Jump to content

Recommended Posts

Hi MrC,

 

I'm facing a similar issue with ExittheLemming, I keep getting the same virus message from AVG every time I turn on my laptop, it reports an infection called IDP.Program.D1B0A5C0. I'm not too sure how this happened but it's been happening for a very long time and I can't find a way to get rid of it. I've followed all your steps that you posted and I've attached both logs that you require from FarBar Recovery Scan Tool, Addition.txt and FRST.txt.

 

Please take a look at the 2 logs and guide me on how i can get rid of this virus, I've noticed that my laptop has became very slow lately, so I'm hoping that I could get rid of this virus ASAP. Your help would be greatly appreciated!

 

The log from RogueKiller report is below. Also, just to let you know, I'm running windows 8.1 64 Bit.

 

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Gary's [Admin rights]
Mode : Scan -- Date : 01/16/2014 15:50:53
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 8 ¤¤¤
[sUSP PATH] ouc.exe -- C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\ouc.exe [7] -> KILLED [TermProc]
[sUSP PATH][DLL] explorer.exe -- C:\Users\Gary's\AppData\Local\Pokki\ocdeskband_0.dll [x] -> UNLOADED
[sUSP PATH] pokki.exe -- C:\Users\Gary's\AppData\Local\Pokki\Engine\pokki.exe [7] -> KILLED [TermProc]
[sUSP PATH] pokki.exe -- C:\Users\Gary's\AppData\Local\Pokki\Engine\pokki.exe [7] -> KILLED [TermThr]
[sUSP PATH] pokki.exe -- C:\Users\Gary's\AppData\Local\Pokki\Engine\pokki.exe [7] -> KILLED [TermThr]
[sUSP PATH][DLL] rundll32.exe -- C:\Users\Gary's\AppData\Roaming\newnext.me\nengine.dll [-] -> rundll32.exe KILLED [TermProc]
[sUSP PATH] SE.exe -- C:\Users\Gary's\AppData\Roaming\SkypEmoticons\SE.exe [7] -> KILLED [TermProc]
[sUSP PATH] setup.exe -- C:\Windows\Temp\CR_9E902.tmp\setup.exe [7] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : se ("C:\Users\Gary's\AppData\Roaming\SkypEmoticons\SE.exe"  /minimized  [7]) -> FOUND
[RUN][sUSP PATH] HKCU\[...]\Run : NextLive (C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Gary's\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l [-][-][x]) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 4 ¤¤¤
[V2][sUSP PATH] AllmyappsUpdateTask : c:\users\gary's\appdata\roaming\allmyapps\allmyappsupdater.exe - check startup [x][x] -> FOUND
[V2][sUSP PATH] Hoolapp For Android : C:\Users\Gary's\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V2][sUSP PATH] Hoolapp Init : C:\Users\Gary's\AppData\Roaming\HOOLAP~1\Hoolapp.exe - /Minimized [x] -> FOUND
[V2][sUSP PATH] Origin : C:\Users\Gary's\AppData\Roaming\Origin\update.vbe [-] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545050A7E380 +++++
--- User ---
[MBR] 9a8ad2bbc1b374b05643d5c2d5e68ee1
[bSP] 08e97da3caad6fe92d4b029a7370ea5b : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) SanDisk SSD U100 24GB +++++
--- User ---
[MBR] b90be8a3f1e701d1302090667359b3ee
[bSP] afa06e5d12a4665991450ede0d682961 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_01162014_155053.txt >>
 
 
Thanks and best regards,
Mistrol
 

Addition.txt

FRST_16-01-2014_15-55-06.txt

Link to post
Share on other sites

Hello Mistrol and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please manually delete your FRST.exe copy and then follow the instructions here:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Link to post
Share on other sites

Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Link to post
Share on other sites

This is first half of FRST.txt file

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03

Ran by Gary's (administrator) on GARY on 18-01-2014 10:08:54

Running from C:\Users\Gary's\Downloads

Windows 8.1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version:

Download link for 64-Bit Version:

Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

() C:\Windows\System32\DptfParticipantProcessorService.exe

() C:\Windows\System32\DptfPolicyConfigTDPService.exe

(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

() C:\ProgramData\DatacardService\HWDeviceService64.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\ouc.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Microsoft Corporation) C:\Windows\System32\schtasks.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

() C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe

() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

() C:\Program Files (x86)\FOXBAT Gaming Mouse\trayicon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(SkypEmoticons) C:\Users\Gary's\AppData\Roaming\SkypEmoticons\SE.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)

HKLM\...\Run: [AuditSHD] - C:\windows\system32\oobe\auditshd.exe [29696 2013-08-22] (Microsoft Corporation)

HKLM\...\Run: [btTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-11] (Qualcomm Atheros)

HKLM\...\Run: [btvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-11] (Qualcomm Atheros Commnucations)

HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-25] (ASUS)

HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-09] (NVIDIA Corporation)

HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-08-05] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSPanel.exe [3574656 2012-10-25] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)

HKLM-x32\...\Run: [GamingMouseG7] - C:\Program Files (x86)\FOXBAT Gaming Mouse\mousehid.exe [741376 2012-06-03] ()

HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761536 2013-12-26] ()

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKCU\...\Run: [Facebook Update] - C:\Users\Gary's\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-06] (Facebook Inc.)

HKCU\...\Run: [se] - C:\Users\Gary's\AppData\Roaming\SkypEmoticons\SE.exe [6065056 2014-01-18] (SkypEmoticons)

HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)

HKCU\...\Run: [NextLive] - C:\Users\Gary's\AppData\Roaming\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=SG&userid=bce93bb1-26fd-208f-f282-697d29b22299&searchtype=ds&q={searchTerms}&installDate=01/11/2013


HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=SG&userid=bce93bb1-26fd-208f-f282-697d29b22299&searchtype=ds&q={searchTerms}&installDate=01/11/2013

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=SG&userid=bce93bb1-26fd-208f-f282-697d29b22299&searchtype=ds&q={searchTerms}&installDate=01/11/2013

SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=SG&userid=bce93bb1-26fd-208f-f282-697d29b22299&searchtype=ds&q={searchTerms}&installDate=01/11/2013

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=SG&userid=bce93bb1-26fd-208f-f282-697d29b22299&searchtype=ds&q={searchTerms}&installDate=01/11/2013

SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=SG&userid=bce93bb1-26fd-208f-f282-697d29b22299&searchtype=ds&q={searchTerms}&installDate=01/11/2013

BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: saaFe  saave - {5B1A1B8B-6FD4-B451-C42C-07808FB942A5} - C:\ProgramData\saaFe  saave\51e2e4e0939f8.dll No File

BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

Chrome: 

=======


CHR DefaultSearchKeyword: google.com.sg

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File

CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File

CHR Extension: (Google Drive) - C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-27]

CHR Extension: (YouTube) - C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-27]

CHR Extension: (Google Search) - C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-27]

CHR Extension: (Go away MDA) - C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2013-02-22]

CHR Extension: (Google Wallet) - C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]

CHR Extension: (Gmail) - C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-27]

CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx [2012-12-27]

CHR HKLM-x32\...\Chrome\Extension: [hidjnkeodmholilgafgdlgmgggbhnigl] - C:\Users\Gary's\AppData\Roaming\SimilarSites\similarsites.crx [2012-12-27]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

U2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)

U2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-11] (Qualcomm Atheros Commnucations)

U2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)

U2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)

U2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)

U2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [29056 2012-07-30] ()

U2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [30592 2012-07-30] ()

U2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-31] (Diskeeper Corporation)

U2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()

U2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-30] (Intel Corporation)

U2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)

U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)

U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)

U2 SingTel Seamless Connection. RunOuc; C:\Program Files (x86)\SingTel Seamless Connection\UpdateDog\ouc.exe [655712 2011-12-23] ()

U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)

U3 wifimansvc; C:\Program Files (x86)\SingTel Seamless Connection\eap\wifimansvc.exe [598528 2011-12-12] ()

U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

U2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-11] (Atheros)

 

==================== Drivers (Whitelisted) ====================

 

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

U3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-11-01] (ASUS Corporation)

U0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)

U1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)

U1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)

U1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)

U0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)

U1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)

U0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)

U0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)

U0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)

U1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)

U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)

U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)

U3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-07-13] (Intel Corporation)

U3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-07-13] (Intel Corporation)

U3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-07-13] (Intel Corporation)

U3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96064 2012-07-13] (Intel Corporation)

U3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [228672 2012-07-13] (Intel Corporation)

U3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [361792 2012-07-13] (Intel Corporation)

U3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-01] (Disc Soft Ltd)

U1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-31] (Diskeeper Corporation)

U3 GM3305Fltr; C:\Windows\system32\drivers\GM3305Fltr.sys [9600 2012-03-28] (LXD Development, Inc.)

U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-31] (Intel Corporation)

U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-26] (Intel Corporation)

U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)

U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-01] (Microsoft Corporation)

U3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

U3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)

U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-01] (Microsoft Corporation)

U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)

U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

U3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-01-18 10:08 - 2014-01-18 10:09 - 00023062 _____ C:\Users\Gary's\Downloads\FRST.txt

2014-01-18 10:08 - 2014-01-18 10:08 - 00000000 ____D C:\FRST

2014-01-18 10:05 - 2014-01-18 10:06 - 02076160 _____ (Farbar) C:\Users\Gary's\Downloads\FRST64.exe

2014-01-16 17:01 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-01-16 17:01 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-01-16 17:01 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-01-16 17:01 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-01-16 17:00 - 2014-01-16 17:01 - 00005175 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-16 15:50 - 2014-01-16 15:50 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 04102928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 02011488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00839488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00591360 _____ (Realtek                                            ) C:\WINDOWS\system32\Drivers\Rt630x64.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00478048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00366432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00305504 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00294544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00265056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00168800 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00168288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00150368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00124768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00090944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00088928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00081760 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rspndr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00074960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpbCx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00064864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UAGP35.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00063840 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00061248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbFlt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00050016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00049984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00045888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00044896 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00034760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBCAMD2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RNDISMP.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00031072 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00019808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidumdf.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidkmdf.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak

2014-01-16 15:49 - 2014-01-16 15:50 - 00575840 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 04177920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 03680256 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw8x.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 03357024 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00782176 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00651248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAV.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00645952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00567808 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00531296 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00412000 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00361792 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfManager.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00342528 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00259424 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00252728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00228672 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevProc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00217952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00194872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00114016 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00109408 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00108896 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00107328 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevDram.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00099320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00096064 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevPch.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00093536 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipfltdrv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00082784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorClass.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00082784 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sss.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00081760 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas3.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiex.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00068960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\GAGP30KX.SYS.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00064832 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevGen.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00064352 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00061824 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00057696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgfwd6a.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00056672 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\megasas.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00042816 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevFan.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00039320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\intelaud.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filetrace.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00033856 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\hamachi.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00026008 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iwdbus.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00025952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00024568 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00023344 _____ (Diskeeper Corporation) C:\WINDOWS\system32\Drivers\excfs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00021248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00021152 _____ (ASUS) C:\WINDOWS\system32\Drivers\AsHIDSwitch64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00020496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00017624 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00017152 _____ (ASUSTek Computer Inc.) C:\WINDOWS\system32\Drivers\AiCharger.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00014992 _____ ( ) C:\WINDOWS\system32\Drivers\kbfiltr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00009600 _____ (LXD Development, Inc.) C:\WINDOWS\system32\Drivers\GM3305Fltr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak

2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Malwarebytes

2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-01-16 15:37 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-01-15 19:04 - 2013-11-27 23:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2014-01-15 19:04 - 2013-11-27 19:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe

2014-01-15 19:04 - 2013-11-27 18:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll

2014-01-15 19:04 - 2013-11-27 17:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll

2014-01-15 19:04 - 2013-11-27 16:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-01-15 19:04 - 2013-11-27 16:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll

2014-01-15 19:04 - 2013-11-27 16:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-01-15 19:04 - 2013-11-27 16:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll

2014-01-15 19:04 - 2013-11-27 16:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-01-15 19:04 - 2013-11-27 16:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-01-15 19:03 - 2013-12-09 08:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2014-01-08 20:14 - 2014-01-08 20:14 - 00000649 _____ C:\Users\Gary's\Desktop\Call of Duty - Ghosts.lnk

2014-01-08 20:10 - 2014-01-08 20:14 - 00000000 ____D C:\ProgramData\Package Cache

2014-01-06 19:32 - 2014-01-06 19:32 - 00000647 _____ C:\Users\Gary's\Desktop\Far Cry 3.lnk

2014-01-06 19:32 - 2014-01-06 19:32 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Far Cry 3

2014-01-06 01:28 - 2014-01-18 10:01 - 00000360 _____ C:\WINDOWS\Tasks\AmiUpdXp.job

2014-01-06 01:28 - 2014-01-18 10:01 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\newnext.me

2014-01-06 01:28 - 2014-01-18 02:00 - 00003790 _____ C:\Users\Gary's\daemonprocess.txt

2014-01-06 01:28 - 2014-01-06 01:43 - 00000000 ____D C:\Users\Gary's\AppData\Local\Mobogenie

2014-01-06 01:28 - 2014-01-06 01:43 - 00000000 ____D C:\Program Files (x86)\Mobogenie

2014-01-06 01:28 - 2014-01-06 01:29 - 00000000 ____D C:\Users\Gary's\.android

2014-01-06 01:28 - 2014-01-06 01:28 - 00003354 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\Documents\Mobogenie

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Local\genienext

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Local\cache

2014-01-02 21:17 - 2014-01-02 22:28 - 00000000 ____D C:\WINDOWS\pss

2014-01-01 07:19 - 2014-01-01 07:19 - 00000000 __SHD C:\Recovery

2014-01-01 07:19 - 2014-01-01 00:00 - 00000000 ___DC C:\WINDOWS\Panther

2014-01-01 07:17 - 2014-01-01 07:17 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-01-01 07:17 - 2014-01-01 07:17 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-01-01 07:17 - 2014-01-01 07:17 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-01-01 07:17 - 2014-01-01 07:17 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-01-01 07:17 - 2014-01-01 07:17 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2014-01-01 07:16 - 2014-01-01 07:16 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2014-01-01 07:16 - 2014-01-01 07:16 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2014-01-01 07:16 - 2014-01-01 07:16 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll

2014-01-01 07:15 - 2014-01-01 07:15 - 00262144 _____ C:\WINDOWS\system32\config\userdiff

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files\Reference Assemblies

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files\MSBuild

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files (x86)\MSBuild

2014-01-01 07:00 - 2013-08-03 12:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2014-01-01 07:00 - 2013-08-03 12:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2014-01-01 07:00 - 2013-08-03 12:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2014-01-01 07:00 - 2013-08-03 12:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2014-01-01 07:00 - 2013-08-03 12:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-01-01 07:00 - 2013-08-03 12:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2013-12-31 16:05 - 2013-12-31 16:05 - 00001448 _____ C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-12-31 16:04 - 2013-12-31 16:04 - 00000020 ___SH C:\Users\Gary's\ntuser.ini

2013-12-31 15:59 - 2013-12-31 15:59 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

2013-12-31 15:35 - 2013-12-31 15:35 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2013-12-31 15:34 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's

2013-12-31 15:34 - 2013-12-31 15:35 - 00000000 ___RD C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-12-31 15:34 - 2013-08-22 23:36 - 00000000 ___RD C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-12-31 15:34 - 2013-08-22 23:36 - 00000000 ___RD C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-12-31 15:34 - 2013-08-22 23:36 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-12-31 15:28 - 2013-12-31 15:59 - 00024768 _____ C:\WINDOWS\diagwrn.xml

2013-12-31 15:28 - 2013-12-31 15:59 - 00024768 _____ C:\WINDOWS\diagerr.xml

2013-12-31 15:23 - 2013-12-31 15:38 - 00000000 ____D C:\Program Files (x86)\Intel

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevGen_01009.Wdf

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevFan_01009.Wdf

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevDram_01009.Wdf

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____D C:\Program Files\Realtek

2013-12-31 15:23 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2013-12-31 15:23 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2013-12-31 15:22 - 2014-01-18 10:03 - 01287184 _____ C:\WINDOWS\WindowsUpdate.log

2013-12-31 15:22 - 2013-12-31 15:45 - 00000000 ____D C:\WINDOWS\SysWOW64\NV

2013-12-31 15:22 - 2013-12-31 15:45 - 00000000 ____D C:\WINDOWS\system32\NV

2013-12-31 15:22 - 2013-12-31 15:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-12-31 15:22 - 2013-12-31 15:38 - 00000000 ____D C:\ProgramData\NVIDIA

2013-12-31 15:22 - 2013-12-31 15:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevProc_01009.Wdf

2013-12-31 15:22 - 2013-11-11 23:02 - 06674208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2013-12-31 15:22 - 2013-11-11 23:02 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2013-12-31 15:22 - 2013-11-11 23:01 - 03467927 _____ C:\WINDOWS\system32\nvcoproc.bin

2013-12-31 15:22 - 2013-11-11 23:01 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2013-12-31 15:22 - 2013-11-11 23:01 - 01065248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2013-12-31 15:22 - 2013-11-11 23:01 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2013-12-31 15:22 - 2013-11-11 23:01 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2013-12-31 15:22 - 2013-11-11 23:01 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2013-12-31 15:22 - 2013-11-11 23:01 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2013-12-31 15:21 - 2013-12-31 15:38 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-12-31 15:21 - 2013-12-31 15:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-12-31 15:21 - 2013-12-31 15:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfManager_01009.Wdf

2013-12-31 15:21 - 2013-12-31 15:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevPch_01009.Wdf

2013-12-31 13:51 - 2013-12-31 15:59 - 00006611 _____ C:\WINDOWS\comsetup.log

2013-12-27 23:39 - 2013-12-28 21:02 - 00000000 ____D C:\Program Files (x86)\MyPC Backup

2013-12-27 23:13 - 2013-12-27 23:35 - 00000000 ____D C:\Users\Gary's\AppData\Local\calibre-cache

2013-12-27 23:12 - 2013-12-27 23:35 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\calibre

2013-12-27 22:40 - 2013-12-27 22:42 - 00000000 ____D C:\Users\Gary's\Documents\My Library

2013-12-27 22:39 - 2013-12-27 22:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Reader

2013-12-27 22:39 - 2003-06-05 17:15 - 00057436 _____ (Microsoft Corporation) C:\WINDOWS\DASShp.dll

2013-12-25 02:57 - 2013-12-25 02:57 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Newmen

2013-12-25 02:49 - 2013-12-25 02:49 - 00000000 ____D C:\Program Files (x86)\FOXBAT Gaming Mouse

2013-12-25 02:49 - 2012-03-28 10:46 - 00009600 _____ (LXD Development, Inc.) C:\WINDOWS\system32\Drivers\GM3305Fltr.sys

2013-12-25 02:49 - 2012-03-28 10:45 - 00008064 _____ (LXD Development, Inc.) C:\WINDOWS\SysWOW64\Drivers\GM3305Fltr.sys

2013-12-25 02:47 - 2013-12-25 02:47 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\InstallShield

Link to post
Share on other sites

This is the second half of FRST.txt file

==================== One Month Modified Files and Folders =======

 

2014-01-18 10:09 - 2014-01-18 10:08 - 00023062 _____ C:\Users\Gary's\Downloads\FRST.txt

2014-01-18 10:08 - 2014-01-18 10:08 - 00000000 ____D C:\FRST

2014-01-18 10:06 - 2014-01-18 10:05 - 02076160 _____ (Farbar) C:\Users\Gary's\Downloads\FRST64.exe

2014-01-18 10:06 - 2012-12-27 13:54 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3168432595-1007480178-2149190772-1002

2014-01-18 10:05 - 2013-06-16 18:41 - 00000000 ____D C:\ProgramData\MFAData

2014-01-18 10:03 - 2013-12-31 15:22 - 01287184 _____ C:\WINDOWS\WindowsUpdate.log

2014-01-18 10:03 - 2013-10-14 22:07 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\SkypEmoticons

2014-01-18 10:01 - 2014-01-06 01:28 - 00000360 _____ C:\WINDOWS\Tasks\AmiUpdXp.job

2014-01-18 10:01 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\newnext.me

2014-01-18 10:01 - 2012-12-27 14:02 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-01-18 09:59 - 2013-08-22 22:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2014-01-18 02:00 - 2014-01-06 01:28 - 00003790 _____ C:\Users\Gary's\daemonprocess.txt

2014-01-18 02:00 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\sru

2014-01-18 02:00 - 2013-08-22 21:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2014-01-18 01:50 - 2012-12-27 17:58 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-01-18 01:44 - 2012-12-27 14:02 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-18 00:57 - 2013-04-06 00:52 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3168432595-1007480178-2149190772-1002UA.job

2014-01-18 00:57 - 2013-04-06 00:52 - 00000920 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3168432595-1007480178-2149190772-1002Core.job

2014-01-17 21:47 - 2012-12-27 14:03 - 00002281 _____ C:\Users\Gary's\Desktop\Google Chrome.lnk

2014-01-16 17:30 - 2012-12-27 17:52 - 00000000 ____D C:\Program Files (x86)\Steam

2014-01-16 17:01 - 2014-01-16 17:00 - 00005175 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-16 17:01 - 2013-10-18 19:29 - 00000000 ____D C:\ProgramData\Oracle

2014-01-16 17:01 - 2013-07-07 23:47 - 00000000 ____D C:\Program Files (x86)\Java

2014-01-16 17:00 - 2013-11-14 15:28 - 00867660 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2014-01-16 16:52 - 2013-11-14 15:20 - 00009538 _____ C:\WINDOWS\PFRO.log

2014-01-16 16:51 - 2013-07-15 01:50 - 00000000 ____D C:\ProgramData\saaFe  saave

2014-01-16 16:51 - 2013-06-08 21:35 - 00000000 ____D C:\Users\Gary's\AppData\Local\SwvUpdater

2014-01-16 15:56 - 2013-08-04 10:16 - 00000000 ____D C:\Users\Gary's\AppData\Local\Pokki

2014-01-16 15:50 - 2014-01-16 15:50 - 12613408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 04102928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 02011488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00839488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00591360 _____ (Realtek                                            ) C:\WINDOWS\system32\Drivers\Rt630x64.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00478048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00366432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00305504 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00294544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00265056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00168800 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00168288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00150368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00124768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00121416 _____ (MotioninJoy) C:\WINDOWS\system32\Drivers\MijXfilt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00090944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00088928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00081760 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rspndr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00074960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb21.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpbCx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00064864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UAGP35.SYS.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00063840 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00061248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbFlt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00050016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00049984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00045888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00044896 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00034760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBCAMD2.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RNDISMP.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00031072 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00019808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidumdf.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidkmdf.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak

2014-01-16 15:50 - 2014-01-16 15:50 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak

2014-01-16 15:50 - 2014-01-16 15:49 - 00575840 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 04177920 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 03680256 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw8x.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 03357024 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00782176 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00651248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAV.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00645952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00567808 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00531296 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00412000 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00361792 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfManager.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00342528 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgloga.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00283064 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00259424 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00252728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00228672 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevProc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00217952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00194872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00123704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00114016 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00109408 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00108896 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00107328 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevDram.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00099320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00096064 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevPch.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00093536 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00090112 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipfltdrv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00082784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorClass.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00082784 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sss.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00081760 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas3.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiex.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00079200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00076800 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00068960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\GAGP30KX.SYS.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00064832 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevGen.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00064352 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00062784 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\HECIx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00061824 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00057696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgfwd6a.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00056672 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\megasas.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00042816 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\DptfDevFan.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00039320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\intelaud.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filetrace.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00033856 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\Drivers\hamachi.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00031544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00026008 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iwdbus.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00025952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00024568 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00023344 _____ (Diskeeper Corporation) C:\WINDOWS\system32\Drivers\excfs.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00021248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00021152 _____ (ASUS) C:\WINDOWS\system32\Drivers\AsHIDSwitch64.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00020496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00017624 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00017152 _____ (ASUSTek Computer Inc.) C:\WINDOWS\system32\Drivers\AiCharger.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00014992 _____ ( ) C:\WINDOWS\system32\Drivers\kbfiltr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00009600 _____ (LXD Development, Inc.) C:\WINDOWS\system32\Drivers\GM3305Fltr.sys.bak

2014-01-16 15:49 - 2014-01-16 15:49 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak

2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Malwarebytes

2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\ProgramData\Malwarebytes

2014-01-16 15:37 - 2014-01-16 15:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-01-16 15:13 - 2013-01-08 00:04 - 00000000 ____D C:\Users\Gary's\AppData\Local\Adobe

2014-01-15 21:57 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\WinStore

2014-01-15 21:56 - 2012-12-27 16:31 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\uTorrent

2014-01-15 20:08 - 2012-12-28 01:01 - 00301772 _____ C:\WINDOWS\DirectX.log

2014-01-15 19:20 - 2013-07-14 18:30 - 00000000 ____D C:\WINDOWS\system32\MRT

2014-01-15 19:17 - 2012-12-28 17:19 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-01-15 18:56 - 2013-08-22 21:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM

2014-01-14 20:32 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\AppReadiness

2014-01-12 13:13 - 2013-05-04 17:31 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\vlc

2014-01-08 20:14 - 2014-01-08 20:14 - 00000649 _____ C:\Users\Gary's\Desktop\Call of Duty - Ghosts.lnk

2014-01-08 20:14 - 2014-01-08 20:10 - 00000000 ____D C:\ProgramData\Package Cache

2014-01-07 06:31 - 2013-08-22 23:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-01-07 06:31 - 2013-08-22 23:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-01-06 20:10 - 2013-11-29 20:37 - 00000000 ____D C:\ProgramData\Orbit

2014-01-06 19:32 - 2014-01-06 19:32 - 00000647 _____ C:\Users\Gary's\Desktop\Far Cry 3.lnk

2014-01-06 19:32 - 2014-01-06 19:32 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Far Cry 3

2014-01-06 19:32 - 2013-12-01 19:32 - 00000000 ____D C:\Users\Gary's\Documents\My Games

2014-01-06 01:43 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Local\Mobogenie

2014-01-06 01:43 - 2014-01-06 01:28 - 00000000 ____D C:\Program Files (x86)\Mobogenie

2014-01-06 01:29 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\.android

2014-01-06 01:28 - 2014-01-06 01:28 - 00003354 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\Documents\Mobogenie

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Local\genienext

2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\AppData\Local\cache

2014-01-06 01:28 - 2013-12-31 15:34 - 00000000 ____D C:\Users\Gary's

2014-01-04 23:20 - 2013-10-14 21:12 - 00000000 ____D C:\Users\Gary's\Documents\FIFA 14

2014-01-03 13:22 - 2012-12-27 12:17 - 00000000 ____D C:\Users\Gary's\AppData\Local\Packages

2014-01-02 22:28 - 2014-01-02 21:17 - 00000000 ____D C:\WINDOWS\pss

2014-01-02 21:44 - 2013-06-08 21:35 - 00000000 ____D C:\Program Files (x86)\WebCake

2014-01-02 20:41 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\restore

2014-01-01 07:19 - 2014-01-01 07:19 - 00000000 __SHD C:\Recovery

2014-01-01 07:18 - 2013-08-22 23:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template

2014-01-01 07:17 - 2014-01-01 07:17 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-01-01 07:17 - 2014-01-01 07:17 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-01-01 07:17 - 2014-01-01 07:17 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe

2014-01-01 07:17 - 2014-01-01 07:17 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-01-01 07:17 - 2014-01-01 07:17 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll

2014-01-01 07:17 - 2014-01-01 07:17 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2014-01-01 07:16 - 2014-01-01 07:16 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2014-01-01 07:16 - 2014-01-01 07:16 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2014-01-01 07:16 - 2014-01-01 07:16 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2014-01-01 07:16 - 2014-01-01 07:16 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2014-01-01 07:16 - 2014-01-01 07:16 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll

2014-01-01 07:16 - 2014-01-01 07:16 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll

2014-01-01 07:16 - 2013-08-22 23:36 - 00000000 ___RD C:\WINDOWS\ToastData

2014-01-01 07:16 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\MediaViewer

2014-01-01 07:16 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\FileManager

2014-01-01 07:16 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\Camera

2014-01-01 07:15 - 2014-01-01 07:15 - 00262144 _____ C:\WINDOWS\system32\config\userdiff

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files\Reference Assemblies

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files\MSBuild

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2014-01-01 07:00 - 2014-01-01 07:00 - 00000000 ____D C:\Program Files (x86)\MSBuild

2014-01-01 01:51 - 2012-08-01 10:18 - 00009146 _____ C:\Users\Gary's\funshion.ini

2014-01-01 00:00 - 2014-01-01 07:19 - 00000000 ___DC C:\WINDOWS\Panther

2013-12-31 23:46 - 2012-12-28 07:54 - 00000911 _____ C:\Users\Gary's\AppData\Roaming\coreavc.ini

2013-12-31 23:46 - 2012-12-28 07:53 - 00000000 ____D C:\Users\Gary's\funshion

2013-12-31 20:11 - 2012-12-28 10:02 - 00001288 _____ C:\Users\Gary's\Desktop\shutdown.lnk

2013-12-31 19:54 - 2013-08-22 22:46 - 00293784 _____ C:\WINDOWS\setupact.log

2013-12-31 16:05 - 2013-12-31 16:05 - 00001448 _____ C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-12-31 16:05 - 2012-12-27 12:20 - 00000000 ___RD C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-12-31 16:05 - 2012-12-27 12:20 - 00000000 ___RD C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-12-31 16:04 - 2013-12-31 16:04 - 00000020 ___SH C:\Users\Gary's\ntuser.ini

2013-12-31 16:03 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\rescache

2013-12-31 16:00 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\Registration

2013-12-31 15:59 - 2013-12-31 15:59 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

2013-12-31 15:59 - 2013-12-31 15:28 - 00024768 _____ C:\WINDOWS\diagwrn.xml

2013-12-31 15:59 - 2013-12-31 15:28 - 00024768 _____ C:\WINDOWS\diagerr.xml

2013-12-31 15:59 - 2013-12-31 13:51 - 00006611 _____ C:\WINDOWS\comsetup.log

2013-12-31 15:55 - 2013-08-22 23:36 - 00000000 __RSD C:\WINDOWS\Media

2013-12-31 15:54 - 2013-08-22 23:36 - 00000000 __RHD C:\Users\Public\Libraries

2013-12-31 15:47 - 2012-07-26 16:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP

2013-12-31 15:45 - 2013-12-31 15:22 - 00000000 ____D C:\WINDOWS\SysWOW64\NV

2013-12-31 15:45 - 2013-12-31 15:22 - 00000000 ____D C:\WINDOWS\system32\NV

2013-12-31 15:44 - 2013-08-22 22:44 - 00479904 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-12-31 15:43 - 2013-11-14 15:17 - 00000000 ____D C:\WINDOWS\ShellNew

2013-12-31 15:43 - 2013-08-22 21:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2013-12-31 15:43 - 2013-06-25 21:41 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\C&C Generals

2013-12-31 15:43 - 2012-12-27 18:13 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2013-12-31 15:43 - 2012-12-27 16:31 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software

2013-12-31 15:40 - 2013-12-31 15:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\system32\winrm

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\system32\WCN

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\system32\slmgr

2013-12-31 15:40 - 2013-11-14 15:14 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts

2013-12-31 15:40 - 2013-10-31 21:01 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin

2013-12-31 15:40 - 2013-08-22 23:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\spool

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\NDF

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\MUI

2013-12-31 15:40 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\IME

2013-12-31 15:40 - 2013-08-22 21:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI

2013-12-31 15:40 - 2013-08-22 21:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe

2013-12-31 15:40 - 2013-08-22 21:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2013-12-31 15:40 - 2013-08-22 21:36 - 00000000 ____D C:\WINDOWS\system32\oobe

2013-12-31 15:40 - 2013-08-22 21:36 - 00000000 ____D C:\WINDOWS\system32\Dism

2013-12-31 15:40 - 2013-01-27 09:54 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer

2013-12-31 15:40 - 2013-01-06 00:01 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe

2013-12-31 15:40 - 2013-01-05 19:22 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive

2013-12-31 15:40 - 2012-12-20 03:57 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2013-12-31 15:40 - 2012-07-26 13:37 - 00000000 ____D C:\Users\Default.migrated

2013-12-31 15:39 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\Resources

2013-12-31 15:39 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2013-12-31 15:38 - 2013-12-31 15:23 - 00000000 ____D C:\Program Files (x86)\Intel

2013-12-31 15:38 - 2013-12-31 15:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation

2013-12-31 15:38 - 2013-12-31 15:22 - 00000000 ____D C:\ProgramData\NVIDIA

2013-12-31 15:38 - 2013-12-31 15:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-12-31 15:38 - 2013-12-31 15:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-12-31 15:38 - 2013-11-14 15:17 - 00000000 ____D C:\Program Files\Windows Journal

2013-12-31 15:38 - 2013-08-22 23:43 - 00000000 ____D C:\WINDOWS\DigitalLocker

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 __SHD C:\Program Files\Windows Sidebar

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\IME

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\Help

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ____D C:\Program Files\Common Files\System

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2013-12-31 15:38 - 2013-08-22 23:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2013-12-31 15:38 - 2012-08-02 09:24 - 00000000 ____D C:\ProgramData\PRICache

2013-12-31 15:35 - 2013-12-31 15:35 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2013-12-31 15:35 - 2013-12-31 15:34 - 00000000 ___RD C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-12-31 15:35 - 2013-10-08 01:54 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Box

2013-12-31 15:35 - 2013-08-22 23:36 - 00000000 ____D C:\WINDOWS\system32\Recovery

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevGen_01009.Wdf

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevFan_01009.Wdf

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevDram_01009.Wdf

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2013-12-31 15:23 - 2013-12-31 15:23 - 00000000 ____D C:\Program Files\Realtek

2013-12-31 15:23 - 2013-08-22 22:46 - 00000168 _____ C:\WINDOWS\setuperr.log

2013-12-31 15:22 - 2013-12-31 15:22 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevProc_01009.Wdf

2013-12-31 15:21 - 2013-12-31 15:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfManager_01009.Wdf

2013-12-31 15:21 - 2013-12-31 15:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevPch_01009.Wdf

2013-12-31 15:20 - 2013-08-22 21:36 - 00000000 __RHD C:\Users\Default

2013-12-31 14:51 - 2012-12-27 12:17 - 01590734 _____ C:\WINDOWS\WindowsUpdate (1).log

2013-12-31 14:33 - 2012-12-27 14:14 - 00000000 ____D C:\Users\Gary's\AppData\Local\CrashDumps

2013-12-31 13:10 - 2012-07-26 16:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

2013-12-29 19:52 - 2013-03-03 18:58 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Skype

2013-12-28 21:02 - 2013-12-27 23:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup

2013-12-28 20:55 - 2013-07-20 00:23 - 00000000 ____D C:\Program Files (x86)\Garena Plus

2013-12-28 20:55 - 2013-06-19 23:47 - 00000000 ____D C:\Program Files (x86)\Valve

2013-12-27 23:35 - 2013-12-27 23:13 - 00000000 ____D C:\Users\Gary's\AppData\Local\calibre-cache

2013-12-27 23:35 - 2013-12-27 23:12 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\calibre

2013-12-27 22:42 - 2013-12-27 22:40 - 00000000 ____D C:\Users\Gary's\Documents\My Library

2013-12-27 22:39 - 2013-12-27 22:39 - 00000000 ____D C:\Program Files (x86)\Microsoft Reader

2013-12-27 22:39 - 2012-12-20 03:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-12-25 02:57 - 2013-12-25 02:57 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\Newmen

2013-12-25 02:49 - 2013-12-25 02:49 - 00000000 ____D C:\Program Files (x86)\FOXBAT Gaming Mouse

2013-12-25 02:49 - 2012-12-20 04:11 - 00017878 _____ C:\WINDOWS\DPINST.LOG

2013-12-25 02:47 - 2013-12-25 02:47 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\InstallShield

2013-12-25 02:42 - 2013-08-12 21:44 - 468307802 _____ C:\WINDOWS\MEMORY.DMP

 

Files to move or delete:

====================

C:\Users\Gary's\AppData\Roaming\Origin\update.vbe

 

 

Some content of TEMP:

====================

C:\Users\Gary's\AppData\Local\Temp\install_flashplayer12x32au_mssa_aaa_aih.exe

C:\Users\Gary's\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Gary's\AppData\Local\Temp\Mobogenie_Setup_2.1.36_506.exe

C:\Users\Gary's\AppData\Local\Temp\ntdll_dump.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-01-16 17:11

 

==================== End Of Log ============================

Link to post
Share on other sites

This is the Addition.txt file

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 03

Ran by Gary's at 2014-01-18 10:10:25
Running from C:\Users\Gary's\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X MUI (x32 Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638 - Adobe Systems, Inc.)
Allmyapps Packages (HKCU Version:  - )
Any Video Converter 5.0.9 (x32 Version:  - Any-Video-Converter.com)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Assassins Creed IV Black Flag (x32 Version: 6.0 - Black Box)
ASUS InstantOn (x32 Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.5 - ASUS)
ASUS Live Update (x32 Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (x32 Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0004 - ASUS)
ASUS Tutor (x32 Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (x32 Version: 1.1.13.147 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (x32 Version: 2.0.10.168 - ASUSTEK)
ATK Package (x32 Version: 1.0.0022 - ASUS)
AVG 2014 (Version: 14.0.3681 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Battle.net (x32 Version:  - Blizzard Entertainment)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Call of Duty - Ghosts (x32 Version:  - R.G. Mechanics, spider91)
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Dota 2 (x32 Version:  - )
ExpressCache (Version: 1.0.86 - Diskeeper Corporation)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Far Cry 3 (x32 Version:  - R.G. Mechanics, spider91)
FOXBAT Gaming Mouse (x32 Version: 1.00 - Gaming Mouse)
Funshion (x32 Version: 2.8.6.56 - 北京风行在线技术有限公司)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hearthstone (x32 Version:  - Blizzard Entertainment)
Intel® Dynamic Platform and Thermal Framework (x32 Version: 6.0.5.1080 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Start Technology (x32 Version: 2.1.0.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MapleStorySEA version 1.31 (x32 Version: 1.31 - Asiasoft Online Pte.Ltd.)
Max Payne 3 (x32 Version: 1.0.0.0 - Rockstar Games)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Reader (x32 Version:  - )
Microsoft Visual C++ 2005 Redistributable - x64 8.0.50727.42 False (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.51011 False (Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.56336 False (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.58298 False (Version: 8.0.58298 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.59192 False (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (x32 Version: 8.0.51011 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (x32 Version: 8.0.58299 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (x32 Version: 8.0.59193 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.0 False (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 False (Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411 False (Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 False (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 False (Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 False (Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.5570 False (Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (x32 Version: 9.0.21022.218 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (x32 Version: 9.0.30411 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (x32 Version: 9.0.30729.4048 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.30319 False (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (x32 Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 False (x32 Version: 11.0.50727.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 False (x32 Version: 11.0.51106.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 False (x32 Version: 11.0.60610.1 - Корпорация Майкрософт) Hidden
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (x32 Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 False (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 False (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 False (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 False (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 False (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 False (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (x32 Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (x32 Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0 - Microsoft)
Mobogenie (x32 Version:  - Mobogenie.com) <==== ATTENTION
MotioninJoy ds3 driver version 0.6.0001 (Version: 0.5.0001 - www.motioninjoy.com)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Noise Reduction Plug-In 2.0 (x32 Version: 2.0.502 - Sony)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (Version: 331.82 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
PhotoBooth version 1.0 (x32 Version: 1.0 - amirhossein azarang)
PJP's JoyIDs (x32 Version:  - )
Pokki (HKCU Version: 0.263.15.27 - Pokki)
Pokki Download Helper (HKCU Version: 1.3.1.282 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RaidCall (x32 Version: 7.1.6-1.0.4843.7 - raidcall.com)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (x32 Version: 1.1.0.6 - Rockstar Games)
Safari (x32 Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SingTel Seamless Connection (x32 Version: 23.003.07.04.600 - Huawei Technologies Co.,Ltd)
SkypEmoticons (x32 Version:  - )
Skype™ 6.3 (x32 Version: 6.3.105 - Skype Technologies S.A.)
Split/Second (x32 Version: 1.00.0000 - Disney Interactive Studios)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (x32 Version: 6.0.7.0 - Husdawg, LLC)
System Requirements Lab Detection (x32 Version: 1.0.5.0 - Husdawg, LLC)
Team Fortress 2 (x32 Version:  - Valve)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
Vegas Pro 12.0 (64-bit) (Version: 12.0.394 - Sony)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (x32 Version: 2.0.2 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse  (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148 - ASUS)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Upload Tool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (x32 Version: 2.41.1 - ASUS)
WinRAR 4.20 (64-bit) (Version: 4.20.0 - win.rar GmbH)
YTD Video Downloader 3.9.6 (x32 Version: 3.9.6 - GreenTree Applications SRL)
 
==================== Restore Points  =========================
 
15-01-2014 11:15:18 Windows Update
16-01-2014 07:56:59 16/01/14
 
==================== Hosts content: ==========================
 
2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1078AC83-8771-41D0-BEB1-32EEE13735A0} - System32\Tasks\Titanium Installation => F:\setup.exe
Task: {15724EB4-CAC2-430B-ADC4-FC1D436D1E3F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3168432595-1007480178-2149190772-1002UA => C:\Users\Gary's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {1A47988A-0D0D-4CB8-A93F-4DB61C565782} - System32\Tasks\Hoolapp Init => C:\Users\Gary's\AppData\Roaming\HOOLAP~1\Hoolapp.exe
Task: {1EE35A6C-0667-49C5-BEC4-4E4BE286CED1} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-01] (AsusTek)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {511CE12F-D577-4C47-A311-B7065D111544} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-27] (Google Inc.)
Task: {525A12C5-0CE5-4232-9D25-1E5E92E4BDBC} - System32\Tasks\Hoolapp For Android => C:\Users\Gary's\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {5940D668-6A6F-47EB-A448-61A30C25FC20} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-25] (ASUSTek Computer Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6FD709B1-01A4-43BF-907A-11993B6E3B70} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3168432595-1007480178-2149190772-1002Core => C:\Users\Gary's\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {79006532-5FC5-4E89-8875-86918527F565} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-15] (Microsoft Corporation)
Task: {7C37FEE7-171B-4C1A-9AC1-F39F5179EA00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {856A5B54-9F60-4426-9FEC-D187AA391946} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-26] (ASUSTeK Computer Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {993C9837-9865-4321-A93D-F13369C1EBDC} - System32\Tasks\AllmyappsUpdateTask => c:\users\gary's\appdata\roaming\allmyapps\allmyappsupdater.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DC7422BC-7846-4228-A319-715110AB6F56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-27] (Google Inc.)
Task: {E3B03FB3-F627-405C-B17A-61F9036E4937} - System32\Tasks\AmiUpdXp => C:\Users\Gary's\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EDB5AE59-607C-4B1C-9681-8D8B2E5FBBD2} - System32\Tasks\Origin => C:\Users\Gary's\AppData\Roaming\Origin\update.vbe [2013-10-18] () <==== ATTENTION
Task: {F4FC5AB0-E49F-4BBD-917A-1FD79B2BB78A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {FEC5B622-C77E-4E6C-AFD5-9BF3F248DDF1} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\Gary's\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3168432595-1007480178-2149190772-1002Core.job => C:\Users\Gary's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3168432595-1007480178-2149190772-1002UA.job => C:\Users\Gary's\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-25 09:26 - 2012-08-25 09:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-29 06:13 - 2012-11-29 06:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-29 06:13 - 2012-11-29 06:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-12 23:52 - 2009-01-10 18:32 - 00011362 _____ () C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\mingwm10.dll
2013-06-12 23:52 - 2009-06-23 02:42 - 00043008 _____ () C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\libgcc_s_dw2-1.dll
2013-06-12 23:52 - 2010-05-14 17:57 - 02415104 _____ () C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\QtCore4.dll
2013-06-12 23:52 - 2010-02-10 22:10 - 01148416 _____ () C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\QtNetwork4.dll
2013-06-12 23:52 - 2011-12-23 18:22 - 00843264 _____ () C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\QueryStrategy.dll
2013-06-12 23:52 - 2010-02-10 22:06 - 00398336 _____ () C:\ProgramData\SingTel Seamless Connection\OnlineUpdate\QtXml4.dll
2013-12-25 02:49 - 2012-05-27 20:09 - 00249856 _____ () C:\Program Files (x86)\FOXBAT Gaming Mouse\language.dll
2012-12-20 03:50 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-11-20 20:19 - 2013-11-14 19:58 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-16 21:42 - 2014-01-11 18:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 21:42 - 2014-01-11 18:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 21:42 - 2014-01-11 18:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 21:42 - 2014-01-11 18:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 21:41 - 2014-01-11 18:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 21:42 - 2014-01-11 18:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:661DFA1C
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Could not start eventlog service, could not read events.
 
The requested service has already been started.
 
More help is available by typing NET HELPMSG 2182.
 
Link to post
Share on other sites

Step 1

Please uninstall the following applications:

µTorrent

Mobogenie

Pokki

Pokki Download Helper

Step 2

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

Hi,

 

below is the fixlog.txt file's content

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-01-2014
Ran by Gary's at 2014-01-21 23:12:31 Run:1
Running from C:\Users\Gary's\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761536 2013-12-26] ()
HKCU\...\Run: [NextLive] - C:\Users\Gary's\AppData\Roaming\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx [2012-12-27]
2014-01-06 01:28 - 2014-01-06 01:43 - 00000000 ____D C:\Users\Gary's\AppData\Local\Mobogenie
2014-01-06 01:28 - 2014-01-06 01:43 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2014-01-06 01:28 - 2014-01-06 01:28 - 00000000 ____D C:\Users\Gary's\Documents\Mobogenie
2013-12-27 23:39 - 2013-12-28 21:02 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
014-01-16 16:51 - 2013-07-15 01:50 - 00000000 ____D C:\ProgramData\saaFe  saave
2014-01-16 16:51 - 2013-06-08 21:35 - 00000000 ____D C:\Users\Gary's\AppData\Local\SwvUpdater
2014-01-16 15:56 - 2013-08-04 10:16 - 00000000 ____D C:\Users\Gary's\AppData\Local\Pokki
2014-01-15 21:56 - 2012-12-27 16:31 - 00000000 ____D C:\Users\Gary's\AppData\Roaming\uTorrent
2014-01-02 21:44 - 2013-06-08 21:35 - 00000000 ____D C:\Program Files (x86)\WebCake
C:\Users\Gary's\AppData\Roaming\Origin\update.vbe
C:\Users\Gary's\AppData\Local\Temp\Mobogenie_Setup_2.1.36_506.exe
Task: {525A12C5-0CE5-4232-9D25-1E5E92E4BDBC} - System32\Tasks\Hoolapp For Android => C:\Users\Gary's\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E3B03FB3-F627-405C-B17A-61F9036E4937} - System32\Tasks\AmiUpdXp => C:\Users\Gary's\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {EDB5AE59-607C-4B1C-9681-8D8B2E5FBBD2} - System32\Tasks\Origin => C:\Users\Gary's\AppData\Roaming\Origin\update.vbe [2013-10-18] () <==== ATTENTION
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\Gary's\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
End
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh => Key deleted successfully.
"C:\Program Files (x86)\WebCake\WebCakeLayers.crx" => File/Directory not found.
C:\Users\Gary's\AppData\Local\Mobogenie => Moved successfully.
"C:\Program Files (x86)\Mobogenie" => File/Directory not found.
C:\Users\Gary's\Documents\Mobogenie => Moved successfully.
C:\Program Files (x86)\MyPC Backup => Moved successfully.
C:\Users\Gary's\AppData\Local\SwvUpdater => Moved successfully.
"C:\Users\Gary's\AppData\Local\Pokki" => File/Directory not found.
C:\Users\Gary's\AppData\Roaming\uTorrent => Moved successfully.
C:\Program Files (x86)\WebCake => Moved successfully.
C:\Users\Gary's\AppData\Roaming\Origin\update.vbe => Moved successfully.
C:\Users\Gary's\AppData\Local\Temp\Mobogenie_Setup_2.1.36_506.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{525A12C5-0CE5-4232-9D25-1E5E92E4BDBC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{525A12C5-0CE5-4232-9D25-1E5E92E4BDBC} => Key deleted successfully.
C:\Windows\System32\Tasks\Hoolapp For Android => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hoolapp For Android => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3B03FB3-F627-405C-B17A-61F9036E4937} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3B03FB3-F627-405C-B17A-61F9036E4937} => Key deleted successfully.
C:\Windows\System32\Tasks\AmiUpdXp => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EDB5AE59-607C-4B1C-9681-8D8B2E5FBBD2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDB5AE59-607C-4B1C-9681-8D8B2E5FBBD2} => Key deleted successfully.
C:\Windows\System32\Tasks\Origin => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin => Key deleted successfully.
C:\WINDOWS\Tasks\AmiUpdXp.job => Moved successfully.
 
==== End of Fixlog ====
 
Mistrol
Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Hi,

 

This is the JRT.txt log file.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8.1 x64
Ran by Gary's on Thu 01/23/2014 at 20:12:58.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Failed to delete: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3168432595-1007480178-2149190772-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3168432595-1007480178-2149190772-1002\Software\sweetim
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\babylon
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
 
 
 
~~~ Files
 
Failed to delete: [File] "C:\WINDOWS\syswow64\funshion.ini"
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\starapp"
Failed to delete: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\Gary's\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Gary's\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Gary's\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Gary's\AppData\Roaming\webcake"
Successfully deleted: [Folder] "C:\Users\Gary's\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\Gary's\appdata\locallow\claro ltd"
Successfully deleted: [Folder] "C:\Users\Gary's\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Gary's\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Gary's\appdata\locallow\pricegong"
Failed to delete: [Folder] "C:\Program Files (x86)\funshion online"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Failed to delete: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\Gary's\funshion"
Failed to delete: [Folder] "C:\ProgramData\ask"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/23/2014 at 20:19:58.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
This is AdwCleaner[s0].txt log file
# AdwCleaner v3.017 - Report created 23/01/2014 at 20:22:56
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Gary's - GARY
# Running from : C:\Users\Gary's\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\DowunlloAd keeper
Folder Deleted : C:\ProgramData\saaFe  saave
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saaFe  saave
Folder Deleted : C:\Program Files (x86)\Funshion Online
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Users\Gary's\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Gary's\AppData\Local\genienext
Folder Deleted : C:\Users\Gary's\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Gary's\AppData\Roaming\SkypEmoticons
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\96d98fb53dbe40
Key Deleted : HKLM\SOFTWARE\96d98fb53dbe40
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B1A1B8B-6FD4-B451-C42C-07808FB942A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B1A1B8B-6FD4-B451-C42C-07808FB942A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5B1A1B8B-6FD4-B451-C42C-07808FB942A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5B1A1B8B-6FD4-B451-C42C-07808FB942A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\b1.org
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\b1.org
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SimilarSites
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : [x64] HKLM\SOFTWARE\b1.org
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16384
 
 
-\\ Google Chrome v32.0.1700.76
 
[ File : C:\Users\Gary's\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : homepage
 
*************************
 
AdwCleaner[R0].txt - [5439 octets] - [23/01/2014 20:22:11]
AdwCleaner[s0].txt - [5438 octets] - [23/01/2014 20:22:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5498 octets] ##########
 
Finally, this is MBAM's log file.
2014/01/23 20:10:02 +0800 GARY (null) MESSAGE Executing scheduled update:  Daily
2014/01/23 20:10:04 +0800 GARY (null) ERROR Scheduled update failed:  No address found failed with error code 0
2014/01/23 20:10:07 +0800 GARY (null) MESSAGE Starting protection
2014/01/23 20:10:07 +0800 GARY (null) MESSAGE Protection started successfully
2014/01/23 20:10:07 +0800 GARY (null) MESSAGE Starting IP protection
2014/01/23 20:10:10 +0800 GARY (null) MESSAGE IP Protection started successfully
2014/01/23 20:24:37 +0800 GARY Gary's MESSAGE Starting protection
2014/01/23 20:24:37 +0800 GARY Gary's MESSAGE Protection started successfully
2014/01/23 20:24:37 +0800 GARY Gary's MESSAGE Starting IP protection
2014/01/23 20:24:39 +0800 GARY Gary's MESSAGE IP Protection started successfully
2014/01/23 20:28:47 +0800 GARY Gary's MESSAGE Starting database refresh
2014/01/23 20:28:47 +0800 GARY Gary's MESSAGE Stopping IP protection
2014/01/23 20:28:47 +0800 GARY Gary's MESSAGE IP Protection stopped successfully
2014/01/23 20:28:51 +0800 GARY Gary's MESSAGE Database refreshed successfully
2014/01/23 20:28:51 +0800 GARY Gary's MESSAGE Starting IP protection
2014/01/23 20:28:53 +0800 GARY Gary's MESSAGE IP Protection started successfully
2014/01/23 20:42:49 +0800 GARY (null) MESSAGE Starting protection
2014/01/23 20:42:49 +0800 GARY (null) MESSAGE Protection started successfully
2014/01/23 20:42:49 +0800 GARY (null) MESSAGE Starting IP protection
2014/01/23 20:42:51 +0800 GARY (null) MESSAGE IP Protection started successfully
 
Mistrol
Link to post
Share on other sites

Hmm, somehow I copied a different file. Below is the log from MBAM.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.16.01
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Gary's :: GARY [administrator]
 
Protection: Enabled
 
1/16/2014 3:40:03 PM
mbam-log-2014-01-16 (15-40-03).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 0
Time elapsed: 3 second(s) [aborted]
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
Mistrol
Link to post
Share on other sites

Oops, sorry about that, copy/pasted a wrong log without realizing it.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.25.11
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Gary's :: GARY [administrator]
 
Protection: Enabled
 
1/26/2014 9:00:02 AM
mbam-log-2014-01-26 (09-00-02).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216844
Time elapsed: 6 minute(s), 36 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
Mistrol
Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.