296320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00289664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fltMgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00288088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00286720 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrSerId.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00284736 _____ (LSI Corporation, Inc.) C:\windows\system32\Drivers\MegaSR.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00273792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00270848 _____ (Broadcom Corporation) C:\windows\system32\Drivers\b57nd60a.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00265088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00220752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pcmcia.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00215936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00213888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdyboost.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00195072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00194128 _____ (AMD Technologies Inc.) C:\windows\system32\Drivers\amdsbs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00189824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00184960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00184704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00182864 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\adpu320.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00179072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00171392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scsiport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00168448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\windows\system32\Drivers\vsmraid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00158208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00155520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00155008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00154480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdrom.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00140672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msdsm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pacer.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00128592 _____ (QLogic Corporation) C:\windows\system32\Drivers\ql40xx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00128200 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C62x64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00125440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00122960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NV_AGP.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\irda.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipnat.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00115776 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_scsi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00114752 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_fc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00113152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\luafv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00106560 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_sas.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00103808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sbp2port.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxg.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00097856 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\arcsas.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\parport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00095600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00094592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00094208 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\serial.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\smb.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspppoe.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00087632 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\arc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rassstp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipfltdrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00080464 _____ (Silicon Integrated Systems) C:\windows\system32\Drivers\sisraid4.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00078720 _____ (Hewlett-Packard Company) C:\windows\system32\Drivers\HpSAMD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rspndr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00073280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00072832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ohci1394.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthmodem.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00071552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00070224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fileinfo.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00068864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00065600 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_sas2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00065088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\GAGP30KX.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00064592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ULIAGPKX.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00064080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UAGP35.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00063360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\termdd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00062784 _____ (Intel Corporation) C:\windows\system32\Drivers\HECIx64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00061008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AGP440.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\lltdio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mup.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndisuio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00055376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fsdepends.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00055128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpfve.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00051264 _____ (IBM Corporation) C:\windows\system32\Drivers\nfrd960.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00050768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pcw.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00050768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00049216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00048720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pciidex.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umbus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00047104 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrSerWdm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\qwavedrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidir.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\circlass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\blbdrive.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbios.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\windows\system32\Drivers\iirsp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\windows\system32\Drivers\sisraid2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\watchdog.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\modem.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\discache.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00039504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CompositeBus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00038096 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\PGEffect.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00036432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vdrvroot.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00035392 _____ (LSI Corporation) C:\windows\system32\Drivers\megasas.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiscap.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\filetrace.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00033856 _____ (LogMeIn, Inc.) C:\windows\system32\Drivers\hamachi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBCAMD2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032496 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\Smb_driver_Intel.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mssmbios.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbrpm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\windows\system32\Drivers\hcw85cir.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msahci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\terminpt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scfilter.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fdc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vgapnp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vga.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tape.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00028736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Dumpata.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00028656 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorF.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00028240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\battc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027784 _____ (TOSHIBA Corporation.) C:\windows\system32\Drivers\tdcmdpst.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wacompen.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026840 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\TVALZ_O.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbatt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024656 _____ (Promise Technology) C:\windows\system32\Drivers\stexstor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifibus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nsiproxy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\flpydisk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crcdisk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\atapi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpbus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\serenum.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fs_rec.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WSDPrint.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\asyncmac.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\windows\system32\Drivers\secdrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00022096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wimmount.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mcd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00021584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\compbatt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ws2ifsl.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00021056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\smclib.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksthunk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\isapnp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020024 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hcs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00019008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spldr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00018432 _____ (Brother Industries, Ltd.) C:\windows\system32\Drivers\BrFiltLo.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\irenum.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CmBatt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017488 _____ (VIA Technologies, Inc.) C:\windows\system32\Drivers\viaide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017488 _____ (CMD Technology, Inc.) C:\windows\system32\Drivers\cmdide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sfloppy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxapi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wmilib.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdpipe.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015440 _____ (Acer Laboratories Inc.) C:\windows\system32\Drivers\aliide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msisadrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\MTConfig.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014976 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrUsbMdm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasacd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hwpolicy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014720 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrUsbSer.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wmiacpi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_sd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffdisk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_mmc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwf.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpipmi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\swenum.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pciide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\serscan.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rootmdm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00011136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mskssrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umpass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\errdev.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00009216 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\FwLnk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008704 _____ (Brother Industries, Ltd.) C:\windows\system32\Drivers\BrFiltUp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RDPREFMP.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mshidkmdf.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mstee.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RDPENCDD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RDPCDD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mspclock.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00006784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mspqm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\beep.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\null.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys.bak2013-12-16 17:38 - 2013-12-16 17:39 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394ohci.sys.bak2013-12-16 17:38 - 2013-12-16 17:38 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394bus.sys.bak2013-12-16 11:15 - 2013-12-16 11:15 - 00000000 ____D C:\Users\Jinxdory\Documents\Processing2013-12-16 11:15 - 2013-12-16 11:15 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Processing2013-12-16 11:13 - 2013-12-16 11:13 - 00000000 ____D C:\Users\Jinxdory\Desktop\processing-2.1-windows322013-12-14 06:30 - 2013-12-14 06:36 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Little Inferno2013-12-10 21:13 - 2013-12-10 21:13 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\Daedalic Entertainment2013-12-10 21:10 - 2013-12-10 21:11 - 00000000 ____D C:\ProgramData\Package Cache2013-12-10 18:59 - 2013-12-16 18:37 - 00000000 ____D C:\AdwCleaner2013-12-09 15:37 - 2013-12-09 15:37 - 00000222 _____ C:\Users\Jinxdory\Desktop\Papers, Please.url2013-12-07 10:38 - 2013-12-07 10:38 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\39092013-12-05 16:13 - 2013-12-05 16:13 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi2013-12-03 20:33 - 2013-12-03 20:33 - 00001001 _____ C:\Users\Public\Desktop\Pivot Animator.lnk2013-12-03 15:39 - 2013-12-09 21:47 - 00000580 _____ C:\Users\Jinxdory\daemonprocess.txt2013-12-03 15:39 - 2013-12-09 20:54 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\Mobogenie2013-12-03 15:39 - 2013-12-03 19:31 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\cache2013-12-03 15:39 - 2013-12-03 15:39 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie2013-12-03 15:39 - 2013-12-03 15:39 - 00000000 ____D C:\Users\wangzhisong2013-12-03 15:39 - 2013-12-03 15:39 - 00000000 ____D C:\Users\Jinxdory\Documents\Mobogenie2013-12-03 15:38 - 2013-12-09 21:48 - 00000000 ____D C:\Program Files (x86)\Mobogenie2013-12-03 15:38 - 2013-12-04 15:38 - 00000258 __RSH C:\Users\Jinxdory\ntuser.pol2013-12-03 15:38 - 2013-12-03 15:38 - 00000000 ____D C:\ProgramData\Pivot Animator2013-12-03 15:37 - 2013-12-03 20:33 - 00000000 ____D C:\Program Files (x86)\Pivot Animator2013-11-27 13:03 - 2013-11-27 13:37 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Awesomium==================== One Month Modified Files and Folders =======2013-12-16 19:01 - 2013-12-16 19:01 - 00011517 _____ C:\Users\Jinxdory\Desktop\FRST.txt2013-12-16 19:01 - 2013-12-16 19:01 - 00000000 ____D C:\FRST2013-12-16 19:01 - 2013-12-16 17:43 - 00000000 ____D C:\Users\Jinxdory\Desktop\Virus Stuff2013-12-16 18:46 - 2009-07-13 23:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-12-16 18:46 - 2009-07-13 23:45 - 00024400 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-12-16 18:44 - 2013-10-06 20:17 - 00000902 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2013-12-16 18:42 - 2013-09-14 15:11 - 00120600 _____ C:\windows\WindowsUpdate.log2013-12-16 18:39 - 2013-10-06 21:02 - 00000000 ____D C:\Program Files (x86)\Steam2013-12-16 18:38 - 2013-10-26 12:13 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\LogMeIn Hamachi2013-12-16 18:38 - 2013-10-06 20:17 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2013-12-16 18:38 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT2013-12-16 18:38 - 2009-07-13 23:51 - 00033973 _____ C:\windows\setupact.log2013-12-16 18:37 - 2013-12-10 18:59 - 00000000 ____D C:\AdwCleaner2013-12-16 17:39 - 2013-12-16 17:39 - 05358016 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 03395656 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 03286016 _____ (Broadcom Corporation) C:\windows\system32\Drivers\evbda.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01913192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01659760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01524816 _____ (QLogic Corporation) C:\windows\system32\Drivers\ql2300.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01480776 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 01225832 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8192se.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00982912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00950128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00791608 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3xhc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00785512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00652784 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorA.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00651264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00626792 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl819xp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00530496 _____ (Emulex) C:\windows\system32\Drivers\elxstor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00498688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00491088 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\adp94xx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00469744 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00468480 _____ (Broadcom Corporation) C:\windows\system32\Drivers\bxvbda.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00450048 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8187B.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00442368 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtl8187Se.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00426496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spsys.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00410496 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorV.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00410112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00376688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00366976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00363392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00358456 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hub.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00350208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00342528 _____ (Intel® Corporation) C:\windows\system32\Drivers\IntcDAud.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00339536 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\adpahci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00334208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00327240 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUVStor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00318976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00296320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00289664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fltMgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00288768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00288088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00286720 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrSerId.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00284736 _____ (LSI Corporation, Inc.) C:\windows\system32\Drivers\MegaSR.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00273792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00270848 _____ (Broadcom Corporation) C:\windows\system32\Drivers\b57nd60a.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00265088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00220752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pcmcia.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00215936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00213888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdyboost.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00195072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00194128 _____ (AMD Technologies Inc.) C:\windows\system32\Drivers\amdsbs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00189824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00184960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00184704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00182864 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\adpu320.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00179072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00171392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scsiport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00168448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00166272 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvstor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\windows\system32\Drivers\vsmraid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00158208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00155520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00155008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00154480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00148352 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvraid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdrom.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00140672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msdsm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pacer.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00128592 _____ (QLogic Corporation) C:\windows\system32\Drivers\ql40xx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00128200 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C62x64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00125440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00122960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\NV_AGP.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\irda.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipnat.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00115776 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_scsi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00114752 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_fc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00113152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\luafv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00107904 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdsata.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00106560 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_sas.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00105472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00103808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sbp2port.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbth.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxg.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00097856 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\arcsas.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\parport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00095600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00094592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00094208 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\serial.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\smb.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspppoe.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00087632 _____ (Adaptec, Inc.) C:\windows\system32\Drivers\arc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rassstp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipfltdrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00080464 _____ (Silicon Integrated Systems) C:\windows\system32\Drivers\sisraid4.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00078720 _____ (Hewlett-Packard Company) C:\windows\system32\Drivers\HpSAMD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rspndr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00073280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00072832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ohci1394.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthmodem.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00071552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00070224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fileinfo.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00068864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00065600 _____ (LSI Corporation) C:\windows\system32\Drivers\lsi_sas2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00065088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\GAGP30KX.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00064592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ULIAGPKX.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00064080 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UAGP35.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00063360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\termdd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00062784 _____ (Intel Corporation) C:\windows\system32\Drivers\HECIx64.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00061008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\AGP440.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\lltdio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mup.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndisuio.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00055376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fsdepends.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00055128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpfve.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00051264 _____ (IBM Corporation) C:\windows\system32\Drivers\nfrd960.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00050768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pcw.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00050768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00049216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00048720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pciidex.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umbus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00047104 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrSerWdm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\qwavedrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidir.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\circlass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\blbdrive.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbios.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\windows\system32\Drivers\iirsp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\windows\system32\Drivers\sisraid2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\watchdog.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\modem.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\discache.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00039504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CompositeBus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00038096 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\PGEffect.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00036432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vdrvroot.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00035392 _____ (LSI Corporation) C:\windows\system32\Drivers\megasas.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiscap.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\filetrace.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00033856 _____ (LogMeIn, Inc.) C:\windows\system32\Drivers\hamachi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBCAMD2.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032496 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\Smb_driver_Intel.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00032320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mssmbios.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbrpm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\windows\system32\Drivers\hcw85cir.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00031104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msahci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbGD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\monitor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\terminpt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scfilter.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fdc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vgapnp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vga.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tape.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00028736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Dumpata.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00028656 _____ (Intel Corporation) C:\windows\system32\Drivers\iaStorF.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00028240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\battc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027784 _____ (TOSHIBA Corporation.) C:\windows\system32\Drivers\tdcmdpst.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wacompen.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00027008 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdxata.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026840 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\TVALZ_O.SYS.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidbatt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbprint.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024656 _____ (Promise Technology) C:\windows\system32\Drivers\stexstor.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifibus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nsiproxy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\flpydisk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crcdisk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\atapi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpbus.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\serenum.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fs_rec.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WSDPrint.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\asyncmac.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\windows\system32\Drivers\secdrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00022096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wimmount.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mcd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00021584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\compbatt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ws2ifsl.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00021056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\smclib.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksthunk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\isapnp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00020024 _____ (Intel Corporation) C:\windows\system32\Drivers\iusb3hcs.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpvideominiport.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00019008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spldr.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00018432 _____ (Brother Industries, Ltd.) C:\windows\system32\Drivers\BrFiltLo.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\irenum.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CmBatt.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017488 _____ (VIA Technologies, Inc.) C:\windows\system32\Drivers\viaide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00017488 _____ (CMD Technology, Inc.) C:\windows\system32\Drivers\cmdide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sfloppy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxapi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00016464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wmilib.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdpipe.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015440 _____ (Acer Laboratories Inc.) C:\windows\system32\Drivers\aliide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msisadrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\MTConfig.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014976 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrUsbMdm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasacd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hwpolicy.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014720 _____ (Brother Industries Ltd.) C:\windows\system32\Drivers\BrUsbSer.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wmiacpi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_sd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffdisk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_mmc.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwf.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpipmi.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\swenum.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pciide.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\serscan.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rootmdm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00011136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mskssrv.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umpass.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\errdev.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00009216 _____ (TOSHIBA Corporation) C:\windows\system32\Drivers\FwLnk.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008704 _____ (Brother Industries, Ltd.) C:\windows\system32\Drivers\BrFiltUp.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RDPREFMP.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mshidkmdf.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00008064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mstee.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RDPENCDD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RDPCDD.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mspclock.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00006784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mspqm.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\beep.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\null.sys.bak2013-12-16 17:39 - 2013-12-16 17:39 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys.bak2013-12-16 17:39 - 2013-12-16 17:38 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394ohci.sys.bak2013-12-16 17:38 - 2013-12-16 17:38 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394bus.sys.bak2013-12-16 11:15 - 2013-12-16 11:15 - 00000000 ____D C:\Users\Jinxdory\Documents\Processing2013-12-16 11:15 - 2013-12-16 11:15 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Processing2013-12-16 11:13 - 2013-12-16 11:13 - 00000000 ____D C:\Users\Jinxdory\Desktop\processing-2.1-windows322013-12-14 06:36 - 2013-12-14 06:30 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Little Inferno2013-12-13 17:46 - 2009-07-14 00:13 - 00781298 _____ C:\windows\system32\PerfStringBackup.INI2013-12-10 21:13 - 2013-12-10 21:13 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\Daedalic Entertainment2013-12-10 21:11 - 2013-12-10 21:10 - 00000000 ____D C:\ProgramData\Package Cache2013-12-10 21:09 - 2013-10-13 12:02 - 00000000 ____D C:\Program Files (x86)\Java2013-12-10 19:03 - 2010-11-20 22:47 - 00940960 _____ C:\windows\PFRO.log2013-12-09 21:48 - 2013-12-03 15:38 - 00000000 ____D C:\Program Files (x86)\Mobogenie2013-12-09 21:47 - 2013-12-03 15:39 - 00000580 _____ C:\Users\Jinxdory\daemonprocess.txt2013-12-09 20:54 - 2013-12-03 15:39 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\Mobogenie2013-12-09 20:30 - 2013-10-06 21:16 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Skype2013-12-09 16:56 - 2013-10-13 12:04 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\.minecraft2013-12-09 15:37 - 2013-12-09 15:37 - 00000222 _____ C:\Users\Jinxdory\Desktop\Papers, Please.url2013-12-07 10:38 - 2013-12-07 10:38 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\39092013-12-05 16:13 - 2013-12-05 16:13 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi2013-12-05 16:13 - 2013-11-09 14:28 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys2013-12-04 15:38 - 2013-12-03 15:38 - 00000258 __RSH C:\Users\Jinxdory\ntuser.pol2013-12-04 15:38 - 2013-10-06 18:15 - 00000000 ____D C:\Users\Jinxdory2013-12-03 21:40 - 2013-10-06 18:18 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\VirtualStore2013-12-03 20:33 - 2013-12-03 20:33 - 00001001 _____ C:\Users\Public\Desktop\Pivot Animator.lnk2013-12-03 20:33 - 2013-12-03 15:37 - 00000000 ____D C:\Program Files (x86)\Pivot Animator2013-12-03 19:31 - 2013-12-03 15:39 - 00000000 ____D C:\Users\Jinxdory\AppData\Local\cache2013-12-03 15:39 - 2013-12-03 15:39 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie2013-12-03 15:39 - 2013-12-03 15:39 - 00000000 ____D C:\Users\wangzhisong2013-12-03 15:39 - 2013-12-03 15:39 - 00000000 ____D C:\Users\Jinxdory\Documents\Mobogenie2013-12-03 15:38 - 2013-12-03 15:38 - 00000000 ____D C:\ProgramData\Pivot Animator2013-12-03 15:38 - 2009-07-13 22:20 - 00000000 ___HD C:\windows\system32\GroupPolicy2013-12-03 15:38 - 2009-07-13 22:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy2013-12-01 09:39 - 2013-10-06 20:17 - 00003898 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-12-01 09:39 - 2013-10-06 20:17 - 00003646 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-11-28 09:36 - 2013-10-30 21:07 - 00000000 ____D C:\Users\Jinxdory\Documents\SavedGames2013-11-27 13:37 - 2013-11-27 13:03 - 00000000 ____D C:\Users\Jinxdory\AppData\Roaming\Awesomium2013-11-27 13:13 - 2013-10-07 14:35 - 00403703 _____ C:\windows\DirectX.log2013-11-25 20:13 - 2013-11-09 14:28 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sysSome content of TEMP:====================C:\Users\Jinxdory\AppData\Local\Temp\avgnt.exeC:\Users\Jinxdory\AppData\Local\Temp\ntdll_dump.dllC:\Users\Jinxdory\AppData\Local\Temp\Quarantine.exe==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2013-12-09 22:32==================== End Of Log ============================ Link to post Share on other sites More sharing options...
MrCharlie Posted December 17, 2013 ID:765278 Share Posted December 17, 2013 Download the attached fixlist.txt to the same folder as FRST.Run FRST.exe and click Fix only once and waitThe tool will create a log (Fixlog.txt) in the folder, please post it to your reply.Then......You have to manually set the default searchprovider for Chrome: CHR DefaultSearchProvider: "name": "Mysearchdial"https://support.google.com/chrome/answer/95426?hl=en-GBLet me know...MrC Link to post Share on other sites More sharing options...
VirusME Posted December 17, 2013 Author ID:765284 Share Posted December 17, 2013 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-12-2013 02Ran by Jinxdory at 2013-12-16 19:31:21 Run:1Running from C:\Users\Jinxdory\Desktop\FRSTBoot Mode: Normal==============================================Content of fixlist:*****************http://start.mysearc...ults.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0CyBzz0EtC0C0CzzyB0DtN0D0Tzu0SyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1385915399&ir=SearchScopes: HKLM - {0E88976F-86B4-4AE9-8036-58312BB30A59} URL = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0CyBzz0EtC0C0CzzyB0DtN0D0Tzu0SyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1385915399&ir=SearchScopes: HKCU - {0E88976F-86B4-4AE9-8036-58312BB30A59} URL = http://start.mysearc...ults.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzy0CyBzz0EtC0C0CzzyB0DtN0D0Tzu0SyBtDtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1385915399&ir=*****************HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0E88976F-86B4-4AE9-8036-58312BB30A59} => Key deleted successfully.HKCR\CLSID\{0E88976F-86B4-4AE9-8036-58312BB30A59} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0E88976F-86B4-4AE9-8036-58312BB30A59} => Key deleted successfully.HKCR\CLSID\{0E88976F-86B4-4AE9-8036-58312BB30A59} => Key not found.==== End of Fixlog ==== Link to post Share on other sites More sharing options...
VirusME Posted December 17, 2013 Author ID:765290 Share Posted December 17, 2013 I did all of that thank you very much if there are any problems in the next couple days i will let you know. Link to post Share on other sites More sharing options...
MrCharlie Posted December 17, 2013 ID:765297 Share Posted December 17, 2013 OK...MrC Link to post Share on other sites More sharing options...
MrCharlie Posted December 20, 2013 ID:766626 Share Posted December 20, 2013 How are we doing?? Do you still need help or can I close this post?? MrC Link to post Share on other sites More sharing options...
LDTate Posted December 21, 2013 ID:767240 Share Posted December 21, 2013 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts