Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with iexplore.exe virus


  • This topic is locked This topic is locked
19 replies to this topic

#1 gratefulforhelp

gratefulforhelp

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 26 December 2013 - 01:22 PM

Hello, and thank-you for any help you can give me.

 

My computer is new, and has been infected. I have multiple iexplore appearing in task manager and taking up massive amounts of memory, causing my internet to go slow until it freezes. My Norton antivirus isn't picking it up, neither is malwarebytes. I tried different suggestions that popped up when I googled it, when I finally saw you guys and how you really help people.

 

I tried downloaded your DDS, but even after clicking Save, it didn't give me an option to save to desktop, and when I try to get to it through the search on my computer, it tells me that:

 

THIS PROGRAM IS NOT MENT TO RUN IN COMPATIBILITY MODE AND WILL NOW EXIT

 

I am not sure what to do at this point.



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 27 December 2013 - 12:50 AM





Hello gratefulforhelp

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 27 December 2013 - 10:27 AM

Hello gringo, thank-you so much for your help! I won't do anything you don't authorize, trying to fix it myself through googling was a mistake I won't make again! Here are the logs.  

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2013
Ran by Jessica (administrator) on UPSTAIRSCOMP on 27-12-2013 10:08:07
Running from C:\Users\Jessica\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Acer) C:\Program Files (x86)\Acer Remote\ArcServer.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWLan.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-11-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2013-12-19] (SUPERAntiSpyware)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM - DefaultScope {126CCDF9-1377-427A-B8C5-305D27CAF043} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
SearchScopes: HKLM - {126CCDF9-1377-427A-B8C5-305D27CAF043} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {126CCDF9-1377-427A-B8C5-305D27CAF043} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {126CCDF9-1377-427A-B8C5-305D27CAF043} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {126CCDF9-1377-427A-B8C5-305D27CAF043} URL =
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 Realtek11nSU; C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe [36864 2013-09-11] (Realtek Semiconductor Corp.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [96768 2012-11-06] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-30] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131225.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-20] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131226.024\ENG64.SYS [126040 2013-12-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131226.024\EX64.SYS [2099288 2013-12-21] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968792 2013-09-11] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-20] (Microsoft Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-13] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-27 10:08 - 2013-12-27 10:08 - 00012074 _____ C:\Users\Jessica\Downloads\FRST.txt
2013-12-27 10:07 - 2013-12-27 10:07 - 00000000 ____D C:\FRST
2013-12-27 10:04 - 2013-12-27 10:04 - 01930574 _____ (Farbar) C:\Users\Jessica\Downloads\FRST64.exe
2013-12-26 12:53 - 2013-12-26 12:53 - 00688992 _____ (Swearware) C:\Users\Jessica\Downloads\dds.com
2013-12-26 12:27 - 2013-12-26 12:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-26 12:22 - 2013-12-26 12:26 - 00000000 ____D C:\AdwCleaner
2013-12-26 12:17 - 2013-12-26 12:17 - 00001456 _____ C:\Users\Jessica\Desktop\RKreport[0]_D_12262013_121713.txt
2013-12-26 12:05 - 2013-12-26 12:05 - 04083600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 02968792 _____ (Realtek Semiconductor Corporation                           ) C:\WINDOWS\system32\Drivers\RTWlanU.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00839488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00591360 _____ (Realtek                                            ) C:\WINDOWS\system32\Drivers\Rt630x64.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00305504 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00265056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00252048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00189792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00168800 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00159584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00142688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcmcia.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sbp2port.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00090944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00089952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00081760 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rspndr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpbCx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00064864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UAGP35.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00061248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbFlt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00050016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00049984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00045888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00044896 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00037216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00034760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBCAMD2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RNDISMP.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00031072 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00028000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00019808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmiacpi.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umpass.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00001407 _____ C:\Users\Jessica\Desktop\RKreport[0]_S_12262013_120537.txt
2013-12-26 12:04 - 2013-12-26 12:05 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 12526592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 03357024 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 02011488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00782176 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00651248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAV.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00619008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00575840 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00531296 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00478048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00412000 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00366432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00274784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00259424 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\1394ohci.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00217952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00199520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00168288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00150368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00124768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00114016 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00114016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00109408 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00108896 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00099320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00096768 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00093536 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00088928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipfltdrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00082784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorClass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00082784 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sss.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00081760 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas3.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiex.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00068960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\GAGP30KX.SYS.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00064352 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00063840 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00057696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00056672 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\megasas.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00051040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\circlass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssmbios.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00036992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CompositeBus.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00035168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filetrace.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fdc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbatt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CmBatt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00024568 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npsvctrig.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00021248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kdnic.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00017624 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00017248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00014688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00014560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipmi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpitime.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\errdev.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipagr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidumdf.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidkmdf.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak
2013-12-26 12:01 - 2013-12-26 12:17 - 00000000 ____D C:\Users\Jessica\Desktop\RK_Quarantine
2013-12-25 22:54 - 2013-12-25 22:54 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2013-12-25 22:53 - 2013-12-25 22:53 - 00001132 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-25 22:53 - 2013-12-25 22:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-25 22:53 - 2013-12-25 22:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 22:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-25 22:10 - 2013-12-25 22:10 - 00001827 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-25 22:10 - 2013-12-25 22:10 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\SUPERAntiSpyware.com
2013-12-25 22:10 - 2013-12-25 22:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-25 22:10 - 2013-12-25 22:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-25 21:29 - 2013-12-26 00:42 - 00000000 ____D C:\Users\Jessica\AppData\Local\NPE
2013-12-21 20:01 - 2013-12-21 20:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2013-12-21 20:00 - 2013-12-21 20:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-21 20:00 - 2013-12-21 20:00 - 00001402 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-21 20:00 - 2013-12-21 20:00 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-21 20:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2013-12-20 02:22 - 2013-12-20 02:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2013-12-20 02:14 - 2013-12-20 02:14 - 00001453 _____ C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-20 02:14 - 2013-12-20 02:14 - 00000020 ___SH C:\Users\Jessica\ntuser.ini
2013-12-20 00:44 - 2013-12-27 09:57 - 01124063 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-20 00:44 - 2013-12-20 00:44 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-20 00:31 - 2013-12-20 00:31 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-20 00:30 - 2013-12-25 21:29 - 00000000 ____D C:\Users\Jessica
2013-12-20 00:30 - 2013-12-20 00:44 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2013-12-20 00:30 - 2013-12-20 00:44 - 00020958 _____ C:\WINDOWS\diagerr.xml
2013-12-20 00:30 - 2013-12-20 00:31 - 00000000 ___RD C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-20 00:30 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-20 00:30 - 2013-08-22 07:36 - 00000000 ___RD C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-20 00:30 - 2013-08-22 07:36 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 ____D C:\Program Files\Realtek
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 ____D C:\Program Files\AMD
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-12-20 00:21 - 2013-12-20 02:15 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-20 00:21 - 2013-12-20 00:21 - 00000000 __SHD C:\Recovery
2013-12-20 00:20 - 2013-12-20 00:20 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-20 00:20 - 2013-12-20 00:20 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-20 00:19 - 2013-12-20 00:19 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-20 00:18 - 2013-12-20 00:18 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-20 00:18 - 2013-12-20 00:18 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-20 00:17 - 2013-12-20 00:17 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-20 00:17 - 2013-12-20 00:17 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-20 00:17 - 2013-12-20 00:17 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-20 00:15 - 2013-12-20 00:15 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-20 00:13 - 2013-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-20 00:13 - 2013-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-20 00:12 - 2013-12-20 00:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-20 00:12 - 2013-12-20 00:12 - 00000000 ____D C:\Program Files\MSBuild
2013-12-20 00:11 - 2013-08-02 20:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-12-20 00:11 - 2013-08-02 20:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-20 00:11 - 2013-08-02 20:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-12-20 00:11 - 2013-08-02 20:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-12-20 00:11 - 2013-08-02 20:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-20 00:11 - 2013-08-02 20:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-12-19 23:49 - 2013-12-20 00:44 - 00006558 _____ C:\WINDOWS\comsetup.log
2013-12-14 21:58 - 2013-12-14 21:58 - 00000000 ____D C:\Users\Jessica\AppData\Local\Cyberlink
2013-12-14 21:52 - 2013-12-14 21:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-08 17:39 - 2013-12-08 17:39 - 00000000 ____D C:\Users\Jessica\AppData\Local\CrashDumps
2013-12-06 18:48 - 2013-12-06 18:57 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Apple Computer
2013-12-06 18:48 - 2013-12-06 18:48 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-06 18:48 - 2013-12-06 18:48 - 00000000 ____D C:\Users\Jessica\AppData\Local\Apple Computer
2013-12-06 18:48 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2013-12-06 18:47 - 2013-12-12 14:51 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-06 18:47 - 2013-12-06 18:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-06 18:47 - 2013-12-06 18:48 - 00000000 ____D C:\Program Files\iTunes
2013-12-06 18:47 - 2013-12-06 18:47 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-06 18:47 - 2013-12-06 18:47 - 00000000 ____D C:\Program Files\iPod
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\Users\Jessica\AppData\Local\Apple
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-06 18:45 - 2013-12-06 18:46 - 00000000 ____D C:\ProgramData\Apple
2013-12-06 18:45 - 2013-12-06 18:45 - 00000000 ____D C:\Program Files\Bonjour
2013-12-06 18:45 - 2013-12-06 18:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-06 18:32 - 2013-12-06 18:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-12-01 03:17 - 2013-12-15 00:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-01 03:17 - 2013-12-15 00:04 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-30 23:43 - 2013-05-03 20:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2013-11-30 23:43 - 2013-05-03 20:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-11-30 21:59 - 2013-11-30 21:59 - 00000000 ____D C:\Users\Jessica\Documents\Symantec
2013-11-30 21:57 - 2013-12-20 02:14 - 00003234 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2013-11-30 21:57 - 2013-11-30 21:57 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2013-11-30 21:57 - 2013-11-30 21:57 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2013-11-30 21:57 - 2013-11-30 21:57 - 00002584 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-11-30 21:57 - 2013-11-30 21:57 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-11-30 21:56 - 2013-11-30 21:56 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2013-11-30 21:56 - 2013-11-30 21:56 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-11-30 21:19 - 2013-11-30 21:19 - 00000000 ____D C:\ProgramData\PCSettings
2013-11-30 21:10 - 2013-11-30 21:57 - 00001262 _____ C:\Users\Jessica\Desktop\Norton Installation Files.lnk
2013-11-30 21:10 - 2013-11-30 21:10 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-11-27 05:23 - 2013-11-27 05:23 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Macromedia
2013-11-27 05:18 - 2013-11-27 05:18 - 00002236 _____ C:\Users\Public\Desktop\ASUS USB-N13 WLAN Control Center.lnk
2013-11-27 05:18 - 2013-11-27 05:18 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-27 05:18 - 2013-09-11 10:27 - 00614400 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2013-11-27 05:18 - 2013-09-11 10:27 - 00380928 _____ (Realtek) C:\WINDOWS\RtlUI2.exe
2013-11-27 05:18 - 2013-09-11 10:27 - 00188416 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\RTLExtUI.dll
2013-11-27 05:18 - 2013-09-11 10:27 - 00000901 _____ C:\WINDOWS\RtlUI2.exe.manifest
2013-11-27 05:18 - 2013-09-11 04:43 - 02968792 _____ (Realtek Semiconductor Corporation                           ) C:\WINDOWS\system32\Drivers\RTWlanU.sys

==================== One Month Modified Files and Folders =======

2013-12-27 10:08 - 2013-12-27 10:08 - 00012074 _____ C:\Users\Jessica\Downloads\FRST.txt
2013-12-27 10:07 - 2013-12-27 10:07 - 00000000 ____D C:\FRST
2013-12-27 10:04 - 2013-12-27 10:04 - 01930574 _____ (Farbar) C:\Users\Jessica\Downloads\FRST64.exe
2013-12-27 10:00 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-27 09:57 - 2013-12-20 00:44 - 01124063 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-27 09:57 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-12-27 09:53 - 2013-11-25 17:54 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2607322971-2545331547-4087187186-1001
2013-12-26 12:53 - 2013-12-26 12:53 - 00688992 _____ (Swearware) C:\Users\Jessica\Downloads\dds.com
2013-12-26 12:34 - 2013-11-13 23:28 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-26 12:27 - 2013-12-26 12:27 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-12-26 12:27 - 2013-08-22 06:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-26 12:26 - 2013-12-26 12:22 - 00000000 ____D C:\AdwCleaner
2013-12-26 12:26 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-26 12:17 - 2013-12-26 12:17 - 00001456 _____ C:\Users\Jessica\Desktop\RKreport[0]_D_12262013_121713.txt
2013-12-26 12:17 - 2013-12-26 12:01 - 00000000 ____D C:\Users\Jessica\Desktop\RK_Quarantine
2013-12-26 12:05 - 2013-12-26 12:05 - 04083600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 02968792 _____ (Realtek Semiconductor Corporation                           ) C:\WINDOWS\system32\Drivers\RTWlanU.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00924512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00839488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00591360 _____ (Realtek                                            ) C:\WINDOWS\system32\Drivers\Rt630x64.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgrx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00374112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00305504 _____ (VIA Corporation) C:\WINDOWS\system32\Drivers\VSTXRAID.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00265056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00252048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00236376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00189792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00175960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VerifierExt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scsiport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00168800 _____ (VIA Technologies Inc.,Ltd) C:\WINDOWS\system32\Drivers\vsmraid.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00159584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00142688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcmcia.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sbp2port.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00096856 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR410.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rassstp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00090944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00089952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00081760 _____ (Silicon Integrated Systems) C:\WINDOWS\system32\Drivers\sisraid4.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rspndr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00072032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpbCx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00069472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stream.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00064864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UAGP35.SYS.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00061248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbFlt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00054784 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl64.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00054304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00050016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00049984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\videoprt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\qwavedrv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00045888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00044896 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\Drivers\sisraid2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\werkernel.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00037216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00034760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBCAMD2.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RNDISMP.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00031072 _____ (Promise Technology, Inc.) C:\WINDOWS\system32\Drivers\stexstor.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdi.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tape.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00028000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00027488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00023040 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\WINDOWS\system32\Drivers\secdrv.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00021760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smclib.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00019808 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaide.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmilib.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmiacpi.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swenum.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\umpass.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys.bak
2013-12-26 12:05 - 2013-12-26 12:05 - 00001407 _____ C:\Users\Jessica\Desktop\RKreport[0]_S_12262013_120537.txt
2013-12-26 12:05 - 2013-12-26 12:04 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 12526592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 03357024 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 02011488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 01119576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00994144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00782176 _____ (PMC-Sierra) C:\WINDOWS\system32\Drivers\adp80xx.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00651248 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAV.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00619008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00579416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00575840 _____ (LSI Corporation, Inc.) C:\WINDOWS\system32\Drivers\megasr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00564520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00531296 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00478048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00412000 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorV.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00377696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00366432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00337760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00274784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00259424 _____ (AMD Technologies Inc.) C:\WINDOWS\system32\Drivers\amdsbs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\1394ohci.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00217952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00199520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00192864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00168288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvstor.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00150368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvraid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00124768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00114016 _____ (PMC-Sierra, Inc.) C:\WINDOWS\system32\Drivers\arcsas.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00114016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00109408 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00108896 _____ (LSI) C:\WINDOWS\system32\Drivers\3ware.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00099320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00096768 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdW86.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00093536 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas2.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00088928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipfltdrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00082784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorClass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00082784 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sss.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00081760 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\lsi_sas3.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpiex.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00079200 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdsata.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00071896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00068960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mslldp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\GAGP30KX.SYS.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00064352 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\Drivers\HpSAMD.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00063840 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvumis.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00057696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00056672 _____ (LSI Corporation) C:\WINDOWS\system32\Drivers\megasas.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00051040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\circlass.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\condrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00037728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssmbios.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00036992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CompositeBus.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00036192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00035168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filetrace.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpata.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fdc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbatt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\asyncmac.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025952 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdxata.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\CmBatt.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00024568 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npsvctrig.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mcd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00021248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kdnic.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00017624 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\bcmfn2.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00017248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00014688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00014560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dmpusbstor.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipmi.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpitime.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\errdev.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpipagr.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidumdf.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mshidkmdf.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00007936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mstee.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00006784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys.bak
2013-12-26 12:04 - 2013-12-26 12:04 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys.bak
2013-12-26 00:42 - 2013-12-25 21:29 - 00000000 ____D C:\Users\Jessica\AppData\Local\NPE
2013-12-25 22:54 - 2013-12-25 22:54 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Malwarebytes
2013-12-25 22:53 - 2013-12-25 22:53 - 00001132 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-25 22:53 - 2013-12-25 22:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-25 22:53 - 2013-12-25 22:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-25 22:10 - 2013-12-25 22:10 - 00001827 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-12-25 22:10 - 2013-12-25 22:10 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\SUPERAntiSpyware.com
2013-12-25 22:10 - 2013-12-25 22:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-12-25 22:10 - 2013-12-25 22:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-25 21:29 - 2013-12-20 00:30 - 00000000 ____D C:\Users\Jessica
2013-12-25 21:29 - 2013-02-28 21:14 - 00000000 ____D C:\ProgramData\Norton
2013-12-25 20:54 - 2012-07-26 00:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-12-24 11:56 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-22 19:06 - 2013-08-22 06:46 - 00287850 _____ C:\WINDOWS\setupact.log
2013-12-21 20:05 - 2013-12-21 20:00 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-21 20:01 - 2013-12-21 20:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2013-12-21 20:00 - 2013-12-21 20:00 - 00001402 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-12-21 20:00 - 2013-12-21 20:00 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-12-21 14:11 - 2013-11-25 17:47 - 00000000 ____D C:\Users\Jessica\AppData\Local\Packages
2013-12-21 13:59 - 2013-11-13 23:20 - 00001260 _____ C:\WINDOWS\PFRO.log
2013-12-21 10:36 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-12-20 02:22 - 2013-12-20 02:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2013-12-20 02:15 - 2013-12-20 00:21 - 00000000 ___DC C:\WINDOWS\Panther
2013-12-20 02:15 - 2013-11-25 17:48 - 00000000 ___RD C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-20 02:15 - 2013-11-25 17:48 - 00000000 ___RD C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-20 02:15 - 2013-11-25 17:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2013-12-20 02:14 - 2013-12-20 02:14 - 00001453 _____ C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-20 02:14 - 2013-12-20 02:14 - 00000020 ___SH C:\Users\Jessica\ntuser.ini
2013-12-20 02:14 - 2013-11-30 21:57 - 00003234 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2013-12-20 00:46 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\rescache
2013-12-20 00:44 - 2013-12-20 00:44 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-12-20 00:44 - 2013-12-20 00:30 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2013-12-20 00:44 - 2013-12-20 00:30 - 00020958 _____ C:\WINDOWS\diagerr.xml
2013-12-20 00:44 - 2013-12-19 23:49 - 00006558 _____ C:\WINDOWS\comsetup.log
2013-12-20 00:44 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Registration
2013-12-20 00:40 - 2013-08-22 07:36 - 00000000 __RSD C:\WINDOWS\Media
2013-12-20 00:40 - 2013-08-22 07:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-20 00:37 - 2013-08-22 06:44 - 00335784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-20 00:35 - 2013-11-13 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-12-20 00:35 - 2013-11-13 23:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-12-20 00:35 - 2013-11-13 23:14 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-12-20 00:35 - 2013-08-22 07:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-12-20 00:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Help
2013-12-20 00:35 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-12-20 00:35 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-12-20 00:35 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-20 00:35 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-12-20 00:35 - 2013-06-09 08:43 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2013-12-20 00:35 - 2012-07-25 21:37 - 00000000 ____D C:\Users\Default.migrated
2013-12-20 00:34 - 2013-08-22 07:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-12-20 00:34 - 2013-08-22 07:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-12-20 00:34 - 2013-08-22 07:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-12-20 00:34 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-20 00:34 - 2013-06-09 08:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-12-20 00:34 - 2013-02-28 19:43 - 00000000 ____D C:\ProgramData\PRICache
2013-12-20 00:31 - 2013-12-20 00:31 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-12-20 00:31 - 2013-12-20 00:30 - 00000000 ___RD C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-20 00:31 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 ____D C:\Program Files\Realtek
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 ____D C:\Program Files\AMD
2013-12-20 00:23 - 2013-12-20 00:23 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-12-20 00:22 - 2013-08-22 05:36 - 00000000 __RHD C:\Users\Default
2013-12-20 00:21 - 2013-12-20 00:21 - 00000000 __SHD C:\Recovery
2013-12-20 00:20 - 2013-12-20 00:20 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-20 00:20 - 2013-12-20 00:20 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-20 00:20 - 2013-08-22 07:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-12-20 00:19 - 2013-12-20 00:19 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2013-12-20 00:19 - 2013-12-20 00:19 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-20 00:19 - 2013-12-20 00:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-12-20 00:18 - 2013-12-20 00:18 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2013-12-20 00:18 - 2013-12-20 00:18 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2013-12-20 00:18 - 2013-12-20 00:18 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 04191744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 04105728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-12-20 00:17 - 2013-12-20 00:17 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-12-20 00:17 - 2013-12-20 00:17 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-12-20 00:17 - 2013-12-20 00:17 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-12-20 00:17 - 2013-12-20 00:17 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-12-20 00:17 - 2013-12-20 00:17 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2013-12-20 00:17 - 2013-12-20 00:17 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2013-12-20 00:17 - 2013-08-22 07:36 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-20 00:17 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-20 00:17 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2013-12-20 00:17 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\FileManager
2013-12-20 00:17 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-20 00:15 - 2013-12-20 00:15 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-12-20 00:13 - 2013-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-12-20 00:13 - 2013-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-12-20 00:12 - 2013-12-20 00:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-12-20 00:12 - 2013-12-20 00:12 - 00000000 ____D C:\Program Files\MSBuild
2013-12-20 00:01 - 2013-06-09 08:41 - 01479217 _____ C:\WINDOWS\WindowsUpdate (1).log
2013-12-19 23:28 - 2012-07-26 00:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-15 00:08 - 2013-12-01 03:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-15 00:04 - 2013-12-01 03:17 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-14 22:01 - 2013-06-09 08:37 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-14 21:58 - 2013-12-14 21:58 - 00000000 ____D C:\Users\Jessica\AppData\Local\Cyberlink
2013-12-14 21:52 - 2013-12-14 21:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-12 14:51 - 2013-12-06 18:47 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-08 17:39 - 2013-12-08 17:39 - 00000000 ____D C:\Users\Jessica\AppData\Local\CrashDumps
2013-12-06 18:57 - 2013-12-06 18:48 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Apple Computer
2013-12-06 18:48 - 2013-12-06 18:48 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-06 18:48 - 2013-12-06 18:48 - 00000000 ____D C:\Users\Jessica\AppData\Local\Apple Computer
2013-12-06 18:48 - 2013-12-06 18:47 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-06 18:48 - 2013-12-06 18:47 - 00000000 ____D C:\Program Files\iTunes
2013-12-06 18:47 - 2013-12-06 18:47 - 00000000 ____D C:\ProgramData\Apple Computer
2013-12-06 18:47 - 2013-12-06 18:47 - 00000000 ____D C:\Program Files\iPod
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\Users\Jessica\AppData\Local\Apple
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-06 18:46 - 2013-12-06 18:46 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-12-06 18:46 - 2013-12-06 18:45 - 00000000 ____D C:\ProgramData\Apple
2013-12-06 18:45 - 2013-12-06 18:45 - 00000000 ____D C:\Program Files\Bonjour
2013-12-06 18:45 - 2013-12-06 18:45 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-12-06 18:32 - 2013-12-06 18:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-12-03 16:05 - 2013-08-22 07:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-03 16:05 - 2013-08-22 07:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-30 21:59 - 2013-11-30 21:59 - 00000000 ____D C:\Users\Jessica\Documents\Symantec
2013-11-30 21:57 - 2013-11-30 21:57 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2013-11-30 21:57 - 2013-11-30 21:57 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2013-11-30 21:57 - 2013-11-30 21:57 - 00002584 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-11-30 21:57 - 2013-11-30 21:57 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-11-30 21:57 - 2013-11-30 21:10 - 00001262 _____ C:\Users\Jessica\Desktop\Norton Installation Files.lnk
2013-11-30 21:56 - 2013-11-30 21:56 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2013-11-30 21:56 - 2013-11-30 21:56 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-11-30 21:19 - 2013-11-30 21:19 - 00000000 ____D C:\ProgramData\PCSettings
2013-11-30 21:10 - 2013-11-30 21:10 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-11-28 09:11 - 2013-11-26 02:40 - 505762411 _____ C:\WINDOWS\MEMORY.DMP
2013-11-27 05:23 - 2013-11-27 05:23 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Macromedia
2013-11-27 05:18 - 2013-11-27 05:18 - 00002236 _____ C:\Users\Public\Desktop\ASUS USB-N13 WLAN Control Center.lnk
2013-11-27 05:18 - 2013-11-27 05:18 - 00000000 ____D C:\Program Files (x86)\ASUS
2013-11-27 05:18 - 2012-07-25 21:26 - 00000284 _____ C:\WINDOWS\win.ini

Some content of TEMP:
====================
C:\Users\Jessica\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Jessica\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-20 00:22

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2013
Ran by Jessica at 2013-12-27 10:10:19
Running from C:\Users\Jessica\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Acer Remote (x32 Version: 1.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.21106)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD VISION Engine Control Center (x32 Version: 2012.1106.1640.29876)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ASUS USB-N13 WLAN Card Utilities & Driver (x32 Version: 1.0.0.8)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center InstallProxy (x32 Version: 2012.1106.1640.29876)
Catalyst Control Center Localization All (x32 Version: 2012.1106.1640.29876)
CCC Help Chinese Standard (x32 Version: 2012.1106.1639.29876)
CCC Help Chinese Traditional (x32 Version: 2012.1106.1639.29876)
CCC Help Czech (x32 Version: 2012.1106.1639.29876)
CCC Help Danish (x32 Version: 2012.1106.1639.29876)
CCC Help Dutch (x32 Version: 2012.1106.1639.29876)
CCC Help English (x32 Version: 2012.1106.1639.29876)
CCC Help Finnish (x32 Version: 2012.1106.1639.29876)
CCC Help French (x32 Version: 2012.1106.1639.29876)
CCC Help German (x32 Version: 2012.1106.1639.29876)
CCC Help Greek (x32 Version: 2012.1106.1639.29876)
CCC Help Hungarian (x32 Version: 2012.1106.1639.29876)
CCC Help Italian (x32 Version: 2012.1106.1639.29876)
CCC Help Japanese (x32 Version: 2012.1106.1639.29876)
CCC Help Korean (x32 Version: 2012.1106.1639.29876)
CCC Help Norwegian (x32 Version: 2012.1106.1639.29876)
CCC Help Polish (x32 Version: 2012.1106.1639.29876)
CCC Help Portuguese (x32 Version: 2012.1106.1639.29876)
CCC Help Russian (x32 Version: 2012.1106.1639.29876)
CCC Help Spanish (x32 Version: 2012.1106.1639.29876)
CCC Help Swedish (x32 Version: 2012.1106.1639.29876)
CCC Help Thai (x32 Version: 2012.1106.1639.29876)
CCC Help Turkish (x32 Version: 2012.1106.1639.29876)
ccc-utility64 (Version: 2012.1106.1640.29876)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364)
CyberLink PowerDVD 12 (x32 Version: 12.0.2531.57)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32)
eBay Worldwide (x32 Version: 2.4.0105)
Gateway Power Management (Version: 7.00.3012)
Gateway Recovery Management (Version: 6.00.3016)
Hotkey Utility (x32 Version: 3.00.3004)
Identity Card (x32 Version: 2.00.3004)
iTunes (Version: 11.1.3.8)
Jewel Match 3 (x32 Version: 2.2.0.98)
Live Updater (x32 Version: 2.00.3007)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office (x32 Version: 15.0.4454.1510)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98)
Nero BackItUp (x32 Version: 12.5.5000)
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000)
Nero ControlCenter (x32 Version: 11.0.15600)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000)
Nero Core Components (x32 Version: 11.0.20200)
Nero Launcher (x32 Version: 12.2.7000)
Nero RescueAgent (x32 Version: 12.0.3001)
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000)
Nero Update (x32 Version: 11.0.11800.31.0)
Norton Internet Security (x32 Version: 21.1.0.18)
Norton Online Backup (x32 Version: 2.2.3.51r2)
Norton Online Backup ARA (x32 Version: 4.1.0.14)
Peggle Nights (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Prerequisite installer (x32 Version: 12.0.0003)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6680)
Realtek USB 2.0 Card Reader (x32 Version: 6.2.8400.30137)
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Spybot - Search & Destroy (x32 Version: 2.2.25)
SUPERAntiSpyware (Version: 5.7.1016)
Tales of Lagoona (x32 Version: 2.2.0.110)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32)
Update Installer for WildTangent Games App (x32)
WildTangent Games (x32 Version: 1.0.4.0)
WildTangent Games App (x32 Version: 4.0.10.5)

==================== Restore Points  =========================

21-12-2013 18:36:16 Windows Update
26-12-2013 05:36:18 malwarescan

==================== Hosts content: ==========================

2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5A1750FF-10B1-4D67-9A8D-6C0589736E41} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BE147F9-4376-4704-9760-4D38E1D2E3AC} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {779BA926-5ACC-4EF1-8B7D-C6561CA9FDE5} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {79E3C4D2-0E06-42FC-ADF8-01D0D8ED9387} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7D8373CA-E9E2-4540-B3D0-E5DFAA8D21E9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {7DB09891-E0F4-4B76-821B-F9FD54299EA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A45666DE-DBAD-4955-9D58-40DFB899130B} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2013-01-22] ()
Task: {AB46308D-0251-41EF-9AE8-57931A3C09BA} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
Task: {B11C7EDB-684B-42E1-BB9E-6BC43BDF4D00} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-19] (CyberLink)
Task: {CD78D853-F805-4846-92D1-6D51F54C8DCF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6BE5569-AB51-4D56-8BD8-B82EC0FD1671} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [2012-09-20] (Acer Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9067804-25D4-4FC8-9F15-FE05B96EBAAB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {F93EF7AF-E971-40AD-AE0C-4654BCFAAC85} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)

==================== Loaded Modules (whitelisted) =============

2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-21 20:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-21 20:00 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-21 20:00 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-21 20:00 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-21 20:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-02-06 00:06 - 2013-02-05 21:14 - 00055368 _____ () C:\Program Files (x86)\Acer Remote\plugins\general.dll
2013-02-06 00:06 - 2013-02-05 21:14 - 00041032 _____ () C:\Program Files (x86)\Acer Remote\plugins\ITunesBase.dll
2013-02-06 00:06 - 2013-02-05 21:14 - 00040520 _____ () C:\Program Files (x86)\Acer Remote\plugins\WinEight.dll
2013-02-06 00:06 - 2013-02-05 21:14 - 00111176 _____ () C:\Program Files (x86)\Acer Remote\plugins\WMPBase.dll
2013-02-06 00:06 - 2013-02-05 21:14 - 00041032 _____ () C:\Program Files (x86)\Acer Remote\plugins\YTBBase.dll
2013-11-27 05:18 - 2013-09-11 10:27 - 00114688 _____ () C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\EnumDevLib.dll

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2013 09:48:13 AM) (Source: Application Error) (User: )
Description: Faulting application name: RtWlan.exe, version: 1.0.0.8, time stamp: 0x522fd97e
Faulting module name: RtWlan.exe, version: 1.0.0.8, time stamp: 0x522fd97e
Exception code: 0xc0000005
Fault offset: 0x0000574a
Faulting process id: 0xf0e8
Faulting application start time: 0xRtWlan.exe0
Faulting application path: RtWlan.exe1
Faulting module path: RtWlan.exe2
Report Id: RtWlan.exe3
Faulting package full name: RtWlan.exe4
Faulting package-relative application ID: RtWlan.exe5

Error: (12/26/2013 11:58:08 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 678

Start Time: 01cf0274b3cbab12

Termination Time: 93

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 0809ed61-6e68-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/26/2013 11:57:27 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1404

Start Time: 01cf0274932ddda8

Termination Time: 109

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: ef3454a3-6e67-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/26/2013 11:56:32 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1714

Start Time: 01cf0274766f2d5d

Termination Time: 75

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: ceab8b8c-6e67-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/26/2013 11:55:44 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1428

Start Time: 01cf0273019299c9

Termination Time: 116

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: b198aeec-6e67-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/26/2013 00:49:10 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d80

Start Time: 01cf02173c953405

Termination Time: 78

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 93ed3a1d-6e0a-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/26/2013 00:48:24 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 134c

Start Time: 01cf0217263af54f

Termination Time: 78

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 77fe47d0-6e0a-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/26/2013 00:47:46 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13d4

Start Time: 01cf02167000a36a

Termination Time: 78

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 61af898c-6e0a-11e3-be8d-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/25/2013 10:01:15 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e5c

Start Time: 01cf01ff3391c7b6

Termination Time: 71

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 1e5636b6-6df3-11e3-be8b-7427ea5df6de

Faulting package full name:

Faulting package-relative application ID:

Error: (12/24/2013 11:46:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: RtWlan.exe, version: 1.0.0.8, time stamp: 0x522fd97e
Faulting module name: RtWlan.exe, version: 1.0.0.8, time stamp: 0x522fd97e
Exception code: 0xc0000005
Fault offset: 0x0000574a
Faulting process id: 0x177c
Faulting application start time: 0xRtWlan.exe0
Faulting application path: RtWlan.exe1
Faulting module path: RtWlan.exe2
Report Id: RtWlan.exe3
Faulting package full name: RtWlan.exe4
Faulting package-relative application ID: RtWlan.exe5

System errors:
=============
Error: (12/27/2013 10:00:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/27/2013 09:57:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126

Error: (12/27/2013 09:57:14 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error Code: 126

Error: (12/27/2013 09:57:10 AM) (Source: usbehci) (User: )
Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response.

Error: (12/27/2013 00:47:04 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/27/2013 00:46:16 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/27/2013 00:29:12 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/27/2013 00:26:00 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/27/2013 00:24:08 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Error: (12/27/2013 00:24:06 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.

Microsoft Office Sessions:
=========================
Error: (12/27/2013 09:48:13 AM) (Source: Application Error)(User: )
Description: RtWlan.exe1.0.0.8522fd97eRtWlan.exe1.0.0.8522fd97ec00000050000574af0e801cf032bcfa74284C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exeC:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exe0e61384f-6f1f-11e3-be8e-7427ea5df6de

Error: (12/26/2013 11:58:08 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.1638467801cf0274b3cbab1293C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0809ed61-6e68-11e3-be8d-7427ea5df6de

Error: (12/26/2013 11:57:27 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384140401cf0274932ddda8109C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEef3454a3-6e67-11e3-be8d-7427ea5df6de

Error: (12/26/2013 11:56:32 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384171401cf0274766f2d5d75C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEceab8b8c-6e67-11e3-be8d-7427ea5df6de

Error: (12/26/2013 11:55:44 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384142801cf0273019299c9116C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEb198aeec-6e67-11e3-be8d-7427ea5df6de

Error: (12/26/2013 00:49:10 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384d8001cf02173c95340578C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE93ed3a1d-6e0a-11e3-be8d-7427ea5df6de

Error: (12/26/2013 00:48:24 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384134c01cf0217263af54f78C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE77fe47d0-6e0a-11e3-be8d-7427ea5df6de

Error: (12/26/2013 00:47:46 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.1638413d401cf02167000a36a78C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE61af898c-6e0a-11e3-be8d-7427ea5df6de

Error: (12/25/2013 10:01:15 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16384e5c01cf01ff3391c7b671C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE1e5636b6-6df3-11e3-be8b-7427ea5df6de

Error: (12/24/2013 11:46:05 AM) (Source: Application Error)(User: )
Description: RtWlan.exe1.0.0.8522fd97eRtWlan.exe1.0.0.8522fd97ec00000050000574a177c01cf00e0c79cd34cC:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exeC:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWlan.exe06297c40-6cd4-11e3-be88-7427ea5df6de

==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 5849.81 MB
Available physical RAM: 3953.58 MB
Total Pagefile: 6809.81 MB
Available Pagefile: 4560.88 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:448.87 GB) (Free:419.94 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: FBA11CB1)

Partition: GPT Partition Type
==================== End Of Log ============================



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 27 December 2013 - 01:17 PM



Hello gratefulforhelp

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 27 December 2013 - 03:25 PM

# AdwCleaner v3.016 - Report created 27/12/2013 at 14:12:02
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Jessica - UPSTAIRSCOMP
# Running from : C:\Users\Jessica\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

*************************

AdwCleaner[R0].txt - [760 octets] - [26/12/2013 12:23:51]
AdwCleaner[R1].txt - [787 octets] - [27/12/2013 14:09:02]
AdwCleaner[S0].txt - [826 octets] - [26/12/2013 12:26:07]
AdwCleaner[S1].txt - [713 octets] - [27/12/2013 14:12:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [772 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Jessica on Fri 12/27/2013 at 15:01:36.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/27/2013 at 15:17:19.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#6 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 27 December 2013 - 03:28 PM

I just checked the task manager and the multiple iexplore exe are there.



#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 27 December 2013 - 05:53 PM


Hello gratefulforhelp

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 27 December 2013 - 06:36 PM

Hello Gringo, thank-you for helping me.

 

I downloaded the combofix, it started working than it stopped and a box popped up saying: WARNING RUNNING IN COMPATIBILTY MODE MAY DAMAGE YOUR COMPUTER

 

How do I stop it from running in compatibility mode? It has a run as administrator and open file location. I don't dare to click either option without your guidance on which is the right one.

 

---------------------------------------------------------------------------------------------------------------------------------------------------

 

The internet is working faster right now, but time warner cable upgraded the t.v. boxes and the modem on the downstairs computer with the wi-fi I use on my wireless computer. He said that our internet speed will increase, so I honestly don't know if that's the reason it's running faster, or if the malware and adware removals you've given me are working


Edited by gratefulforhelp, 27 December 2013 - 06:43 PM.


#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 27 December 2013 - 10:08 PM


Hello gratefulforhelp

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 27 December 2013 - 10:42 PM

OTL logfile created on: 12/27/2013 10:15:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jessica\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.71 Gb Total Physical Memory | 4.39 Gb Available Physical Memory | 76.76% Memory free
6.65 Gb Paging File | 5.09 Gb Available in Paging File | 76.47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.87 Gb Total Space | 418.86 Gb Free Space | 93.31% Space Free | Partition Type: NTFS
 
Computer Name: UPSTAIRSCOMP | User Name: Jessica | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jessica\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtWLan.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Acer Remote\ArcServer.exe (Acer)
PRC - C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - c:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Acer Remote\plugins\YTBBase.dll ()
MOD - C:\Program Files (x86)\Acer Remote\plugins\WMPBase.dll ()
MOD - C:\Program Files (x86)\Acer Remote\plugins\WinEight.dll ()
MOD - C:\Program Files (x86)\Acer Remote\plugins\ITunesBase.dll ()
MOD - C:\Program Files (x86)\Acer Remote\plugins\general.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation)
SRV - (Realtek11nSU) -- C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe (Realtek Semiconductor Corp.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (NAUpdate) -- c:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Realsil Microelectronics Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (RtlWlanu) -- C:\Windows\SysNative\drivers\RTWlanU.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymELAM.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131227.002\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131227.002\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20131225.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131203.001\BHDrvx64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {126CCDF9-1377-427A-B8C5-305D27CAF043}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{126CCDF9-1377-427A-B8C5-305D27CAF043}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
IE:64bit: - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{126CCDF9-1377-427A-B8C5-305D27CAF043}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
IE - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2607322971-2545331547-4087187186-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-2607322971-2545331547-4087187186-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
IE - HKU\S-1-5-21-2607322971-2545331547-4087187186-1001\..\SearchScopes,DefaultScope = {126CCDF9-1377-427A-B8C5-305D27CAF043}
IE - HKU\S-1-5-21-2607322971-2545331547-4087187186-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2607322971-2545331547-4087187186-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013/12/01 00:58:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2013/12/27 17:16:42 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2607322971-2545331547-4087187186-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49F1B8DB-ADE9-4AFD-811F-7CB804D0ED36}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5B6E80B-A4BF-4B04-90ED-573BA531BD03}: DhcpNameServer = 192.0.2.3
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/12/27 22:13:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/12/27 18:22:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/12/27 18:22:48 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/12/27 18:01:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/12/27 17:52:50 | 000,000,000 | ---D | C] -- C:\Users\Jessica\Documents\ProcAlyzer Dumps
[2013/12/27 17:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/12/27 13:07:09 | 000,000,000 | ---D | C] -- C:\FRST
[2013/12/26 15:22:17 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/26 15:05:31 | 000,023,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WppRecorder.sys.bak
[2013/12/26 15:05:30 | 000,054,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys.bak
[2013/12/26 15:05:30 | 000,026,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys.bak
[2013/12/26 15:05:30 | 000,018,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wmilib.sys.bak
[2013/12/26 15:05:29 | 000,136,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys.bak
[2013/12/26 15:05:29 | 000,061,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys.bak
[2013/12/26 15:05:29 | 000,038,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\werkernel.sys.bak
[2013/12/26 15:05:28 | 000,265,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys.bak
[2013/12/26 15:05:28 | 000,124,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys.bak
[2013/12/26 15:05:28 | 000,060,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys.bak
[2013/12/26 15:05:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys.bak
[2013/12/26 15:05:27 | 000,034,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys.bak
[2013/12/26 15:05:26 | 000,305,504 | ---- | C] (VIA Corporation) -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS.bak
[2013/12/26 15:05:25 | 000,069,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys.bak
[2013/12/26 15:05:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys.bak
[2013/12/26 15:05:23 | 000,090,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys.bak
[2013/12/26 15:05:23 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\videoprt.sys.bak
[2013/12/26 15:05:22 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS.bak
[2013/12/26 15:05:22 | 000,175,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys.bak
[2013/12/26 15:05:21 | 000,439,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys.bak
[2013/12/26 15:05:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbrpm.sys.bak
[2013/12/26 15:05:20 | 000,467,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS.bak
[2013/12/26 15:05:20 | 000,028,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys.bak
[2013/12/26 15:05:19 | 000,054,784 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys.bak
[2013/12/26 15:05:19 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/26 15:05:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys.bak
[2013/12/26 15:05:18 | 000,026,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\uefi.sys.bak
[2013/12/26 15:05:17 | 000,189,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS.bak
[2013/12/26 15:05:17 | 000,074,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\uaspstor.sys.bak
[2013/12/26 15:05:16 | 000,159,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys.bak
[2013/12/26 15:05:16 | 000,121,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys.bak
[2013/12/26 15:05:16 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/26 15:05:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys.bak
[2013/12/26 15:05:15 | 000,037,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\terminpt.sys.bak
[2013/12/26 15:05:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tdi.sys.bak
[2013/12/26 15:05:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tape.sys.bak
[2013/12/26 15:05:14 | 000,021,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys.bak
[2013/12/26 15:05:13 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2013/12/26 15:05:13 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stream.sys.bak
[2013/12/26 15:05:12 | 000,374,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys.bak
[2013/12/26 15:05:12 | 000,107,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys.bak
[2013/12/26 15:05:12 | 000,057,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys.bak
[2013/12/26 15:05:12 | 000,031,072 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\stexstor.sys.bak
[2013/12/26 15:05:11 | 000,072,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SpbCx.sys.bak
[2013/12/26 15:05:10 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys.bak
[2013/12/26 15:05:10 | 000,096,856 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SMR410.SYS.bak
[2013/12/26 15:05:10 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\smclib.sys.bak
[2013/12/26 15:05:08 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys.bak
[2013/12/26 15:05:08 | 000,078,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys.bak
[2013/12/26 15:05:08 | 000,069,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx.sys.bak
[2013/12/26 15:05:07 | 000,236,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys.bak
[2013/12/26 15:05:07 | 000,170,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scsiport.sys.bak
[2013/12/26 15:05:06 | 002,968,792 | ---- | C] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\SysNative\drivers\RTWlanU.sys.bak
[2013/12/26 15:05:06 | 000,252,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys.bak
[2013/12/26 15:05:05 | 000,591,360 | ---- | C] (Realtek                                            ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys.bak
[2013/12/26 15:05:04 | 000,924,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys.bak
[2013/12/26 15:05:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys.bak
[2013/12/26 15:05:04 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RNDISMP.sys.bak
[2013/12/26 15:05:04 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys.bak
[2013/12/26 15:05:03 | 000,027,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys.bak
[2013/12/26 15:05:01 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys.bak
[2013/12/26 15:05:00 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys.bak
[2013/12/26 15:04:59 | 000,048,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pciidex.sys.bak
[2013/12/26 15:04:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\npsvctrig.sys.bak
[2013/12/26 15:04:56 | 000,478,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys.bak
[2013/12/26 15:04:56 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys.bak
[2013/12/26 15:04:55 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys.bak
[2013/12/26 15:04:54 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys.bak
[2013/12/26 15:04:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys.bak
[2013/12/26 15:04:53 | 000,063,840 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\SysNative\drivers\mvumis.sys.bak
[2013/12/26 15:04:51 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys.bak
[2013/12/26 15:04:50 | 000,146,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys.bak
[2013/12/26 15:04:50 | 000,041,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys.bak
[2013/12/26 15:04:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys.bak
[2013/12/26 15:04:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mcd.sys.bak
[2013/12/26 15:04:46 | 000,093,536 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/26 15:04:46 | 000,082,784 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys.bak
[2013/12/26 15:04:46 | 000,081,760 | ---- | C] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys.bak
[2013/12/26 15:04:46 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys.bak
[2013/12/26 15:04:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\kdnic.sys.bak
[2013/12/26 15:04:43 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\irda.sys.bak
[2013/12/26 15:04:42 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys.bak
[2013/12/26 15:04:41 | 000,651,248 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys.bak
[2013/12/26 15:04:41 | 000,099,320 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys.bak
[2013/12/26 15:04:41 | 000,024,568 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys.bak
[2013/12/26 15:04:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys.bak
[2013/12/26 15:04:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys.bak
[2013/12/26 15:04:39 | 000,064,352 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys.bak
[2013/12/26 15:04:39 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys.bak
[2013/12/26 15:04:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys.bak
[2013/12/26 15:04:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys.bak
[2013/12/26 15:04:37 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys.bak
[2013/12/26 15:04:37 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fxppm.sys.bak
[2013/12/26 15:04:36 | 000,428,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/26 15:04:36 | 000,030,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys.bak
[2013/12/26 15:04:33 | 003,357,024 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys.bak
[2013/12/26 15:04:32 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys.bak
[2013/12/26 15:04:32 | 000,114,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorTcgDrv.sys.bak
[2013/12/26 15:04:32 | 000,082,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys.bak
[2013/12/26 15:04:31 | 000,151,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys.bak
[2013/12/26 15:04:31 | 000,071,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys.bak
[2013/12/26 15:04:31 | 000,033,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpata.sys.bak
[2013/12/26 15:04:30 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys.bak
[2013/12/26 15:04:30 | 000,036,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys.bak
[2013/12/26 15:04:30 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys.bak
[2013/12/26 15:04:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dmpusbstor.sys.bak
[2013/12/26 15:04:29 | 000,068,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys.bak
[2013/12/26 15:04:29 | 000,057,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys.bak
[2013/12/26 15:04:29 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\condrv.sys.bak
[2013/12/26 15:04:28 | 000,377,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys.bak
[2013/12/26 15:04:28 | 000,337,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys.bak
[2013/12/26 15:04:27 | 000,531,296 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys.bak
[2013/12/26 15:04:26 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys.bak
[2013/12/26 15:04:26 | 000,036,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys.bak
[2013/12/26 15:04:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys.bak
[2013/12/26 15:04:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys.bak
[2013/12/26 15:04:25 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\battc.sys.bak
[2013/12/26 15:04:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys.bak
[2013/12/26 15:04:25 | 000,017,624 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys.bak
[2013/12/26 15:04:24 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicDisplay.sys.bak
[2013/12/26 15:04:23 | 000,619,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys.bak
[2013/12/26 15:04:22 | 012,526,592 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys.bak
[2013/12/26 15:04:22 | 000,199,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ataport.sys.bak
[2013/12/26 15:04:22 | 000,096,768 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\AtihdW86.sys.bak
[2013/12/26 15:04:21 | 000,259,424 | ---- | C] (AMD Technologies Inc.) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys.bak
[2013/12/26 15:04:21 | 000,025,952 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdxata.sys.bak
[2013/12/26 15:04:20 | 000,079,200 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdsata.sys.bak
[2013/12/26 15:04:20 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys.bak
[2013/12/26 15:04:19 | 000,782,176 | ---- | C] (PMC-Sierra) -- C:\WINDOWS\SysNative\drivers\adp80xx.sys.bak
[2013/12/26 15:04:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpitime.sys.bak
[2013/12/26 15:04:18 | 000,108,896 | ---- | C] (LSI) -- C:\WINDOWS\SysNative\drivers\3ware.sys.bak
[2013/12/26 15:04:18 | 000,079,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpiex.sys.bak
[2013/12/26 15:04:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpipagr.sys.bak
[2013/12/26 15:01:45 | 000,000,000 | ---D | C] -- C:\Users\Jessica\Desktop\RK_Quarantine
[2013/12/26 01:54:05 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Malwarebytes
[2013/12/26 01:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/12/26 01:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/12/26 01:53:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013/12/26 01:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/12/26 01:10:45 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\SUPERAntiSpyware.com
[2013/12/26 01:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/12/26 01:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/12/26 01:10:34 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/12/26 00:29:14 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\NPE
[2013/12/21 23:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/12/21 23:00:31 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2013/12/21 23:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/12/21 23:00:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013/12/21 22:58:20 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\Programs
[2013/12/20 03:30:35 | 000,000,000 | --SD | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft
[2013/12/20 03:30:35 | 000,000,000 | R--D | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/12/20 03:30:35 | 000,000,000 | R--D | C] -- C:\Users\Jessica\Favorites
[2013/12/20 03:30:35 | 000,000,000 | R--D | C] -- C:\Users\Jessica\Documents
[2013/12/20 03:30:35 | 000,000,000 | R--D | C] -- C:\Users\Jessica\Desktop
[2013/12/20 03:30:35 | 000,000,000 | R--D | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/12/20 03:30:35 | 000,000,000 | R--D | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\AppData\Local\Temporary Internet Files
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Templates
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Start Menu
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\SendTo
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Recent
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\PrintHood
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\NetHood
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Documents\My Videos
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Documents\My Pictures
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Documents\My Music
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\My Documents
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Local Settings
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\AppData\Local\History
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Cookies
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\Application Data
[2013/12/20 03:30:35 | 000,000,000 | -HSD | C] -- C:\Users\Jessica\AppData\Local\Application Data
[2013/12/20 03:30:35 | 000,000,000 | -H-D | C] -- C:\Users\Jessica\AppData
[2013/12/20 03:30:35 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\Temp
[2013/12/20 03:30:35 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\Microsoft
[2013/12/20 03:30:35 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/12/20 03:23:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013/12/20 03:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/12/20 03:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2013/12/20 03:23:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/12/20 03:21:24 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013/12/20 03:21:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2013/12/20 03:20:03 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2013/12/20 03:19:45 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2013/12/20 03:19:45 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2013/12/20 03:19:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2013/12/20 03:19:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2013/12/20 03:19:27 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2013/12/20 03:19:27 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2013/12/20 03:19:27 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2013/12/20 03:18:40 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/12/20 03:18:40 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2013/12/20 03:18:40 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2013/12/20 03:18:40 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2013/12/20 03:18:40 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2013/12/20 03:18:40 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013/12/20 03:17:44 | 004,105,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/12/20 03:17:44 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2013/12/20 03:17:11 | 013,177,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/12/20 03:17:11 | 011,674,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/12/20 03:17:11 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/12/20 03:17:11 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2013/12/20 03:17:11 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/12/20 03:17:11 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2013/12/20 03:17:11 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/12/20 03:17:11 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/12/20 03:17:11 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013/12/20 03:17:11 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013/12/20 03:17:11 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/12/20 03:17:11 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/12/20 03:17:11 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2013/12/20 03:17:11 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013/12/20 03:17:11 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013/12/20 03:17:11 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013/12/20 03:17:11 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2013/12/20 03:17:11 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013/12/20 03:17:11 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/12/20 03:17:11 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013/12/20 03:17:11 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/12/20 03:17:11 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2013/12/20 03:17:11 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2013/12/20 03:17:11 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/12/20 03:17:11 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013/12/20 03:17:11 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2013/12/20 03:17:11 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013/12/20 03:17:11 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2013/12/20 03:17:11 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/12/20 03:17:11 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013/12/20 03:17:11 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/12/20 03:17:11 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/12/20 03:17:11 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2013/12/20 03:17:11 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013/12/20 03:17:11 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2013/12/20 03:17:11 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/12/20 03:17:11 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2013/12/20 03:17:11 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2013/12/20 03:17:11 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/12/20 03:17:11 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2013/12/20 03:17:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2013/12/20 03:17:11 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013/12/20 03:17:11 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/12/20 03:17:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2013/12/20 03:17:11 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2013/12/20 03:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013/12/20 03:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013/12/20 03:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/12/20 03:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/12/20 03:11:57 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/12/20 03:11:57 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2013/12/20 03:11:56 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2013/12/20 03:11:56 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2013/12/20 03:11:55 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/12/20 03:11:54 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2013/12/15 00:58:20 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\Cyberlink
[2013/12/08 20:39:35 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\CrashDumps
[2013/12/06 21:48:48 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Apple Computer
[2013/12/06 21:48:48 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\Apple Computer
[2013/12/06 21:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/12/06 21:48:34 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2013/12/06 21:48:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\DRVSTORE
[2013/12/06 21:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/12/06 21:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/12/06 21:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/12/06 21:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/12/06 21:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/12/06 21:46:37 | 000,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Local\Apple
[2013/12/06 21:46:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/12/06 21:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/12/06 21:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/12/06 21:45:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/12/06 21:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/12/06 21:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/12/01 06:17:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2013/12/01 02:43:51 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013/12/01 02:43:51 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013/12/01 00:59:39 | 000,000,000 | ---D | C] -- C:\Users\Jessica\Documents\Symantec
[2013/12/01 00:57:58 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2013/12/01 00:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/12/01 00:57:24 | 001,147,480 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys
[2013/12/01 00:57:24 | 000,858,200 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.sys
[2013/12/01 00:57:24 | 000,590,936 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\symnets.sys
[2013/12/01 00:57:24 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymDS64.sys
[2013/12/01 00:57:24 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Ironx64.sys
[2013/12/01 00:57:24 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys
[2013/12/01 00:57:24 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtspx64.sys
[2013/12/01 00:57:24 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymELAM.sys
[2013/12/01 00:56:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NISx64
[2013/12/01 00:56:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012
[2013/12/01 00:56:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013/12/01 00:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013/12/01 00:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
 
========== Files - Modified Within 30 Days ==========
 
[2013/12/27 19:42:13 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/12/27 17:20:58 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013/12/27 17:20:58 | 000,730,408 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013/12/27 17:20:58 | 000,135,520 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013/12/27 17:13:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/12/27 17:13:24 | 612,208,639 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/26 15:05:31 | 000,026,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WpdUpFltr.sys.bak
[2013/12/26 15:05:31 | 000,023,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WppRecorder.sys.bak
[2013/12/26 15:05:30 | 000,061,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\winhv.sys.bak
[2013/12/26 15:05:30 | 000,054,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wpcfltr.sys.bak
[2013/12/26 15:05:30 | 000,018,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wmilib.sys.bak
[2013/12/26 15:05:29 | 000,136,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys.bak
[2013/12/26 15:05:29 | 000,124,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys.bak
[2013/12/26 15:05:29 | 000,038,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\werkernel.sys.bak
[2013/12/26 15:05:28 | 000,265,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys.bak
[2013/12/26 15:05:28 | 000,060,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys.bak
[2013/12/26 15:05:28 | 000,034,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys.bak
[2013/12/26 15:05:27 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\watchdog.sys.bak
[2013/12/26 15:05:26 | 000,305,504 | ---- | M] (VIA Corporation) -- C:\WINDOWS\SysNative\drivers\VSTXRAID.SYS.bak
[2013/12/26 15:05:26 | 000,069,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys.bak
[2013/12/26 15:05:24 | 000,090,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmbkmcl.sys.bak
[2013/12/26 15:05:24 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vmgencounter.sys.bak
[2013/12/26 15:05:23 | 000,175,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\VerifierExt.sys.bak
[2013/12/26 15:05:23 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\videoprt.sys.bak
[2013/12/26 15:05:22 | 000,325,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS.bak
[2013/12/26 15:05:22 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbrpm.sys.bak
[2013/12/26 15:05:21 | 000,467,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS.bak
[2013/12/26 15:05:21 | 000,439,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys.bak
[2013/12/26 15:05:20 | 000,028,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys.bak
[2013/12/26 15:05:19 | 000,054,784 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys.bak
[2013/12/26 15:05:19 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBCAMD2.sys.bak
[2013/12/26 15:05:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys.bak
[2013/12/26 15:05:18 | 000,026,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\uefi.sys.bak
[2013/12/26 15:05:17 | 000,189,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS.bak
[2013/12/26 15:05:17 | 000,074,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\uaspstor.sys.bak
[2013/12/26 15:05:17 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys.bak
[2013/12/26 15:05:16 | 000,159,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys.bak
[2013/12/26 15:05:16 | 000,121,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tm.sys.bak
[2013/12/26 15:05:16 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys.bak
[2013/12/26 15:05:16 | 000,037,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\terminpt.sys.bak
[2013/12/26 15:05:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tdi.sys.bak
[2013/12/26 15:05:14 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tape.sys.bak
[2013/12/26 15:05:14 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tbs.sys.bak
[2013/12/26 15:05:13 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS.bak
[2013/12/26 15:05:13 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stream.sys.bak
[2013/12/26 15:05:12 | 000,374,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys.bak
[2013/12/26 15:05:12 | 000,107,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys.bak
[2013/12/26 15:05:12 | 000,057,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys.bak
[2013/12/26 15:05:12 | 000,031,072 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\SysNative\drivers\stexstor.sys.bak
[2013/12/26 15:05:11 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys.bak
[2013/12/26 15:05:11 | 000,072,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SpbCx.sys.bak
[2013/12/26 15:05:10 | 000,096,856 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SMR410.SYS.bak
[2013/12/26 15:05:10 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\smclib.sys.bak
[2013/12/26 15:05:08 | 000,236,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys.bak
[2013/12/26 15:05:08 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys.bak
[2013/12/26 15:05:08 | 000,078,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys.bak
[2013/12/26 15:05:08 | 000,069,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx.sys.bak
[2013/12/26 15:05:07 | 002,968,792 | ---- | M] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\SysNative\drivers\RTWlanU.sys.bak
[2013/12/26 15:05:07 | 000,170,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scsiport.sys.bak
[2013/12/26 15:05:06 | 000,252,048 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys.bak
[2013/12/26 15:05:05 | 000,591,360 | ---- | M] (Realtek                                            ) -- C:\WINDOWS\SysNative\drivers\Rt630x64.sys.bak
[2013/12/26 15:05:05 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rootmdm.sys.bak
[2013/12/26 15:05:04 | 000,924,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys.bak
[2013/12/26 15:05:04 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rmcast.sys.bak
[2013/12/26 15:05:04 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\RNDISMP.sys.bak
[2013/12/26 15:05:03 | 000,027,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys.bak
[2013/12/26 15:05:01 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys.bak
[2013/12/26 15:05:00 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys.bak
[2013/12/26 15:05:00 | 000,048,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pciidex.sys.bak
[2013/12/26 15:04:57 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\npsvctrig.sys.bak
[2013/12/26 15:04:56 | 000,478,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys.bak
[2013/12/26 15:04:56 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc63.sys.bak
[2013/12/26 15:04:55 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Ndu.sys.bak
[2013/12/26 15:04:55 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisVirtualBus.sys.bak
[2013/12/26 15:04:54 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys.bak
[2013/12/26 15:04:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\SysNative\drivers\mvumis.sys.bak
[2013/12/26 15:04:51 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mslldp.sys.bak
[2013/12/26 15:04:51 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mshidumdf.sys.bak
[2013/12/26 15:04:50 | 000,146,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys.bak
[2013/12/26 15:04:50 | 000,041,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys.bak
[2013/12/26 15:04:47 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys.bak
[2013/12/26 15:04:47 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\mcd.sys.bak
[2013/12/26 15:04:46 | 000,093,536 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys.bak
[2013/12/26 15:04:46 | 000,082,784 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sss.sys.bak
[2013/12/26 15:04:46 | 000,081,760 | ---- | M] (LSI Corporation) -- C:\WINDOWS\SysNative\drivers\lsi_sas3.sys.bak
[2013/12/26 15:04:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\kdnic.sys.bak
[2013/12/26 15:04:43 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\irda.sys.bak
[2013/12/26 15:04:42 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys.bak
[2013/12/26 15:04:41 | 000,651,248 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStorAV.sys.bak
[2013/12/26 15:04:41 | 000,099,320 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_I2C.sys.bak
[2013/12/26 15:04:41 | 000,024,568 | ---- | M] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaLPSSi_GPIO.sys.bak
[2013/12/26 15:04:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\HyperVideo.sys.bak
[2013/12/26 15:04:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hyperkbd.sys.bak
[2013/12/26 15:04:39 | 000,064,352 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys.bak
[2013/12/26 15:04:39 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys.bak
[2013/12/26 15:04:39 | 000,032,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys.bak
[2013/12/26 15:04:38 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys.bak
[2013/12/26 15:04:37 | 000,428,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS.bak
[2013/12/26 15:04:37 | 000,033,240 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys.bak
[2013/12/26 15:04:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fxppm.sys.bak
[2013/12/26 15:04:36 | 000,030,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys.bak
[2013/12/26 15:04:33 | 003,357,024 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys.bak
[2013/12/26 15:04:32 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys.bak
[2013/12/26 15:04:32 | 000,114,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorTcgDrv.sys.bak
[2013/12/26 15:04:32 | 000,082,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\EhStorClass.sys.bak
[2013/12/26 15:04:31 | 000,151,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys.bak
[2013/12/26 15:04:31 | 000,071,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys.bak
[2013/12/26 15:04:31 | 000,033,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dumpata.sys.bak
[2013/12/26 15:04:30 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys.bak
[2013/12/26 15:04:30 | 000,036,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Diskdump.sys.bak
[2013/12/26 15:04:30 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dmvsc.sys.bak
[2013/12/26 15:04:30 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Dmpusbstor.sys.bak
[2013/12/26 15:04:29 | 000,068,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys.bak
[2013/12/26 15:04:29 | 000,057,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys.bak
[2013/12/26 15:04:29 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\condrv.sys.bak
[2013/12/26 15:04:28 | 000,377,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys.bak
[2013/12/26 15:04:28 | 000,337,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys.bak
[2013/12/26 15:04:27 | 000,531,296 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys.bak
[2013/12/26 15:04:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys.bak
[2013/12/26 15:04:26 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys.bak
[2013/12/26 15:04:26 | 000,036,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys.bak
[2013/12/26 15:04:26 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys.bak
[2013/12/26 15:04:25 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicDisplay.sys.bak
[2013/12/26 15:04:25 | 000,035,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\battc.sys.bak
[2013/12/26 15:04:25 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BasicRender.sys.bak
[2013/12/26 15:04:25 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\bcmfn2.sys.bak
[2013/12/26 15:04:24 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys.bak
[2013/12/26 15:04:23 | 012,526,592 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys.bak
[2013/12/26 15:04:22 | 000,199,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ataport.sys.bak
[2013/12/26 15:04:22 | 000,096,768 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\AtihdW86.sys.bak
[2013/12/26 15:04:21 | 000,259,424 | ---- | M] (AMD Technologies Inc.) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys.bak
[2013/12/26 15:04:21 | 000,079,200 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdsata.sys.bak
[2013/12/26 15:04:21 | 000,025,952 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\SysNative\drivers\amdxata.sys.bak
[2013/12/26 15:04:20 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys.bak
[2013/12/26 15:04:19 | 000,782,176 | ---- | M] (PMC-Sierra) -- C:\WINDOWS\SysNative\drivers\adp80xx.sys.bak
[2013/12/26 15:04:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpitime.sys.bak
[2013/12/26 15:04:18 | 000,108,896 | ---- | M] (LSI) -- C:\WINDOWS\SysNative\drivers\3ware.sys.bak
[2013/12/26 15:04:18 | 000,079,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpiex.sys.bak
[2013/12/26 15:04:18 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\acpipagr.sys.bak
[2013/12/26 01:53:54 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/26 01:10:40 | 000,001,827 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/12/21 23:00:38 | 000,001,402 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/12/21 13:37:12 | 004,323,867 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Cat.DB
[2013/12/20 03:44:28 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013/12/20 03:44:28 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013/12/20 03:44:04 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/12/20 03:37:51 | 000,335,784 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013/12/20 03:23:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2013/12/20 03:20:03 | 000,075,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2013/12/20 03:19:45 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2013/12/20 03:19:45 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2013/12/20 03:19:37 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2013/12/20 03:19:37 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2013/12/20 03:19:27 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2013/12/20 03:19:27 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2013/12/20 03:19:27 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2013/12/20 03:18:40 | 005,769,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013/12/20 03:18:40 | 001,995,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2013/12/20 03:18:40 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2013/12/20 03:18:40 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2013/12/20 03:18:40 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2013/12/20 03:18:40 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013/12/20 03:17:44 | 004,105,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2013/12/20 03:17:44 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2013/12/20 03:17:11 | 013,177,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013/12/20 03:17:11 | 011,674,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013/12/20 03:17:11 | 007,399,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013/12/20 03:17:11 | 002,896,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2013/12/20 03:17:11 | 002,570,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013/12/20 03:17:11 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2013/12/20 03:17:11 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013/12/20 03:17:11 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013/12/20 03:17:11 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013/12/20 03:17:11 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013/12/20 03:17:11 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013/12/20 03:17:11 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013/12/20 03:17:11 | 001,756,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2013/12/20 03:17:11 | 001,642,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013/12/20 03:17:11 | 001,506,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013/12/20 03:17:11 | 001,476,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013/12/20 03:17:11 | 001,391,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2013/12/20 03:17:11 | 001,345,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013/12/20 03:17:11 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013/12/20 03:17:11 | 000,922,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013/12/20 03:17:11 | 000,840,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013/12/20 03:17:11 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2013/12/20 03:17:11 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2013/12/20 03:17:11 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013/12/20 03:17:11 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013/12/20 03:17:11 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2013/12/20 03:17:11 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013/12/20 03:17:11 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2013/12/20 03:17:11 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013/12/20 03:17:11 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013/12/20 03:17:11 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013/12/20 03:17:11 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013/12/20 03:17:11 | 000,358,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2013/12/20 03:17:11 | 000,325,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013/12/20 03:17:11 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2013/12/20 03:17:11 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/12/20 03:17:11 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2013/12/20 03:17:11 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2013/12/20 03:17:11 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013/12/20 03:17:11 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2013/12/20 03:17:11 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2013/12/20 03:17:11 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013/12/20 03:17:11 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013/12/20 03:17:11 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2013/12/20 03:17:11 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2013/12/19 13:55:20 | 000,023,702 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20131219.024
[2013/12/15 00:52:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/12/06 21:48:40 | 000,001,790 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/06 21:32:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/12/03 19:05:48 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013/12/03 19:05:48 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/01 00:57:58 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2013/12/01 00:57:58 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2013/12/01 00:57:58 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2013/12/01 00:57:57 | 000,002,584 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/12/01 00:57:02 | 000,001,262 | ---- | M] () -- C:\Users\Jessica\Desktop\Norton Installation Files.lnk
[2013/11/28 12:11:28 | 505,762,411 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
 
========== Files Created - No Company Name ==========
 
[2013/12/26 01:53:54 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/12/26 01:10:40 | 000,001,827 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/12/21 23:00:38 | 000,001,414 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/12/21 23:00:38 | 000,001,402 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/12/20 21:59:50 | 000,023,702 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20131219.024
[2013/12/20 05:14:54 | 000,001,453 | ---- | C] () -- C:\Users\Jessica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/12/20 03:44:04 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013/12/20 03:35:24 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/12/20 03:30:35 | 000,000,352 | ---- | C] () -- C:\Users\Jessica\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/12/20 03:30:35 | 000,000,334 | ---- | C] () -- C:\Users\Jessica\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/12/20 03:30:19 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013/12/20 03:30:19 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013/12/20 03:23:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/12/15 00:52:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013/12/06 21:48:40 | 000,001,790 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/12/06 21:46:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/12/06 21:32:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/12/01 00:58:00 | 004,323,867 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Cat.DB
[2013/12/01 00:57:58 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2013/12/01 00:57:58 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2013/12/01 00:57:57 | 000,002,584 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013/12/01 00:56:57 | 000,014,818 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymVTcer.dat
[2013/12/01 00:56:57 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymELAM64.cat
[2013/12/01 00:56:57 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\ccSetx64.cat
[2013/12/01 00:56:57 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtspx64.cat
[2013/12/01 00:56:57 | 000,008,194 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymEFA64.cat
[2013/12/01 00:56:57 | 000,008,192 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\symnet64.cat
[2013/12/01 00:56:57 | 000,008,192 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.cat
[2013/12/01 00:56:57 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymDS64.cat
[2013/12/01 00:56:57 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\iron.cat
[2013/12/01 00:56:57 | 000,003,433 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymEFA.inf
[2013/12/01 00:56:57 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymDS.inf
[2013/12/01 00:56:57 | 000,001,440 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymNet.inf
[2013/12/01 00:56:57 | 000,001,437 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.inf
[2013/12/01 00:56:57 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtspx64.inf
[2013/12/01 00:56:57 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\symELAM.inf
[2013/12/01 00:56:57 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\ccSetx64.inf
[2013/12/01 00:56:57 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Iron.inf
[2013/12/01 00:56:57 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\isolate.ini
[2013/12/01 00:10:23 | 000,001,262 | ---- | C] () -- C:\Users\Jessica\Desktop\Norton Installation Files.lnk
[2013/11/25 21:01:03 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2013/09/26 22:02:38 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/09/26 22:02:38 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/09/26 22:02:36 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/09/26 22:02:18 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/09/26 22:02:18 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/09/26 22:02:12 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/08/22 10:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 10:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 09:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 02:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 22:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 22:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013/08/21 18:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 18:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/05/02 15:58:10 | 000,029,184 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/14 02:38:19 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/14 02:38:19 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 04:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/21 21:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 04:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >



#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 28 December 2013 - 11:27 AM





Hello gratefulforhelp

That reports looks good.

When do you see the extra exploreres and how many do you see?

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
  • •Internet access
    •Windows Update
    •Windows Firewall
9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.


--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from MBAR and Roguekiller and also let me know how the computer is doing at this time.

Gringo






When you are complete please send me both reports

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 28 December 2013 - 01:36 PM

Hello Gringo,

 

Now there are only two iexplorer running when I have one tab open, instead of three or four.

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.28.05

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Jessica :: UPSTAIRSCOMP [administrator]

12/28/2013 12:08:24 PM
mbar-log-2013-12-28 (12-08-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 230913
Time elapsed: 18 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\WINDOWS\SYSTEM32\drivers\atikmdag.sys.bak (Unknown.Rootkit.Driver) -> Replace on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.28.05

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Jessica :: UPSTAIRSCOMP [administrator]

12/28/2013 12:35:07 PM
mbar-log-2013-12-28 (12-35-07).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 230919
Time elapsed: 19 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

 

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Jessica [Admin rights]
Mode : Remove -- Date : 12/28/2013 13:11:32
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++
--- User ---
[MBR] ad0a92fe62201f446ef57c8f63ae75fe
[BSP] 46f0413a56e2bcdd25925ee88ec4596a : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_12282013_131132.txt >>
RKreport[0]_S_12282013_131054.txt

 

Neither RK report says 2, so I will copy/paste both to be sure I am posting the one you want

 

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback :
http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Jessica [Admin rights]
Mode : Scan -- Date : 12/28/2013 13:10:54
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++
--- User ---
[MBR] ad0a92fe62201f446ef57c8f63ae75fe
[BSP] 46f0413a56e2bcdd25925ee88ec4596a : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_12282013_131054.txt >>

 

 

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Jessica [Admin rights]
Mode : Remove -- Date : 12/28/2013 13:11:32
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 +++++
--- User ---
[MBR] ad0a92fe62201f446ef57c8f63ae75fe
[BSP] 46f0413a56e2bcdd25925ee88ec4596a : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_12282013_131132.txt >>
RKreport[0]_S_12282013_131054.txt

 

The internet is running much faster now.

 

 

 



#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 28 December 2013 - 08:18 PM


Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gratefulforhelp

gratefulforhelp
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:03 PM

Posted 28 December 2013 - 09:20 PM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.28.07

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Jessica :: UPSTAIRSCOMP [administrator]

Protection: Disabled

12/28/2013 8:50:44 PM
mbam-log-2013-12-28 (20-50-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 212525
Time elapsed: 6 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:09:05 PM, on 12/28/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Acer Remote\ArcServer.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Jessica\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Acer Remote.lnk = C:\Program Files (x86)\Acer Remote\ArcServer.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Realtek11nSU - Realtek Semiconductor Corp. - C:\Program Files (x86)\ASUS\USB-N13 WLAN Card Utilities\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8278 bytes

 

I opened a second tab while I had a youtube video playing. As I navigated around the second tab, the first tap would flicker briefly and the video started "skipping" as in starting and stopping rapidly when I clicked on anything in the second tab, than resumed playing normally. Other than that, the computer seems to be doing okay. 

 

Do you want me to click the "Analyze this" button on hijackthis? Awaiting instructions.


Edited by gratefulforhelp, 28 December 2013 - 09:24 PM.


#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:03 PM

Posted 28 December 2013 - 10:25 PM


Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.
  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
      O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      O4 - Global Startup: Acer Remote.lnk = C:\Program Files (x86)\Acer Remote\ArcServer.exe


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.
    • NOTE**You can research each of those lines >here< and see if you want to keep them or not
      just copy the name between the brackets and paste into the search space
      O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
When the scan is complete
  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users