Jump to content

Yahoo Spigot Infection


ichiban
 Share

Recommended Posts

Hi, my chrome and IE homepage and search engine keeps changing to http://sg.search.yahoo.com/?type=714647&fr=spigot-yhp-ie

 

DDS.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16736  BrowserJavaVersion: 10.45.2
Run by ivan at 16:49:22 on 2013-12-17
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.65.1033.18.4072.2247 [GMT 8:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\Garena Plus\ggdllhost.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
uRun: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
StartupFolder: C:\Users\ivan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech Gaming Software\EReg\eReg.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{928EFBE3-A343-49BE-89FE-3A92AED505A8} : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-6-27 283200]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-10-30 878368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-10-8 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-8 344064]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-10-30 2151744]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-16 701512]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-10-13 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-16 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-10-13 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 andnetadb;ADB Interface DriverNet;C:\Windows\System32\drivers\lgandnetadb.sys [2012-7-3 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\Windows\System32\drivers\lgandnetdiag64.sys [2012-7-3 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\Windows\System32\drivers\lgandnetmodem64.sys [2012-7-3 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgandnetndis64.sys [2012-7-4 93184]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-10-3 66360]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-7-5 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-7-5 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-5 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== Created Last 30 ================
.
2013-12-17 02:47:49 -------- d-----w- C:\Users\ivan\AppData\Local\CrashDumps
2013-12-16 16:41:59 7680 ----a-w- C:\Windows\System32\drivers\RDPCDD.sys.bak
2013-12-16 15:52:29 -------- d-----w- C:\Windows\ERUNT
2013-12-16 15:38:49 -------- d-----w- C:\AdwCleaner
2013-12-16 15:36:52 -------- d-----w- C:\Users\ivan\AppData\Roaming\Malwarebytes
2013-12-16 15:36:45 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-16 15:36:44 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-16 15:36:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-14 16:49:40 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-12-14 15:55:32 -------- d-----w- C:\Windows\Migration
2013-12-06 11:04:33 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-11-30 06:24:25 -------- d-----w- C:\Users\ivan\AppData\Local\Blizzard
2013-11-30 03:44:34 -------- d-----w- C:\Program Files (x86)\Hearthstone
2013-11-30 03:42:33 -------- d-----w- C:\Users\ivan\AppData\Local\Blizzard Entertainment
2013-11-30 03:42:27 -------- d-----w- C:\Users\ivan\AppData\Roaming\Battle.net
2013-11-30 03:42:27 -------- d-----w- C:\Users\ivan\AppData\Local\Battle.net
2013-11-30 03:42:13 -------- d-----w- C:\Program Files (x86)\Battle.net
.
==================== Find3M  ====================
.
2013-12-14 16:58:01 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-12-14 08:26:04 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-14 08:26:04 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-23 16:04:34 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-11-15 15:14:12 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-15 15:14:12 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-11-15 15:14:12 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-15 15:14:12 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-15 15:14:07 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-15 15:14:06 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-15 15:14:05 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-11-15 15:14:05 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-15 15:13:59 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-11-15 15:13:59 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-11-15 15:13:52 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-15 15:13:52 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-11-15 15:11:05 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-11-15 15:11:04 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-15 15:11:04 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-11-15 15:11:03 197120 ----a-w- C:\Windows\System32\credui.dll
2013-11-15 15:11:03 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-11-15 15:11:03 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-15 15:09:25 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-15 15:09:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-11-15 15:07:49 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-15 15:07:49 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-15 15:07:49 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-11-15 15:07:49 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-15 15:07:49 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-11-15 15:07:34 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-15 15:07:34 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-15 15:07:34 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-15 15:07:34 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-15 15:07:34 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-15 15:07:34 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-15 15:07:34 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-09 06:32:30 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-11-05 13:55:48 150808 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-11-04 13:52:42 240920 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-10-31 15:00:18 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-10-31 14:49:46 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-10-24 14:25:58 194872 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-10-08 14:01:06 142792 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-10-08 14:01:06 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-10-08 14:01:04 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-10-08 14:01:04 114488 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-10-08 14:01:02 1237200 ----a-w- C:\Windows\System32\aticfx64.dll
2013-10-08 14:01:00 1030128 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-10-08 14:00:56 9464840 ----a-w- C:\Windows\System32\atidxx64.dll
2013-10-08 14:00:52 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-10-08 14:00:46 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-10-08 14:00:42 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-10-08 14:00:36 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-10-08 14:00:32 7256496 ----a-w- C:\Windows\System32\atiumd64.dll
2013-10-08 13:58:42 12534784 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-10-08 13:39:22 229376 ----a-w- C:\Windows\System32\clinfo.exe
2013-10-08 13:39:06 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-10-08 13:38:58 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-10-08 13:38:58 127488 ----a-w- C:\Windows\System32\coinst_13.152.1.8.dll
2013-10-08 13:38:52 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-10-08 13:38:48 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-10-08 13:38:30 28192256 ----a-w- C:\Windows\System32\amdocl64.dll
2013-10-08 13:36:22 23761408 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-10-08 13:34:34 63488 ----a-w- C:\Windows\System32\OpenCL.dll
2013-10-08 13:34:28 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-10-08 13:17:50 25385984 ----a-w- C:\Windows\System32\atio6axx.dll
2013-10-08 13:13:44 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-10-08 13:13:34 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-10-08 13:13:32 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-10-08 13:13:26 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-10-08 13:13:24 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-10-08 13:13:08 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-10-08 13:09:52 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-10-08 13:00:30 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-10-08 12:54:10 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-10-08 12:53:58 26112 ----a-w- C:\Windows\System32\atimuixx.dll
2013-10-08 12:53:50 576512 ----a-w- C:\Windows\System32\atieclxx.exe
2013-10-08 12:52:58 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-10-08 12:51:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2013-10-08 12:28:36 784384 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-10-08 12:28:26 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-10-08 12:28:12 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-10-08 12:28:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-10-08 12:28:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-10-08 12:28:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll
2013-10-08 12:27:56 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-10-08 12:27:46 619008 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2013-10-08 12:24:54 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2013-10-08 05:45:08 291328 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-10-08 01:50:12 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2013-10-08 01:45:08 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2013-10-07 23:51:05 873384 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-10-07 23:51:00 796072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-10-07 23:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-30 16:52:08 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 16:53:17.38 ===============

 

I've uninstalled utorrent after the scan because it was the last thing I read
 

Link to post
Share on other sites

Attach.txt

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 13/10/2012 1:58:44 PM
System Uptime: 17/12/2013 4:45:30 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | F1A75-M PRO
Processor: AMD A6-3500 APU with Radeon HD Graphics | FM1  | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 59.554 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is FIXED (FAT32) - 466 GiB total, 167.907 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1022&DEV_7812&SUBSYS_84C71043&REV_03\3&267A616A&0&80
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1022&DEV_7812&SUBSYS_84C71043&REV_03\3&267A616A&0&80
Service:
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1022&DEV_7812&SUBSYS_84C71043&REV_03\3&267A616A&0&81
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1022&DEV_7812&SUBSYS_84C71043&REV_03\3&267A616A&0&81
Service:
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&39937546&0&00AA
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_84881043&REV_00\4&39937546&0&00AA
Service:
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_1022&DEV_780B&SUBSYS_84C71043&REV_13\3&267A616A&0&A0
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_1022&DEV_780B&SUBSYS_84C71043&REV_13\3&267A616A&0&A0
Service:
.
==== System Restore Points ===================
.
RP117: 14/12/2013 10:31:15 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
RP118: 14/12/2013 11:32:04 PM - Removed Microsoft Games for Windows - LIVE Redistributable
RP119: 14/12/2013 11:46:38 PM - Windows Update
RP120: 15/12/2013 12:38:24 AM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
RP121: 15/12/2013 12:41:01 AM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
RP122: 15/12/2013 1:49:03 PM - Installed DirectX
RP123: 16/12/2013 1:29:25 PM - Removed Microsoft Silverlight 3 SDK
RP124: 16/12/2013 1:35:57 PM - Removed Microsoft Visual Studio Macro Tools
RP125: 16/12/2013 1:38:50 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
RP126: 16/12/2013 1:42:24 PM - Removed Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
RP127: 16/12/2013 1:43:54 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
RP128: 16/12/2013 1:44:12 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
RP129: 16/12/2013 1:44:41 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
RP130: 16/12/2013 1:47:47 PM - Removed Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
RP131: 16/12/2013 1:49:15 PM - Removed Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
RP132: 17/12/2013 12:10:29 AM - Installed Microsoft Fix it 50195
RP133: 17/12/2013 12:32:33 AM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20 (x64 edition)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Advanced SystemCare 7
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD Wireless Display v3.0
AVG 2014
Battle.net
Battlefield 3™
Battlefield 4™
Battlelog Web Plugins
Borderlands 2
Call of Duty: Black Ops II - Multiplayer
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Counter-Strike: Global Offensive
CPUID CPU-Z 1.66
Crystal Reports for Visual Studio
D3DX10
DAEMON Tools Lite
Dead Rising 2: OTR
Dead Space 2
DiRT 3
Dishonored
Dota 2
Dotfuscator Software Services - Community Edition
DriverMax 7
ESN Sonar
Far Cry 3
Garena - League of Legends
Grand Theft Auto IV
GSplit 3
Guild Wars 2
Hearthstone
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
IObit Uninstaller
Java 7 Update 45
Java Auto Updater
Left 4 Dead 2
LG PC Suite
LG United Mobile Drivers
Logitech Gaming Software
Logitech Gaming Software 8.40
LogMeIn Hamachi
Malwarebytes Anti-Malware version 1.75.0.1300
Medal of Honor™ Warfighter
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Games for Windows Marketplace
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft XNA Framework Redistributable 4.0
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Need for Speed Most Wanted
Need for Speed™ Undercover
Neverwinter
Nexus Mod Manager
NVIDIA PhysX
OpenAL
OpenOffice.org 3.4.1
Origin
osu!
Path of Exile
Photo Common
Photo Gallery
PunkBuster Services
Rapture3D 2.4.8 Game
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2251489)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2644980)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Skype™ 6.6
Sql Server Customer Experience Improvement Program
StarCraft II
Steam
Surfing Protection
Team Fortress 2
TeamSpeak 3 Client
TERA
The Bureau - XCOM Declassified
The Elder Scrolls V: Skyrim
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Web Deployment Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
17/12/2013 4:24:45 PM, Error: Service Control Manager [7043]  - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================
 

Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

RogueKiller V8.7.12 _x64_ [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : ivan [Admin rights]
Mode : Scan -- Date : 12/17/2013 23:14:35
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5002AALX-00J37A0 ATA Device +++++
--- User ---
[MBR] cea3ebbd81b822a64d048c2fe09f8571
[bSP] 5d38c6daa9b1375de4871469bc9685c9 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Toshiba External USB HDD USB Device +++++
--- User ---
[MBR] 3e72b09eb84508e79773d683ec87e176
[bSP] 3aeb32ad7d9d93aa331d21a65a52a4ee : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 2048 | Size: 476936 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

Finished : << RKreport[0]_S_12172013_231435.txt >>
RKreport[0]_S_12172013_004226.txt

Link to post
Share on other sites

Try this:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Forgot to mention before I posted this topic I uninstalled chrome

This scan was awhile back(before topic was created) because the new scan didn't pick up anything

 

# AdwCleaner v3.015 - Report created 16/12/2013 at 23:41:18
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : ivan - IVAN-PC
# Running from : C:\Users\ivan\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\ivan\AppData\Roaming\Search Protection
File Deleted : C:\Users\ivan\AppData\Local\Temp\Uninstall.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKCU\Software\AVG Nation toolbar
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\AVG Nation toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2340 octets] - [16/12/2013 23:38:51]
AdwCleaner[s0].txt - [2114 octets] - [16/12/2013 23:41:18]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2174 octets] ##########

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2013 01
Ran by ivan (administrator) on IVAN-PC on 18-12-2013 01:06:44
Running from C:\Users\ivan\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-12] (Valve Corporation)
HKCU\...\Run: [GarenaPlus] - C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [9890608 2013-12-13] ()
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2283296 2013-10-28] (IObit)
HKCU\...\Run: [DriverMax_RESTART] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [7328632 2013-10-28] (Innovative Solutions)
MountPoints2: E - E:\setup.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
Startup: C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-sg
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg.search.yahoo.com/?type=714647&fr=spigot-yhp-ie
SearchScopes: HKCU - DefaultScope {D5CCDBD9-E9F6-483C-8430-1BF9B0858832} URL = http://sg.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {D5CCDBD9-E9F6-483C-8430-1BF9B0858832} URL = http://sg.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-14] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-11-09] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 1394hub; C:\Windows\SysWow64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-27] (DT Soft Ltd)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-18 01:06 - 2013-12-18 01:07 - 00009136 _____ C:\Users\ivan\Downloads\FRST.txt
2013-12-18 01:06 - 2013-12-18 01:06 - 01928078 _____ (Farbar) C:\Users\ivan\Downloads\FRST64.exe
2013-12-18 01:06 - 2013-12-18 01:06 - 00000000 ____D C:\FRST
2013-12-17 23:14 - 2013-12-17 23:14 - 00002383 _____ C:\Users\ivan\Desktop\RKreport[0]_S_12172013_231435.txt
2013-12-17 23:10 - 2013-12-17 23:11 - 04159488 _____ C:\Users\ivan\Downloads\RogueKillerX64.exe
2013-12-17 16:53 - 2013-12-17 16:53 - 00019262 _____ C:\Users\ivan\Desktop\dds.txt
2013-12-17 16:53 - 2013-12-17 16:53 - 00010394 _____ C:\Users\ivan\Desktop\attach.txt
2013-12-17 16:42 - 2013-12-17 16:42 - 00688992 ____R (Swearware) C:\Users\ivan\Downloads\dds.com
2013-12-17 16:32 - 2013-12-17 16:32 - 00000000 ____D C:\Users\ivan\Downloads\Windows7Ultimate
2013-12-17 10:47 - 2013-12-17 10:47 - 00000000 ____D C:\Users\ivan\AppData\Local\CrashDumps
2013-12-17 00:42 - 2013-12-17 23:14 - 04028520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00539240 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0104.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00311656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0103.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0102.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00311144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0105.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00307560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0101.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00303464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0100.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00199552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00052096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00046464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00034688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-17 00:42 - 2013-12-17 23:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys.bak
2013-12-17 00:42 - 2013-12-17 00:42 - 00001953 _____ C:\Users\ivan\Desktop\RKreport[0]_S_12172013_004226.txt
2013-12-17 00:41 - 2013-12-17 23:14 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00093184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetndis64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00066360 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGSHidFilt.Sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00034816 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00028160 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00022408 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00016008 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-17 00:41 - 2013-12-17 23:14 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 12534784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00619008 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00251192 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00194872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00033856 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-17 00:41 - 2013-12-17 23:13 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-17 00:36 - 2013-12-17 23:14 - 00000000 ____D C:\Users\ivan\Desktop\RK_Quarantine
2013-12-17 00:31 - 2013-12-17 00:31 - 00000651 _____ C:\Users\ivan\Desktop\JRT.txt
2013-12-17 00:10 - 2013-12-17 00:10 - 00659968 _____ C:\Users\ivan\Downloads\MicrosoftFixit50195.msi
2013-12-17 00:05 - 2013-12-17 00:05 - 01034531 _____ (Thisisu) C:\Users\ivan\Downloads\JRT (1).exe
2013-12-16 23:52 - 2013-12-16 23:52 - 01034531 _____ (Thisisu) C:\Users\ivan\Downloads\JRT.exe
2013-12-16 23:52 - 2013-12-16 23:52 - 00000000 ____D C:\Windows\ERUNT
2013-12-16 23:38 - 2013-12-17 23:41 - 00000000 ____D C:\AdwCleaner
2013-12-16 23:38 - 2013-12-16 23:38 - 01226750 _____ C:\Users\ivan\Desktop\adwcleaner.exe
2013-12-16 23:36 - 2013-12-16 23:36 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\ivan\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-16 23:36 - 2013-12-16 23:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-16 23:36 - 2013-12-16 23:36 - 00000000 ____D C:\Users\ivan\AppData\Roaming\Malwarebytes
2013-12-16 23:36 - 2013-12-16 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 23:36 - 2013-12-16 23:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 23:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-15 13:50 - 2013-12-15 13:51 - 00017475 _____ C:\Windows\DirectX.log
2013-12-15 01:53 - 2013-12-15 01:53 - 00001348 _____ C:\Users\ivan\Desktop\Terraria - Shortcut.lnk
2013-12-15 00:49 - 2013-12-15 00:49 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201312150049146805.log
2013-12-15 00:49 - 2013-12-15 00:49 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 00:49 - 2013-12-15 00:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-12-14 23:47 - 2013-12-14 23:48 - 00004115 _____ C:\Windows\IE11_main.log
2013-12-14 23:31 - 2013-12-14 23:31 - 00001237 _____ C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-12-14 23:31 - 2013-12-14 23:31 - 00001213 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2013-12-14 22:48 - 2013-12-14 22:48 - 10330944 _____ (IObit) C:\Users\ivan\Downloads\iobituninstaller3-1.0.exe
2013-12-14 22:45 - 2013-12-14 22:45 - 00001397 _____ C:\Users\ivan\Desktop\starbound - Shortcut.lnk
2013-12-14 22:34 - 2013-12-15 10:06 - 00000000 ____D C:\Users\ivan\Downloads\Starbound
2013-12-12 16:39 - 2013-12-17 16:46 - 00003496 _____ C:\Windows\System32\Tasks\gg_uac_daemon_ivan
2013-12-06 19:04 - 2013-12-06 19:04 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-11-30 14:24 - 2013-11-30 14:24 - 00000000 ____D C:\Users\ivan\AppData\Local\Blizzard
2013-11-30 11:44 - 2013-12-11 17:11 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-11-30 11:44 - 2013-11-30 11:44 - 00001183 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-11-30 11:42 - 2013-12-14 21:35 - 00000000 ____D C:\Users\ivan\AppData\Local\Battle.net
2013-11-30 11:42 - 2013-12-14 19:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-11-30 11:42 - 2013-11-30 11:44 - 00000000 ____D C:\Users\ivan\AppData\Roaming\Battle.net
2013-11-30 11:42 - 2013-11-30 11:42 - 00001146 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 ____D C:\Users\ivan\AppData\Local\Blizzard Entertainment

==================== One Month Modified Files and Folders =======

2013-12-18 01:07 - 2013-12-18 01:06 - 00009136 _____ C:\Users\ivan\Downloads\FRST.txt
2013-12-18 01:06 - 2013-12-18 01:06 - 01928078 _____ (Farbar) C:\Users\ivan\Downloads\FRST64.exe
2013-12-18 01:06 - 2013-12-18 01:06 - 00000000 ____D C:\FRST
2013-12-18 00:25 - 2012-10-13 14:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-17 23:41 - 2013-12-16 23:38 - 00000000 ____D C:\AdwCleaner
2013-12-17 23:14 - 2013-12-17 23:14 - 00002383 _____ C:\Users\ivan\Desktop\RKreport[0]_S_12172013_231435.txt
2013-12-17 23:14 - 2013-12-17 00:42 - 04028520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00539240 _____ (Realtek                                            ) C:\Windows\system32\Drivers\Rt64win7.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0104.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00311656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0103.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0102.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00311144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0105.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00307560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0101.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00303464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RsFx0100.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00199552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00161872 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00080464 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00068864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00064592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00064080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00052096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00046464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00043584 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00036432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00034688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00027776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00024656 _____ (Promise Technology) C:\Windows\system32\Drivers\stexstor.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

Addition.txt

Link to post
Share on other sites

C:\Windows\system32\Drivers\secdrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00022096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00021056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00019008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00017488 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00016464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwf.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00012496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPREFMP.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2013-12-17 23:14 - 2013-12-17 00:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 01524816 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00284736 _____ (LSI Corporation, Inc.) C:\Windows\system32\Drivers\MegaSR.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00220752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00128592 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00122960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00115776 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00114752 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00106560 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00093184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetndis64.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00072832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00066360 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGSHidFilt.Sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00065600 _____ (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas2.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00060496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00051264 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00050768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00049216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00048720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00044112 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00035392 _____ (LSI Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiscap.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00034816 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64modem.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00032320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00028160 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64diag.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00022408 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00020544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00017920 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgx64bus.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00016960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00016008 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00015424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MTConfig.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00012352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00011136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mshidkmdf.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00008064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00006784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2013-12-17 23:14 - 2013-12-17 00:41 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2013-12-17 23:14 - 2013-12-17 00:36 - 00000000 ____D C:\Users\ivan\Desktop\RK_Quarantine
2013-12-17 23:13 - 2013-12-17 00:41 - 12534784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 03286016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\evbda.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00619008 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00530496 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00491088 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00468480 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bxvbda.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00339536 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00286720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00283200 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00270848 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00251192 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00194872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00194128 _____ (AMD Technologies Inc.) C:\Windows\system32\Drivers\amdsbs.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00182864 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00097856 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00087632 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00073280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00065088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00061008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00055376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00055128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00047104 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\blbdrive.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\discache.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00039504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00033856 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00031232 _____ (Hauppauge Computer Works, Inc.) C:\Windows\system32\Drivers\hcw85cir.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00028736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00028240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbatt.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00024144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00024128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00021584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00018432 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00017664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00017488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00015440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00015440 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00014976 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00014720 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00008704 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2013-12-17 23:13 - 2013-12-17 00:41 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2013-12-17 23:12 - 2012-10-19 19:30 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-17 23:11 - 2013-12-17 23:10 - 04159488 _____ C:\Users\ivan\Downloads\RogueKillerX64.exe
2013-12-17 23:11 - 2012-10-13 13:32 - 02057775 _____ C:\Windows\WindowsUpdate.log
2013-12-17 19:34 - 2012-12-21 18:07 - 00000000 ____D C:\ProgramData\MFAData
2013-12-17 16:57 - 2013-06-19 22:20 - 00000000 ____D C:\Users\ivan\AppData\Roaming\uTorrent
2013-12-17 16:53 - 2013-12-17 16:53 - 00019262 _____ C:\Users\ivan\Desktop\dds.txt
2013-12-17 16:53 - 2013-12-17 16:53 - 00010394 _____ C:\Users\ivan\Desktop\attach.txt
2013-12-17 16:53 - 2009-07-14 12:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-17 16:53 - 2009-07-14 12:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-17 16:50 - 2012-10-13 18:05 - 00000000 ____D C:\Users\ivan\AppData\Roaming\GarenaPlus
2013-12-17 16:50 - 2012-10-13 15:45 - 00000000 ____D C:\ProgramData\GarenaMessenger
2013-12-17 16:47 - 2013-03-28 15:21 - 00000000 ____D C:\Users\ivan\AppData\Local\LogMeIn Hamachi
2013-12-17 16:46 - 2013-12-12 16:39 - 00003496 _____ C:\Windows\System32\Tasks\gg_uac_daemon_ivan
2013-12-17 16:46 - 2013-11-16 21:48 - 00006138 _____ C:\Windows\PFRO.log
2013-12-17 16:46 - 2013-11-16 21:48 - 00002343 _____ C:\Windows\setupact.log
2013-12-17 16:46 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-17 16:42 - 2013-12-17 16:42 - 00688992 ____R (Swearware) C:\Users\ivan\Downloads\dds.com
2013-12-17 16:32 - 2013-12-17 16:32 - 00000000 ____D C:\Users\ivan\Downloads\Windows7Ultimate
2013-12-17 15:47 - 2012-11-10 21:02 - 00000000 ____D C:\Users\ivan\AppData\Roaming\TS3Client
2013-12-17 15:37 - 2012-10-22 20:40 - 00000000 ____D C:\Users\ivan\Documents\my games
2013-12-17 15:32 - 2009-07-14 13:13 - 00876042 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-17 10:47 - 2013-12-17 10:47 - 00000000 ____D C:\Users\ivan\AppData\Local\CrashDumps
2013-12-17 00:42 - 2013-12-17 00:42 - 00001953 _____ C:\Users\ivan\Desktop\RKreport[0]_S_12172013_004226.txt
2013-12-17 00:33 - 2013-09-30 20:51 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-17 00:31 - 2013-12-17 00:31 - 00000651 _____ C:\Users\ivan\Desktop\JRT.txt
2013-12-17 00:10 - 2013-12-17 00:10 - 00659968 _____ C:\Users\ivan\Downloads\MicrosoftFixit50195.msi
2013-12-17 00:05 - 2013-12-17 00:05 - 01034531 _____ (Thisisu) C:\Users\ivan\Downloads\JRT (1).exe
2013-12-16 23:52 - 2013-12-16 23:52 - 01034531 _____ (Thisisu) C:\Users\ivan\Downloads\JRT.exe
2013-12-16 23:52 - 2013-12-16 23:52 - 00000000 ____D C:\Windows\ERUNT
2013-12-16 23:50 - 2012-10-13 14:14 - 00000000 ____D C:\Program Files (x86)\Origin
2013-12-16 23:38 - 2013-12-16 23:38 - 01226750 _____ C:\Users\ivan\Desktop\adwcleaner.exe
2013-12-16 23:36 - 2013-12-16 23:36 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\ivan\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-16 23:36 - 2013-12-16 23:36 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-16 23:36 - 2013-12-16 23:36 - 00000000 ____D C:\Users\ivan\AppData\Roaming\Malwarebytes
2013-12-16 23:36 - 2013-12-16 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 23:36 - 2013-12-16 23:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 23:21 - 2012-10-13 13:58 - 00000000 ____D C:\Users\ivan
2013-12-16 23:03 - 2013-10-30 20:24 - 00000000 ____D C:\ProgramData\ProductData
2013-12-16 13:36 - 2013-01-22 15:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2013-12-16 13:30 - 2013-01-22 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-12-16 13:27 - 2013-07-05 19:04 - 00000000 ____D C:\ProgramData\IObit
2013-12-16 13:27 - 2013-07-05 19:03 - 00000000 ____D C:\Program Files (x86)\IObit
2013-12-15 13:51 - 2013-12-15 13:50 - 00017475 _____ C:\Windows\DirectX.log
2013-12-15 10:06 - 2013-12-14 22:34 - 00000000 ____D C:\Users\ivan\Downloads\Starbound
2013-12-15 01:53 - 2013-12-15 01:53 - 00001348 _____ C:\Users\ivan\Desktop\Terraria - Shortcut.lnk
2013-12-15 01:53 - 2013-11-16 22:33 - 00000000 ____D C:\Users\ivan\Downloads\Terraria v1.2.1.1
2013-12-15 00:58 - 2012-10-13 14:57 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-12-15 00:49 - 2013-12-15 00:49 - 00060777 _____ C:\Windows\SysWOW64\CCCInstall_201312150049146805.log
2013-12-15 00:49 - 2013-12-15 00:49 - 00000000 ____D C:\ProgramData\ATI
2013-12-15 00:49 - 2013-12-15 00:49 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-12-15 00:49 - 2012-10-13 21:06 - 00000000 ____D C:\ProgramData\AMD
2013-12-15 00:48 - 2012-10-13 21:05 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-15 00:04 - 2012-10-24 17:56 - 00859908 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-14 23:48 - 2013-12-14 23:47 - 00004115 _____ C:\Windows\IE11_main.log
2013-12-14 23:33 - 2012-11-17 12:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-12-14 23:31 - 2013-12-14 23:31 - 00001237 _____ C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2013-12-14 23:31 - 2013-12-14 23:31 - 00001213 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2013-12-14 23:22 - 2012-01-23 23:14 - 00000000 ____D C:\Games
2013-12-14 22:48 - 2013-12-14 22:48 - 10330944 _____ (IObit) C:\Users\ivan\Downloads\iobituninstaller3-1.0.exe
2013-12-14 22:45 - 2013-12-14 22:45 - 00001397 _____ C:\Users\ivan\Desktop\starbound - Shortcut.lnk
2013-12-14 22:21 - 2012-10-13 19:36 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-12-14 21:35 - 2013-11-30 11:42 - 00000000 ____D C:\Users\ivan\AppData\Local\Battle.net
2013-12-14 19:53 - 2013-11-30 11:42 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-14 18:25 - 2012-10-13 15:46 - 00000000 ____D C:\Program Files (x86)\Garena Plus
2013-12-14 16:26 - 2012-10-13 14:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-14 16:26 - 2012-10-13 14:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-14 16:26 - 2012-10-13 14:19 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:11 - 2013-11-30 11:44 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-07 16:50 - 2012-10-13 14:00 - 00000000 ___RD C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-07 00:20 - 2013-09-20 21:45 - 00000000 ____D C:\Users\ivan\AppData\Local\Solid State Networks
2013-12-07 00:20 - 2013-09-20 21:44 - 00000000 ____D C:\Program Files (x86)\MeteorEntertainment
2013-12-06 19:25 - 2012-11-10 15:05 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-12-06 19:04 - 2013-12-06 19:04 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-01 13:45 - 2012-12-18 19:11 - 00000000 ____D C:\Users\ivan\AppData\Local\Adobe
2013-11-30 21:15 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
2013-11-30 14:24 - 2013-11-30 14:24 - 00000000 ____D C:\Users\ivan\AppData\Local\Blizzard
2013-11-30 11:51 - 2013-10-15 12:52 - 00000965 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-30 11:50 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-30 11:44 - 2013-11-30 11:44 - 00001183 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2013-11-30 11:44 - 2013-11-30 11:42 - 00000000 ____D C:\Users\ivan\AppData\Roaming\Battle.net
2013-11-30 11:42 - 2013-11-30 11:42 - 00001146 _____ C:\Users\Public\Desktop\Battle.net.lnk
2013-11-30 11:42 - 2013-11-30 11:42 - 00000000 ____D C:\Users\ivan\AppData\Local\Blizzard Entertainment
2013-11-30 11:32 - 2013-10-30 20:23 - 00002205 _____ C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2013-11-24 00:04 - 2012-10-13 14:57 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0

Files to move or delete:
====================
C:\Users\ivan\jagex_cl_loginapplet_LIVE.dat
C:\Users\ivan\jagex_cl_runescape_LIVE.dat
C:\Users\ivan\jagex_cl_runescape_LIVE1.dat

Some content of TEMP:
====================
C:\Users\ivan\AppData\Local\Temp\install_flashplayer11x32au_mssd_aaa_aih.exe
C:\Users\ivan\AppData\Local\Temp\lol_patch_131016to131104v2.exe
C:\Users\ivan\AppData\Local\Temp\lol_patch_131104to131114.exe
C:\Users\ivan\AppData\Local\Temp\lol_patch_131114to131127v3.exe
C:\Users\ivan\AppData\Local\Temp\ntdll_dump.dll
C:\Users\ivan\AppData\Local\Temp\sonarinst.exe
C:\Users\ivan\AppData\Local\Temp\utt35F5.tmp.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-30 21:07

==================== End Of Log ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.