Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Safe saver ads, RightCoupon popups, hyperlinks & Netoo Cooupuoni extension in GC


  • Please log in to reply
59 replies to this topic

#1 penguinlady88

penguinlady88

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 05 January 2014 - 11:46 AM

Today, 04:19 PM

Hi there,

 

I am at my wits end with this malware that has infected my Acer notebook. Please can you help me? The problem is getting worse by the hour... I have followed advice from various sites all to no avail - I keep getting the Safesaver ads on Google, RightCoupon popups, hyperlinks on certain words with green triangle in top right corner, random page hijacking (becoming more and more frequent) and every time I delete the extension "Netoo Cooupuoni 6.1" in Google Chrome, it reappears when I open the browser again - it does not show up in the list of active extensions anywhere but in TOOLS:

 

So far, I have tried:

ADW Cleaner

Junkware Removal Tool

Malwarebytes' Anti Malware

 

Then I bought and set up Kaspersky Internet Security 14.0.0.4651, but all the problems still came back after that too, so I went through the processes and manually deleted or disabled unnecessary ones and then tried RogueKiller and then Hitman Pro!!!

 

Each programme identified cookies and malware and quarantined and/or deleted it, but it's STILL happening!!!

I will paste the reports for the scans, etc. conducted so far below. I can't figure out how to copy and paste the log for Kaspersky at the moment. I can only seem to see it in the dialogue box and don't know how to get a txt. version.

 

Thank you in advance for your help.

PL

 

 

 

# AdwCleaner v3.016 - Report created 04/01/2014 at 00:34:19
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Elizabeth Penny - ELIZABETHPEN-PC
# Running from : C:\Users\Elizabeth Penny\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\50CoouuPons
Folder Deleted : C:\ProgramData\NetooCooupuoni
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\ProgramData\suorff and okeep
Folder Deleted : C:\Program Files\BetterSurf
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\Sk-Enhancer
Folder Deleted : C:\Program Files\WebSearch
Folder Deleted : C:\Program Files\YoutubeAdblocker
Folder Deleted : C:\Program Files\50CoouuPons
Folder Deleted : C:\Program Files\NetooCooupuoni
Folder Deleted : C:\Program Files\SearchNewTab
Folder Deleted : C:\Program Files\suorff and okeep
Folder Deleted : C:\Users\Elizabeth Penny\AppData\Local\SwvUpdater
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16526
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1ytdc0ct.default-1388794523538\prefs.js ]
 
 
[ File : C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8964 octets] - [02/11/2013 22:20:12]
AdwCleaner[R1].txt - [4221 octets] - [04/01/2014 00:32:11]
AdwCleaner[S0].txt - [9199 octets] - [02/11/2013 22:21:40]
AdwCleaner[S1].txt - [4152 octets] - [04/01/2014 00:34:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4212 octets] ##########
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Elizabeth Penny on 04/01/2014 at  0:46:42.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-225758675-3065701121-3459489557-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/01/2014 at  0:50:14.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.03.07
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Elizabeth Penny :: ELIZABETHPEN-PC [administrator]
 
04/01/2014 00:57:33
mbam-log-2014-01-04 (00-57-33).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 286621
Time elapsed: 18 minute(s), 54 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: google_zoomdownloader-display-GB-336x280-26130579282 -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 1
C:\Program Files\WEBEXPENHANCEDV1 (PUP.Optional.Webexp) -> Quarantined and deleted successfully.
 
Files Detected: 2
C:\ProgramData\YTD YouTube Downloader & Converter\ytd_installer.exe (PUP.Optional.Spigot.A) -> Quarantined and deleted successfully.
C:\Users\Elizabeth Penny\Downloads\SoftonicDownloader_for_subtitle-workshop.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
 
(end)
 
 
 
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Elizabeth Penny [Admin rights]
Mode : Scan -- Date : 01/05/2014 11:48:59
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 7 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:49168;hxxps=127.0.0.1:49168 [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc0000033] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
::1             localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9120822AS ATA Device +++++
--- User ---
[MBR] 0fa0582f56f4b4e3dc92dd306f2ca6cb
[BSP] e50e0d45a6f6b1f8c232ff274027061a : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 52375 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 127732815 | Size: 52101 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Packard Bell Go USB Device +++++
--- User ---
[MBR] 9d18bcc962249fccdd604331e617c61f
[BSP] 7851ac411d2da0e5607e306ca24c49b5 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
 
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) TDK LoR TF10 USB Device +++++
--- User ---
[MBR] 61b7fb21e7a9e6d39963ac632b3b0bdd
[BSP] d6cc968c5dde248310026f4e4c368996 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 7448 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
 
Finished : << RKreport[0]_S_01052014_114859.txt >>
 
 
 
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Elizabeth Penny [Admin rights]
Mode : Remove -- Date : 01/05/2014 12:10:06
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0xc0000033] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
::1             localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9120822AS ATA Device +++++
--- User ---
[MBR] 0fa0582f56f4b4e3dc92dd306f2ca6cb
[BSP] e50e0d45a6f6b1f8c232ff274027061a : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 9993 Mo
1 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 20466810 | Size: 52375 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 127732815 | Size: 52101 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Packard Bell Go USB Device +++++
--- User ---
[MBR] 9d18bcc962249fccdd604331e617c61f
[BSP] 7851ac411d2da0e5607e306ca24c49b5 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 476937 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
 
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) TDK LoR TF10 USB Device +++++
--- User ---
[MBR] 61b7fb21e7a9e6d39963ac632b3b0bdd
[BSP] d6cc968c5dde248310026f4e4c368996 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8064 | Size: 7448 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )
 
Finished : << RKreport[0]_D_01052014_121006.txt >>
RKreport[0]_S_01052014_114859.txt
 
 
 
HitmanPro 3.7.8.208
www.hitmanpro.com
 
   
Computer name . . . . : ELIZABETHPEN-PC
   
Windows . . . . . . . : 6.0.2.6002.X86/2
   User name . . . . . . : ElizabethPen-PC\Elizabeth Penny
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
 
   
Scan date . . . . . . : 2014-01-05 14:41:04
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 9m 37s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   
Threats . . . . . . . : 0
   Traces  . . . . . . . : 51
 
   
Objects scanned . . . : 2,215,171
   Files scanned . . . . : 28,383
   Remnants scanned  . . : 412,960 files / 1,773,828 keys
 

Potential Unwanted Programs _________________________________________________
 
   HKLM\SOFTWARE\Classes\Record\{
2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player) -> Deleted
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player) -> Deleted
 
Repairs _____________________________________________________________________
 
   
Proxy server on this computer (User)
   127.0.0.1:49168
 
 

Cookies _____________________________________________________________________
 
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adtechus.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:ehg-twi.hitbox.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:hitbox.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:internity.solution.weborama.fr
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:premiumtv.122.2o7.net
   C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.effiliation.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:uk.sitestat.com
   C
:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:ad.yieldmanager.com
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:advertising.com
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:bs.serving-sys.com
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:content.yieldmanager.com
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:doubleclick.net
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:serving-sys.com
   C
:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\opfvx3fk.default\cookies.sqlite:statse.webtrendslive.com
 
 
 
 
 
HitmanPro 3.7.8.208
www.hitmanpro.com
 
   
Computer name . . . . : ELIZABETHPEN-PC
   
Windows . . . . . . . : 6.0.2.6002.X86/2
   User name . . . . . . : ElizabethPen-PC\Elizabeth Penny
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
 
   
Scan date . . . . . . : 2014-01-05 15:03:14
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 7m 47s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   
Threats . . . . . . . : 7
   Traces  . . . . . . . : 42
 
   
Objects scanned . . . : 2,215,659
   Files scanned . . . . : 28,489
   Remnants scanned  . . : 413,281 files / 1,773,889 keys
 

Malware remnants ____________________________________________________________
 
   HKU\S
-1-5-21-225758675-3065701121-3459489557-501\Software\FunWebProducts\ (Adware.MyWebSearch) -> Deleted
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ (Adware.MyWebSearch) -> Deleted
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Deleted
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Deleted
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\ (Adware.MyWebSearch) -> Deleted
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754}\ (Adware.Hotbar) -> Deleted
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\MyWebSearch\ (Adware.MyWebSearch) -> Deleted
 
Potential Unwanted Programs _________________________________________________
 
   HKU\S
-1-5-21-225758675-3065701121-3459489557-501\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4\ (FLV Player)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\Approved Extensions\{2EECD738-5844-4A99-B4B6-146BF802613B} (Claro)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} (FLV Player)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ (Babylon)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}\ (Babylon)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\ (FLV Player)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}\ (Babylon)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}\ (Claro)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
   HKU\S-1-5-21-225758675-3065701121-3459489557-501\Software\Microsoft\Windows\CurrentVersion\Run\Browser Infrastructure Helper (FLV Player)
 
Cookies _____________________________________________________________________
 
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.directrev.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C
:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
 
 
 

 



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:31 PM

Posted 05 January 2014 - 12:07 PM

:welcome:

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 05 January 2014 - 12:42 PM

Hi there,

 

Thank you for your quick response! Here are the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2014
Ran by Elizabeth Penny (administrator) on ELIZABETHPEN-PC on 05-01-2014 17:35:12
Running from C:\Users\Elizabeth Penny\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-01-2014
Ran by Elizabeth Penny at 2014-01-05 17:37:15
Running from C:\Users\Elizabeth Penny\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 
==================== Installed Programs ======================
 
Acer Arcade Deluxe (Version: 1.0.3814 - CyberLink Corp.)
Adobe AIR (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.7.148 - Adobe Systems, Inc.)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (Version:  - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (Version:  - )
Canon MP520 series (Version:  - )
Canon MP520 series User Registration (Version:  - )
Canon My Printer (Version:  - )
Canon Utilities Easy-PhotoPrint EX (Version:  - )
Canon Utilities Solution Menu (Version:  - )
CCleaner (Version: 4.09 - Piriform)
CoreAAC Audio Decoder (remove only) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version:  - Microsoft)
DHTML Editing Component (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (Version: 2.0.22 - Dropbox, Inc.)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2 - FileZilla Project)
GDocsDrive 2.0 (Version: 2.0 - Cloud Drive, Inc.)
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Earth (Version: 4.3.7284.3916 - Google)
Google Photos Screensaver (Version: 2.0.0 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Guitar Pro 5.2 (Version:  - Arobas Music)
HDAUDIO Soft Data Fax Modem with SmartCP (Version:  - )
HitmanPro 3.7 (Version: 3.7.8.208 - SurfRight B.V.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (Version:  - )
Intel® PROSet/Wireless WiFi Software (Version: 12.02.0000 - Intel® Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Launch Manager (Version:  - )
Lexibar French (Version:  - lexicool.com)
Lexibar Spanish (Version:  - lexicool.com)
LightScribe  1.4.136.1 (Version: 1.4.136.1 - http://www.lightscribe.com) Hidden
LMMS 0.4.15 (Version: 0.4.15 - LMMS Developers)
LogMeIn (Version: 4.1.2634 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Works (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (Version: 7.1.36.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia) Hidden
Notepad++ (Version: 6.5.2 - Notepad++ Team)
OmegaT (Version:  - OmegaT development team)
OmegaT version 2.0.5_04 (Version:  - OmegaT)
OpenOffice.org 3.0 (Version: 3.0.9379 - OpenOffice.org)
PC Connectivity Solution (Version: 10.50.2.0 - Nokia)
Picasa 3 (Version: 3.8 - Google, Inc.)
PIXMA Extended Survey Program (Version:  - )
PowerDVD (Version: 7.00.0000 - CyberLink)
PowerDVD (Version: 7.00.0000 - CyberLink) Hidden
PowerProducer (Version:  - )
QuickTime (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (Version: 6.0.1.5377 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
ScanSoft OmniPage SE 4 (Version: 15.2.0020 - Nuance Communications, Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.)
SMSC Fast Infrared Driver (Version: 1.00.0000 - SMSC)
Spotify (Version: 0.3.17 - )
Spotify (Version: 0.8.3.222.g317ab79d - Spotify AB)
SumatraPDF (Version: 2.2.1 - Krzysztof Kowalczyk)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 9.0.3.0 - Synaptics)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Virgin Media (Version: 1.00.000 - Avanquest) Hidden
VLC media player 2.0.8 (Version: 2.0.8 - VideoLAN)
Windows Driver Package - Nokia Modem  (06/09/2010 7.01.0.8) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows Driver Package - Nokia Modem  (10/07/2010 4.6) (Version: 10/07/2010 4.6 - Nokia)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (32-bit) (Version: 4.20.0 - win.rar GmbH)
WinX DVD Ripper 5.5.14 (Version:  - Digiarty Software, Inc.)
Xvid 1.2.2 final uninstall (Version: 1.2 - Xvid team (Koepi))
 
==================== Restore Points  =========================
 
05-01-2014 02:37:19 Removed YoutubeMovieMaker.
05-01-2014 02:40:59 Removed ParetoLogic Data Recovery.
05-01-2014 02:45:56 Removed ParetoLogic Data Recovery.
05-01-2014 09:53:19 Removed Microsoft Silverlight
 
==================== Hosts content: ==========================
 
2006-11-02 10:23 - 2006-09-18 21:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1             localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {01E335A8-C25F-47E3-BDCB-92C8755115BC} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {0C957E9D-5576-451B-865D-B5B031FCEA8A} - System32\Tasks\Microsoft\Windows\RestartManager\{466883DA-5B38-4d87-B92F-0D7FDEC709E5} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {14B6B932-C125-4FFA-AE99-FBAFBC96024E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {1643BE20-B0E3-49F1-9FD0-FE5BAF2DC40C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Elizabeth Penny => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3AD7C32B-1472-4832-B3A9-A6268E111814} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {46D45D29-3D29-4A0E-A443-8421549F0522} - System32\Tasks\Microsoft\Windows\RestartManager\{3E26B015-58E7-410c-B1FB-60845101C60D} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {6077B177-BB8B-43E5-8A8E-16078C19BB7C} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {62A1CE9E-0C69-4F80-A263-2A3E994A890E} - \Updater21802.exe No Task File
Task: {62BD94D7-C5A9-42C3-9EE1-16CF77915BAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06] (Google Inc.)
Task: {62EABFE5-69DA-4D40-AFF1-DD994C0C0FA9} - System32\Tasks\Microsoft\Windows\RestartManager\{7F153816-B31C-4e79-83A9-AE23BD6C7F03} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {7C6B5C0F-38E3-4694-93F7-7077CFDD52F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {84458E6C-E102-4CB1-906E-E700FC4BA1BB} - System32\Tasks\Microsoft\Windows\RestartManager\{5BF6EAF7-5A3A-4dc5-AE4A-71946DC1D975} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {A24CC54C-27A7-4F9B-AF24-E0205D079C82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2012-11-29 21:59 - 2012-11-29 21:59 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-05 20:35 - 2013-12-04 02:48 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 20:35 - 2013-12-04 02:48 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 20:35 - 2013-12-04 02:47 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:FA5F15C4
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/05/2014 03:50:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/05/2014 03:22:45 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" ; Descripton = ȃȃȃȃȃȃဃဂဂဂ  ဂȂဃဂဂဂဂĂဃĂ Ă  ဂဂဂဂဂဂဂȂဃȂ Ȃă䠃ဂဂဂဂဂဂဂဂဂሂဃဂ。ဂဂဂဂᐂᐂဂሂဃဂဂᐂሂဃဂဂဂဂĂăăăăăăăăăăăăăăăăăăăăăăဃ褂; Hr = 0x80070057).
 
Error: (01/05/2014 03:13:54 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" ; Descripton = ȃȃȃȃȃȃဃဂဂဂ  ဂȂဃဂဂဂဂĂဃĂ Ă  ဂဂဂဂဂဂဂȂဃȂ Ȃă䠃ဂဂဂဂဂဂဂဂဂሂဃဂ。ဂဂဂဂᐂᐂဂሂဃဂဂᐂሂဃဂဂဂဂĂăăăăăăăăăăăăăăăăăăăăăăဃ褂; Hr = 0x80070057).
 
Error: (01/05/2014 02:56:17 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Users\Elizabeth Penny\Downloads\HitmanPro.exe Penny\Downloads\HitmanPro.exe" ; Descripton = ȃȃȃȃȃȃဃဂဂဂ  ဂȂဃဂဂဂဂĂဃĂ Ă  ဂဂဂဂဂဂဂȂဃȂ Ȃă䠃ဂဂဂဂဂဂဂဂဂሂဃဂ。ဂဂဂဂᐂᐂဂሂဃဂဂᐂሂဃဂဂဂဂĂăăăăăăăăăăăăăăăăăăăăăăဃ褂; Hr = 0x80070057).
 
Error: (01/05/2014 02:24:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/05/2014 02:24:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (01/05/2014 09:25:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8442634
 
Error: (01/05/2014 09:25:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8442634
 
Error: (01/05/2014 09:25:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/05/2014 02:46:39 AM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 
 
System errors:
=============
Error: (01/05/2014 03:26:00 PM) (Source: Service Control Manager) (User: )
Description: Pml Driver HPZ12%%126
 
Error: (01/05/2014 03:26:00 PM) (Source: Service Control Manager) (User: )
Description: Net Driver HPZ12%%126
 
Error: (01/05/2014 03:26:00 PM) (Source: Service Control Manager) (User: )
Description: int15%%3
 
Error: (01/05/2014 02:23:37 PM) (Source: Service Control Manager) (User: )
Description: Pml Driver HPZ12%%126
 
Error: (01/05/2014 02:23:37 PM) (Source: Service Control Manager) (User: )
Description: Net Driver HPZ12%%126
 
Error: (01/05/2014 02:23:37 PM) (Source: Service Control Manager) (User: )
Description: int15%%3
 
Error: (01/05/2014 04:38:57 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk1\DR3, has a bad block.
 
Error: (01/05/2014 04:38:54 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk1\DR3, has a bad block.
 
Error: (01/05/2014 04:38:51 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk1\DR3, has a bad block.
 
Error: (01/05/2014 04:38:49 AM) (Source: disk) (User: )
Description: The device, \Device\Harddisk1\DR3, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (01/05/2014 03:50:35 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
 
Error: (01/05/2014 03:22:45 PM) (Source: System Restore)(User: )
Description: C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" ȃȃȃȃȃȃဃဂဂဂ  ဂȂဃဂဂဂဂĂဃĂ Ă  ဂဂဂဂဂဂဂȂဃȂ Ȃă䠃ဂဂဂဂဂဂဂဂဂሂဃဂ。ဂဂဂဂᐂᐂဂሂဃဂဂᐂሂဃဂဂဂဂĂăăăăăăăăăăăăăăăăăăăăăăဃ褂0x80070057
 
Error: (01/05/2014 03:13:54 PM) (Source: System Restore)(User: )
Description: C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" ȃȃȃȃȃȃဃဂဂဂ  ဂȂဃဂဂဂဂĂဃĂ Ă  ဂဂဂဂဂဂဂȂဃȂ Ȃă䠃ဂဂဂဂဂဂဂဂဂሂဃဂ。ဂဂဂဂᐂᐂဂሂဃဂဂᐂሂဃဂဂဂဂĂăăăăăăăăăăăăăăăăăăăăăăဃ褂0x80070057
 
Error: (01/05/2014 02:56:17 PM) (Source: System Restore)(User: )
Description: C:\Users\Elizabeth Penny\Downloads\HitmanPro.exe Penny\Downloads\HitmanPro.exe" ȃȃȃȃȃȃဃဂဂဂ  ဂȂဃဂဂဂဂĂဃĂ Ă  ဂဂဂဂဂဂဂȂဃȂ Ȃă䠃ဂဂဂဂဂဂဂဂဂሂဃဂ。ဂဂဂဂᐂᐂဂሂဃဂဂᐂሂဃဂဂဂဂĂăăăăăăăăăăăăăăăăăăăăăăဃ褂0x80070057
 
Error: (01/05/2014 02:24:47 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
 
Error: (01/05/2014 02:24:47 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
 
Error: (01/05/2014 09:25:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8442634
 
Error: (01/05/2014 09:25:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8442634
 
Error: (01/05/2014 09:25:16 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/05/2014 02:46:39 AM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-01-05 17:36:38.565
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:38.116
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:37.663
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:37.214
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:36.774
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:36.328
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:35.924
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:35.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:35.024
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-01-05 17:36:34.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 64%
Total physical RAM: 2037.38 MB
Available physical RAM: 727.57 MB
Total Pagefile: 4311.98 MB
Available Pagefile: 2719.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.06 MB
 
==================== Drives ================================
 
Drive c: (ACER) (Fixed) (Total:51.15 GB) (Free:6.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:50.88 GB) (Free:48.49 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 112 GB) (Disk ID: 6A2CA25B)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=51 GB) - (Type=06)
Partition 3: (Not Active) - (Size=51 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:31 PM

Posted 05 January 2014 - 01:02 PM

The FRST.txt report seems incompleted. Please run FRST once again and post the new FRST.txt.


Edited by JSntgRvr, 05 January 2014 - 01:03 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 05 January 2014 - 04:49 PM

My apologies...here is the new one:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2014
Ran by Elizabeth Penny (administrator) on ELIZABETHPEN-PC on 05-01-2014 21:40:24
Running from C:\Users\Elizabeth Penny\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-23] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4390912 2007-03-01] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: E - E:\Msetup4.exe
MountPoints2: {12e1218d-870a-11de-9ed7-0016d4e492b4} - F:\AutoRun.exe
MountPoints2: {548df3d1-7c8c-11de-a293-0016d4e492b4} - F:\AutoRun.exe
MountPoints2: {548df3d8-7c8c-11de-a293-0016d4e492b4} - F:\AutoRun.exe
MountPoints2: {f3f145c3-8111-11de-8a5a-0016d4e492b4} - F:\AutoRun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Guest\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Guest\...\Run: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKU\Guest\...\Run: [Acer Tour Reminder] - [x]
HKU\Guest\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Guest\...\Run: [ISUSPM Startup] - "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
HKU\Guest\...\Run: [DriverScanner] - "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 
HKU\LogMeInRemoteUser\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2F510EA7-DAC6-6B01-C5A6-59637475B55B} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A0E8F20C-9612-47F5-AEA9-3C7100D8B7F7}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF ProfilePath: C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1ytdc0ct.default-1388794523538
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF Extension: No Name - C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: No Name - C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: Movie2kDownloader - C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{57E72829-C158-4341-BBED-58F0AD1740FD}] - C:\Program Files\Google\Google Photos Screensaver\FF_ext
FF Extension: Google Photos Screensaver - C:\Program Files\Google\Google Photos Screensaver\FF_ext
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (SumatraPDF Browser Plugin) - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Safe Money) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (RealDownloader) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Virtual Keyboard) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4816_0
CHR Extension: (Skype Click to Call) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Anti-Banner) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Elizabeth Penny\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
CHR HKLM\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Elizabeth Penny\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-11] (Kaspersky Lab ZAO)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] ()
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 ALaunchService; C:\Acer\ALaunch\ALaunchSvc.exe [x]
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe -p [x]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [x]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [x]
S2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [x]
 
==================== Drivers (Whitelisted) ====================
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [26984 2012-12-11] (AVG Technologies)
R1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [62208 2006-10-25] (ENE Technology Inc.)
R3 ESDCR; C:\Windows\System32\DRIVERS\ESD7SK.sys [42240 2006-10-25] (ENE Technology Inc.)
R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [76928 2006-10-25] (ENE Technology Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-01-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [574560 2014-01-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2014-01-04] (Kaspersky Lab ZAO)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S2 int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
S4 LMIRfsClientNP; No ImagePath
S3 LVRS; system32\DRIVERS\lvrs.sys [x]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [x]
S3 netr28u; system32\DRIVERS\netr28u.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 pepifilter; system32\DRIVERS\lv302af.sys [x]
S3 PID_PEPI; system32\DRIVERS\LV302V32.SYS [x]
S3 SMARTMouseFilterx86; system32\DRIVERS\SMARTMouseFilterx86.sys [x]
S3 SMARTVHidMini2000x86; system32\DRIVERS\SMARTVHidMini2000x86.sys [x]
S3 SMARTVTabletPCx86; system32\DRIVERS\SMARTVTabletPCx86.sys [x]
U3 TrueSight; \??\ [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-05 17:37 - 2014-01-05 17:37 - 00030270 _____ C:\Users\Elizabeth Penny\Downloads\Addition.txt
2014-01-05 17:35 - 2014-01-05 21:40 - 00024657 _____ C:\Users\Elizabeth Penny\Downloads\FRST.txt
2014-01-05 17:34 - 2014-01-05 17:34 - 00000000 ____D C:\FRST
2014-01-05 17:32 - 2014-01-05 17:32 - 01064761 _____ (Farbar) C:\Users\Elizabeth Penny\Downloads\FRST.exe
2014-01-05 15:14 - 2014-01-05 15:14 - 00012380 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1514.log
2014-01-05 15:02 - 2014-01-05 15:02 - 00011748 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1502.log
2014-01-05 14:41 - 2014-01-05 14:41 - 00000000 ____D C:\Program Files\HitmanPro
2014-01-05 14:35 - 2014-01-05 15:02 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-05 14:35 - 2014-01-05 14:35 - 09452704 _____ (SurfRight B.V.) C:\Users\Elizabeth Penny\Downloads\HitmanPro.exe
2014-01-05 14:22 - 2014-01-05 14:22 - 00000848 _____ C:\Windows\PFRO.log
2014-01-05 12:10 - 2014-01-05 12:10 - 00002760 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_D_01052014_121006.txt
2014-01-05 11:48 - 2014-01-05 11:52 - 00002866 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_S_01052014_114859.txt
2014-01-05 11:48 - 2014-01-05 11:48 - 03668480 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02302976 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02216448 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw4v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01744928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00987648 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00986624 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00900712 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00659968 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00654336 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00316520 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00287608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\Tmfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235112 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00232040 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00206848 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00200704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00179896 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00177640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00117760 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00112232 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106088 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00098408 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00088680 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00080488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00078952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076928 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESM7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076584 _____ C:\Windows\system32\Drivers\int15.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071784 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\djsvs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062208 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\EMS7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00056936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045160 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045056 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043872 _____ (Sonic Solutions) C:\Windows\system32\Drivers\pxhelp20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00042240 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESD7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041576 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038504 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00037480 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (LSI Logic) C:\Windows\system32\Drivers\symc8xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteatapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034920 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_u3.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033384 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\Mraid35x.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031848 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_hi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00028776 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021264 _____ (Dritek System Inc.) C:\Windows\system32\Drivers\DKbFltr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (N-trig Innovative Technologies) C:\Windows\system32\Drivers\ntrigdigi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020264 _____ (HiTRUST) C:\Windows\system32\Drivers\psdfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018816 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017512 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4Prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015656 _____ C:\Windows\system32\Drivers\int15_64.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012672 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerfltj.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerflt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (NewTech Infosystems, Inc.) C:\Windows\system32\Drivers\NTIDrvr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-05 11:47 - 2014-01-05 11:48 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00534016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00420968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00297576 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00147048 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00098408 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00071808 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070688 _____ (THOMSON) C:\Windows\system32\Drivers\alcaudsl.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00062336 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00054888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00049904 _____ (Avanquest Software) C:\Windows\system32\Drivers\BVRPMPR5.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00045056 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm4sbxp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00026984 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00023040 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmbo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00018048 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmb.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00016488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00015464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014952 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00013568 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012160 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00011904 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005280 _____ (THOMSON) C:\Windows\system32\Drivers\alcawh.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005248 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00003968 _____ (THOMSON) C:\Windows\system32\Drivers\alcacr.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002560 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002432 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys.bak
2014-01-05 11:37 - 2014-01-05 12:10 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\RK_Quarantine
2014-01-05 11:37 - 2014-01-05 11:37 - 03810304 _____ C:\Users\Elizabeth Penny\Downloads\RogueKiller.exe
2014-01-05 09:44 - 2014-01-05 09:44 - 00239074 _____ C:\Users\Elizabeth Penny\Desktop\cc_20140105_094406.reg
2014-01-05 09:35 - 2014-01-05 09:35 - 04645232 _____ (Piriform Ltd) C:\Users\Elizabeth Penny\Downloads\ccsetup409.exe
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\ProgramData\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Program Files\RealNetworks
2014-01-05 01:48 - 2014-01-05 01:48 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\real
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\Common Files\xing shared
2014-01-05 01:40 - 2014-01-05 01:40 - 00684288 _____ (RealNetworks, Inc.) C:\Users\Elizabeth Penny\Downloads\RealPlayer.exe
2014-01-05 01:39 - 2014-01-05 01:39 - 04901896 _____ (Adobe Systems Inc.) C:\Users\Elizabeth Penny\Downloads\Shockwave_Installer_Slim.exe
2014-01-04 14:29 - 2003-02-14 19:14 - 00110592 _____ (TechSmith Corporation) C:\Windows\system32\tsccvid.dll
2014-01-04 13:39 - 2014-01-04 13:39 - 00002143 _____ C:\Users\Elizabeth Penny\Desktop\Safe Money.lnk
2014-01-04 13:33 - 2014-01-04 13:32 - 00001033 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-01-04 13:27 - 2014-01-05 21:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-04 13:27 - 2014-01-04 14:17 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-04 13:27 - 2014-01-04 13:27 - 00000000 ____D C:\Program Files\Kaspersky Lab
2014-01-04 13:27 - 2013-06-08 20:18 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-01-04 11:42 - 2014-01-04 12:56 - 252836160 _____ (Kaspersky Lab) C:\Users\Elizabeth Penny\Downloads\kis14.0.0.4651abEN_5146_2.exe
2014-01-04 00:56 - 2014-01-04 00:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 00:56 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 00:53 - 2014-01-04 00:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-01-04 00:52 - 2014-01-04 00:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-04 00:50 - 2014-01-04 00:50 - 00001371 _____ C:\Users\Elizabeth Penny\Desktop\JRT.txt
2014-01-04 00:44 - 2014-01-04 00:44 - 01036305 _____ (Thisisu) C:\Users\Elizabeth Penny\Downloads\JRT.exe
2014-01-04 00:31 - 2014-01-04 00:31 - 01233962 _____ C:\Users\Elizabeth Penny\Downloads\adwcleaner.exe
2014-01-04 00:15 - 2014-01-04 00:15 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Old Firefox Data
2014-01-03 19:31 - 2014-01-03 19:31 - 00001668 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-03 19:29 - 2014-01-03 19:31 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-03 19:29 - 2014-01-03 19:31 - 00000000 ____D C:\Program Files\iTunes
2014-01-03 19:29 - 2014-01-03 19:29 - 00000000 ____D C:\Program Files\iPod
2014-01-03 18:38 - 2014-01-03 18:38 - 24805592 _____ (Microsoft Corporation) C:\Users\Elizabeth Penny\Downloads\Windows-KB890830-V5.7.exe
2014-01-03 18:06 - 2014-01-03 18:06 - 00614784 _____ C:\Users\Elizabeth Penny\Downloads\avast-free-antivirus-8-0-1489.exe
2014-01-03 17:54 - 2014-01-03 17:54 - 00003807 _____ C:\Users\Elizabeth Penny\Downloads\instruction.txt
2014-01-03 17:54 - 2014-01-03 17:54 - 00000381 _____ C:\Users\Elizabeth Penny\Downloads\script.zip
2014-01-02 20:31 - 2014-01-02 20:56 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\St. John's Ambulance
2014-01-02 18:01 - 2014-01-03 15:55 - 00011378 _____ C:\Users\Elizabeth Penny\Desktop\31 Rutland_Expenditure_2014.xlsx
2014-01-01 14:00 - 2014-01-01 14:00 - 00000000 ____D C:\ProgramData\jlkfdhicpgbehlmglllijdfokbgicncn
2013-12-28 20:03 - 2013-12-29 20:30 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\sw4b4[1]
2013-12-28 20:03 - 2013-12-28 20:03 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4[1].zip
2013-12-28 18:21 - 2013-12-28 18:21 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4.zip
2013-12-28 14:32 - 2013-12-28 14:32 - 00000000 ____D C:\Users\Elizabeth Penny\Documents\DVDFab9
2013-12-28 14:31 - 2013-12-28 14:31 - 00000000 ____D C:\Program Files\Xvid
2013-12-28 14:31 - 2009-06-07 16:25 - 00077824 _____ C:\Windows\system32\xvid.ax
2013-12-28 14:31 - 2009-06-07 16:24 - 00180224 _____ C:\Windows\system32\xvidvfw.dll
2013-12-28 14:31 - 2009-06-07 16:16 - 00819200 _____ C:\Windows\system32\xvidcore.dll
2013-12-28 14:28 - 2013-12-28 14:29 - 04700665 _____ (ffdshow                                                     ) C:\Users\Elizabeth Penny\Downloads\ffdshow_rev4500_20130106.exe
2013-12-28 14:27 - 2013-12-28 14:27 - 00001031 _____ C:\Users\Public\Desktop\WinX DVD Ripper.lnk
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Digiarty
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Program Files\Digiarty
2013-12-28 14:16 - 2013-12-28 14:16 - 00033019 _____ C:\Windows\system32\CoreAAC-uninstall.exe
2013-12-28 13:02 - 2013-12-28 13:02 - 10775712 _____ (Digiarty Software, Inc.                                     ) C:\Users\Elizabeth Penny\Downloads\winx-dvd-ripper.exe
2013-12-28 12:56 - 2014-01-04 10:13 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\LogMeInRemoteUser\Desktop\Avi2Dvd.lnk
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\Guest\Desktop\Avi2Dvd.lnk
2013-12-28 12:52 - 2013-12-28 12:52 - 37203147 _____ C:\Users\Elizabeth Penny\Downloads\Avi2Dvd_Setup_064.exe
2013-12-28 12:34 - 2013-12-28 12:34 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\1036
2013-12-28 12:03 - 2013-12-28 12:03 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\27798
2013-12-24 19:46 - 2013-12-24 19:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 19:07 - 2013-11-14 23:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 19:07 - 2013-11-14 22:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 19:07 - 2013-11-14 22:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 19:07 - 2013-11-14 22:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 19:07 - 2013-11-14 22:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 19:07 - 2013-11-14 22:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 19:07 - 2013-11-14 22:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-12 19:07 - 2013-11-14 22:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 19:07 - 2013-11-14 22:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 19:07 - 2013-11-14 22:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-12 19:07 - 2013-11-14 22:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 19:07 - 2013-11-14 22:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 19:07 - 2013-11-14 22:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 19:07 - 2013-11-14 22:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-12 19:07 - 2013-11-14 22:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 19:07 - 2013-11-14 22:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 20:57 - 2013-10-30 02:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 20:57 - 2013-10-30 01:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:57 - 2013-10-30 00:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 20:57 - 2013-10-30 00:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:57 - 2013-10-22 07:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:57 - 2013-10-11 02:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:57 - 2013-10-11 02:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:57 - 2013-10-11 02:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 20:57 - 2013-10-11 00:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:57 - 2013-10-11 00:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-09 22:08 - 2013-12-09 22:10 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Accomodation
2013-12-09 22:06 - 2013-12-09 22:10 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Private classes
2013-12-09 22:00 - 2013-12-28 13:15 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Images
 
==================== One Month Modified Files and Folders =======
 
2014-01-05 21:40 - 2014-01-05 17:35 - 00024657 _____ C:\Users\Elizabeth Penny\Downloads\FRST.txt
2014-01-05 21:39 - 2014-01-04 13:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-05 21:27 - 2006-11-02 12:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 21:27 - 2006-11-02 12:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 18:38 - 2013-01-24 01:49 - 01696395 _____ C:\Windows\WindowsUpdate.log
2014-01-05 17:37 - 2014-01-05 17:37 - 00030270 _____ C:\Users\Elizabeth Penny\Downloads\Addition.txt
2014-01-05 17:34 - 2014-01-05 17:34 - 00000000 ____D C:\FRST
2014-01-05 17:32 - 2014-01-05 17:32 - 01064761 _____ (Farbar) C:\Users\Elizabeth Penny\Downloads\FRST.exe
2014-01-05 15:32 - 2006-11-02 10:33 - 00772770 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 15:25 - 2010-01-06 22:24 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 15:25 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 15:24 - 2006-11-02 13:01 - 00032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-05 15:14 - 2014-01-05 15:14 - 00012380 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1514.log
2014-01-05 15:02 - 2014-01-05 15:02 - 00011748 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1502.log
2014-01-05 15:02 - 2014-01-05 14:35 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-05 14:41 - 2014-01-05 14:41 - 00000000 ____D C:\Program Files\HitmanPro
2014-01-05 14:35 - 2014-01-05 14:35 - 09452704 _____ (SurfRight B.V.) C:\Users\Elizabeth Penny\Downloads\HitmanPro.exe
2014-01-05 14:22 - 2014-01-05 14:22 - 00000848 _____ C:\Windows\PFRO.log
2014-01-05 12:10 - 2014-01-05 12:10 - 00002760 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_D_01052014_121006.txt
2014-01-05 12:10 - 2014-01-05 11:37 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\RK_Quarantine
2014-01-05 11:52 - 2014-01-05 11:48 - 00002866 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_S_01052014_114859.txt
2014-01-05 11:48 - 2014-01-05 11:48 - 03668480 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02302976 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02216448 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw4v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01744928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00987648 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00986624 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00900712 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00659968 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00654336 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00316520 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00287608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\Tmfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235112 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00232040 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00206848 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00200704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00179896 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00177640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00117760 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00112232 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106088 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00098408 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00088680 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00080488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00078952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076928 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESM7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076584 _____ C:\Windows\system32\Drivers\int15.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071784 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\djsvs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062208 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\EMS7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00056936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045160 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045056 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043872 _____ (Sonic Solutions) C:\Windows\system32\Drivers\pxhelp20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00042240 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESD7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041576 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038504 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00037480 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (LSI Logic) C:\Windows\system32\Drivers\symc8xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteatapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034920 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_u3.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033384 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\Mraid35x.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031848 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_hi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00028776 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021264 _____ (Dritek System Inc.) C:\Windows\system32\Drivers\DKbFltr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (N-trig Innovative Technologies) C:\Windows\system32\Drivers\ntrigdigi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020264 _____ (HiTRUST) C:\Windows\system32\Drivers\psdfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018816 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017512 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4Prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015656 _____ C:\Windows\system32\Drivers\int15_64.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012672 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerfltj.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerflt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (NewTech Infosystems, Inc.) C:\Windows\system32\Drivers\NTIDrvr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-05 11:48 - 2014-01-05 11:47 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00534016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00420968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00297576 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00147048 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00098408 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00071808 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070688 _____ (THOMSON) C:\Windows\system32\Drivers\alcaudsl.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00062336 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00054888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00049904 _____ (Avanquest Software) C:\Windows\system32\Drivers\BVRPMPR5.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00045056 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm4sbxp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00026984 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00023040 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmbo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00018048 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmb.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00016488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00015464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014952 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00013568 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012160 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00011904 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005280 _____ (THOMSON) C:\Windows\system32\Drivers\alcawh.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005248 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00003968 _____ (THOMSON) C:\Windows\system32\Drivers\alcacr.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002560 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002432 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys.bak
2014-01-05 11:37 - 2014-01-05 11:37 - 03810304 _____ C:\Users\Elizabeth Penny\Downloads\RogueKiller.exe
2014-01-05 09:57 - 2008-01-01 19:00 - 00000000 ____D C:\Windows\pss
2014-01-05 09:44 - 2014-01-05 09:44 - 00239074 _____ C:\Users\Elizabeth Penny\Desktop\cc_20140105_094406.reg
2014-01-05 09:37 - 2012-02-14 14:53 - 00000000 ____D C:\Program Files\CCleaner
2014-01-05 09:35 - 2014-01-05 09:35 - 04645232 _____ (Piriform Ltd) C:\Users\Elizabeth Penny\Downloads\ccsetup409.exe
2014-01-05 02:39 - 2013-02-18 16:22 - 00000000 ____D C:\Program Files\Youtube Movie Maker
2014-01-05 02:36 - 2013-09-01 08:10 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\vlc
2014-01-05 02:32 - 2013-04-29 18:45 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Local\Flvto Youtube Downloader
2014-01-05 01:54 - 2010-06-17 15:15 - 00000000 ____D C:\ProgramData\Real
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\ProgramData\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Program Files\RealNetworks
2014-01-05 01:49 - 2007-11-25 20:02 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Real
2014-01-05 01:48 - 2014-01-05 01:48 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\real
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\Common Files\xing shared
2014-01-05 01:48 - 2003-03-19 02:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2014-01-05 01:48 - 2003-02-21 11:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-01-05 01:47 - 2007-11-25 20:02 - 00000000 ____D C:\Program Files\Common Files\Real
2014-01-05 01:40 - 2014-01-05 01:40 - 00684288 _____ (RealNetworks, Inc.) C:\Users\Elizabeth Penny\Downloads\RealPlayer.exe
2014-01-05 01:39 - 2014-01-05 01:39 - 04901896 _____ (Adobe Systems Inc.) C:\Users\Elizabeth Penny\Downloads\Shockwave_Installer_Slim.exe
2014-01-05 01:39 - 2012-03-14 21:53 - 00000000 ____D C:\Windows\system32\Adobe
2014-01-05 01:08 - 2013-01-27 21:24 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Dropbox
2014-01-04 14:34 - 2013-01-27 22:21 - 00000000 ___RD C:\Users\Elizabeth Penny\Dropbox
2014-01-04 14:17 - 2014-01-04 13:27 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-04 14:17 - 2013-10-11 13:25 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-01-04 14:17 - 2013-06-06 17:38 - 00144992 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-01-04 13:39 - 2014-01-04 13:39 - 00002143 _____ C:\Users\Elizabeth Penny\Desktop\Safe Money.lnk
2014-01-04 13:32 - 2014-01-04 13:33 - 00001033 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-01-04 13:32 - 2007-10-09 18:13 - 00000000 ____D C:\Users\Elizabeth Penny
2014-01-04 13:27 - 2014-01-04 13:27 - 00000000 ____D C:\Program Files\Kaspersky Lab
2014-01-04 13:27 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2014-01-04 13:10 - 2006-11-02 12:47 - 00432832 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-04 13:07 - 2013-01-24 02:53 - 00001945 _____ C:\Windows\epplauncher.mif
2014-01-04 12:56 - 2014-01-04 11:42 - 252836160 _____ (Kaspersky Lab) C:\Users\Elizabeth Penny\Downloads\kis14.0.0.4651abEN_5146_2.exe
2014-01-04 11:01 - 2013-08-19 18:00 - 00000000 ____D C:\Program Files\Common Files\SMART Technologies
2014-01-04 10:48 - 2013-08-19 18:01 - 00000000 ____D C:\ProgramData\SMART Technologies
2014-01-04 10:41 - 2013-08-19 20:11 - 00000000 ____D C:\ProgramData\LAT 2.0 - ES
2014-01-04 10:41 - 2013-08-19 20:08 - 00000000 ____D C:\ProgramData\LAT 2.0 Deutsch
2014-01-04 10:41 - 2013-08-19 20:05 - 00000000 ____D C:\ProgramData\LAT 2.0 - FR
2014-01-04 10:32 - 2013-08-31 21:29 - 00000000 ____D C:\Program Files\DVDFab 9
2014-01-04 10:13 - 2013-12-28 12:56 - 00000000 ____D C:\Program Files\AviSynth 2.5
2014-01-04 09:46 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\Web
2014-01-04 01:17 - 2012-09-07 18:47 - 00000000 ____D C:\ProgramData\YTD YouTube Downloader & Converter
2014-01-04 00:56 - 2014-01-04 00:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 00:53 - 2014-01-04 00:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-01-04 00:53 - 2014-01-04 00:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-04 00:50 - 2014-01-04 00:50 - 00001371 _____ C:\Users\Elizabeth Penny\Desktop\JRT.txt
2014-01-04 00:44 - 2014-01-04 00:44 - 01036305 _____ (Thisisu) C:\Users\Elizabeth Penny\Downloads\JRT.exe
2014-01-04 00:36 - 2013-07-04 18:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-04 00:34 - 2013-11-02 22:20 - 00000000 ____D C:\AdwCleaner
2014-01-04 00:31 - 2014-01-04 00:31 - 01233962 _____ C:\Users\Elizabeth Penny\Downloads\adwcleaner.exe
2014-01-04 00:15 - 2014-01-04 00:15 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Old Firefox Data
2014-01-03 19:31 - 2014-01-03 19:31 - 00001668 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-03 19:31 - 2014-01-03 19:29 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-03 19:31 - 2014-01-03 19:29 - 00000000 ____D C:\Program Files\iTunes
2014-01-03 19:29 - 2014-01-03 19:29 - 00000000 ____D C:\Program Files\iPod
2014-01-03 19:29 - 2009-01-06 13:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-03 18:38 - 2014-01-03 18:38 - 24805592 _____ (Microsoft Corporation) C:\Users\Elizabeth Penny\Downloads\Windows-KB890830-V5.7.exe
2014-01-03 18:19 - 2013-11-20 15:59 - 00000000 ____D C:\ProgramData\d6d92c28a30dbe1c
2014-01-03 18:06 - 2014-01-03 18:06 - 00614784 _____ C:\Users\Elizabeth Penny\Downloads\avast-free-antivirus-8-0-1489.exe
2014-01-03 17:54 - 2014-01-03 17:54 - 00003807 _____ C:\Users\Elizabeth Penny\Downloads\instruction.txt
2014-01-03 17:54 - 2014-01-03 17:54 - 00000381 _____ C:\Users\Elizabeth Penny\Downloads\script.zip
2014-01-03 16:52 - 2007-03-22 11:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-03 15:55 - 2014-01-02 18:01 - 00011378 _____ C:\Users\Elizabeth Penny\Desktop\31 Rutland_Expenditure_2014.xlsx
2014-01-03 15:53 - 2013-08-20 10:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Local\Deployment
2014-01-02 20:56 - 2014-01-02 20:31 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\St. John's Ambulance
2014-01-02 16:31 - 2012-07-02 21:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 16:30 - 2010-01-06 22:24 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-01 14:00 - 2014-01-01 14:00 - 00000000 ____D C:\ProgramData\jlkfdhicpgbehlmglllijdfokbgicncn
2013-12-29 20:30 - 2013-12-28 20:03 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\sw4b4[1]
2013-12-28 20:03 - 2013-12-28 20:03 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4[1].zip
2013-12-28 20:02 - 2006-11-02 11:18 - 00000000 ___RD C:\Users\Public
2013-12-28 18:40 - 2006-11-02 12:37 - 00000000 ____D C:\Windows\twain_32
2013-12-28 18:21 - 2013-12-28 18:21 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4.zip
2013-12-28 16:32 - 2013-02-22 22:05 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\dvdcss
2013-12-28 14:32 - 2013-12-28 14:32 - 00000000 ____D C:\Users\Elizabeth Penny\Documents\DVDFab9
2013-12-28 14:31 - 2013-12-28 14:31 - 00000000 ____D C:\Program Files\Xvid
2013-12-28 14:29 - 2013-12-28 14:28 - 04700665 _____ (ffdshow                                                     ) C:\Users\Elizabeth Penny\Downloads\ffdshow_rev4500_20130106.exe
2013-12-28 14:27 - 2013-12-28 14:27 - 00001031 _____ C:\Users\Public\Desktop\WinX DVD Ripper.lnk
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Digiarty
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Program Files\Digiarty
2013-12-28 14:16 - 2013-12-28 14:16 - 00033019 _____ C:\Windows\system32\CoreAAC-uninstall.exe
2013-12-28 13:15 - 2013-12-09 22:00 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Images
2013-12-28 13:02 - 2013-12-28 13:02 - 10775712 _____ (Digiarty Software, Inc.                                     ) C:\Users\Elizabeth Penny\Downloads\winx-dvd-ripper.exe
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\LogMeInRemoteUser\Desktop\Avi2Dvd.lnk
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\Guest\Desktop\Avi2Dvd.lnk
2013-12-28 12:52 - 2013-12-28 12:52 - 37203147 _____ C:\Users\Elizabeth Penny\Downloads\Avi2Dvd_Setup_064.exe
2013-12-28 12:34 - 2013-12-28 12:34 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\1036
2013-12-28 12:03 - 2013-12-28 12:03 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\27798
2013-12-24 19:47 - 2013-12-24 19:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-24 02:13 - 2007-12-08 22:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Skype
2013-12-24 00:53 - 2013-03-23 00:47 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-15 20:52 - 2009-09-04 15:36 - 00000680 _____ C:\Users\Elizabeth Penny\AppData\Local\d3d9caps.dat
2013-12-12 19:31 - 2007-03-22 10:29 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-12 19:22 - 2013-08-16 10:10 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 21:31 - 2012-07-02 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 21:31 - 2012-07-02 21:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 22:10 - 2013-12-09 22:08 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Accomodation
2013-12-09 22:10 - 2013-12-09 22:06 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Private classes
 
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
 
 
Some content of TEMP:
====================
C:\Users\Elizabeth Penny\AppData\Local\Temp\lowproc.exe
C:\Users\Elizabeth Penny\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Elizabeth Penny\AppData\Local\Temp\stubhelper.dll
C:\Users\Guest\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Guest\AppData\Local\Temp\symlcsv1.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exeScan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2014
Ran by Elizabeth Penny (administrator) on ELIZABETHPEN-PC on 05-01-2014 21:40:24
Running from C:\Users\Elizabeth Penny\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lexmark International, Inc.) C:\Windows\System32\LEXBCES.EXE
(Lexmark International, Inc.) C:\Windows\System32\LEXPPS.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-23] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4390912 2007-03-01] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1603152 2007-04-03] (CANON INC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: E - E:\Msetup4.exe
MountPoints2: {12e1218d-870a-11de-9ed7-0016d4e492b4} - F:\AutoRun.exe
MountPoints2: {548df3d1-7c8c-11de-a293-0016d4e492b4} - F:\AutoRun.exe
MountPoints2: {548df3d8-7c8c-11de-a293-0016d4e492b4} - F:\AutoRun.exe
MountPoints2: {f3f145c3-8111-11de-8a5a-0016d4e492b4} - F:\AutoRun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Guest\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Guest\...\Run: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKU\Guest\...\Run: [Acer Tour Reminder] - [x]
HKU\Guest\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Guest\...\Run: [ISUSPM Startup] - "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
HKU\Guest\...\Run: [DriverScanner] - "C:\Program Files\Uniblue\DriverScanner\launcher.exe" delay 20000 
HKU\LogMeInRemoteUser\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2F510EA7-DAC6-6B01-C5A6-59637475B55B} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A0E8F20C-9612-47F5-AEA9-3C7100D8B7F7}: [NameServer]8.8.8.8,8.8.4.4


#6 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 05 January 2014 - 04:50 PM

The log was too long to paste in 1 post. Here is the second half. Thank you for your help.

 

FireFox:
========
FF ProfilePath: C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1ytdc0ct.default-1388794523538
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
FF Extension: No Name - C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: No Name - C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins
FF Extension: Movie2kDownloader - C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{57E72829-C158-4341-BBED-58F0AD1740FD}] - C:\Program Files\Google\Google Photos Screensaver\FF_ext
FF Extension: Google Photos Screensaver - C:\Program Files\Google\Google Photos Screensaver\FF_ext
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (SumatraPDF Browser Plugin) - C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Safe Money) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (RealDownloader) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Virtual Keyboard) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4816_0
CHR Extension: (Skype Click to Call) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Anti-Banner) - C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Elizabeth Penny\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
CHR HKLM\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Elizabeth Penny\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-11] (Kaspersky Lab ZAO)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] ()
R2 LexBceS; C:\Windows\System32\LEXBCES.EXE [303104 2003-08-18] (Lexmark International, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 ALaunchService; C:\Acer\ALaunch\ALaunchSvc.exe [x]
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe -p [x]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [x]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [x]
S2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [x]
 
==================== Drivers (Whitelisted) ====================
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [26984 2012-12-11] (AVG Technologies)
R1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [62208 2006-10-25] (ENE Technology Inc.)
R3 ESDCR; C:\Windows\System32\DRIVERS\ESD7SK.sys [42240 2006-10-25] (ENE Technology Inc.)
R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [76928 2006-10-25] (ENE Technology Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-01-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [574560 2014-01-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2014-01-04] (Kaspersky Lab ZAO)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S2 int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
S4 LMIRfsClientNP; No ImagePath
S3 LVRS; system32\DRIVERS\lvrs.sys [x]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [x]
S3 netr28u; system32\DRIVERS\netr28u.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 pepifilter; system32\DRIVERS\lv302af.sys [x]
S3 PID_PEPI; system32\DRIVERS\LV302V32.SYS [x]
S3 SMARTMouseFilterx86; system32\DRIVERS\SMARTMouseFilterx86.sys [x]
S3 SMARTVHidMini2000x86; system32\DRIVERS\SMARTVHidMini2000x86.sys [x]
S3 SMARTVTabletPCx86; system32\DRIVERS\SMARTVTabletPCx86.sys [x]
U3 TrueSight; \??\ [x]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-05 17:37 - 2014-01-05 17:37 - 00030270 _____ C:\Users\Elizabeth Penny\Downloads\Addition.txt
2014-01-05 17:35 - 2014-01-05 21:40 - 00024657 _____ C:\Users\Elizabeth Penny\Downloads\FRST.txt
2014-01-05 17:34 - 2014-01-05 17:34 - 00000000 ____D C:\FRST
2014-01-05 17:32 - 2014-01-05 17:32 - 01064761 _____ (Farbar) C:\Users\Elizabeth Penny\Downloads\FRST.exe
2014-01-05 15:14 - 2014-01-05 15:14 - 00012380 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1514.log
2014-01-05 15:02 - 2014-01-05 15:02 - 00011748 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1502.log
2014-01-05 14:41 - 2014-01-05 14:41 - 00000000 ____D C:\Program Files\HitmanPro
2014-01-05 14:35 - 2014-01-05 15:02 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-05 14:35 - 2014-01-05 14:35 - 09452704 _____ (SurfRight B.V.) C:\Users\Elizabeth Penny\Downloads\HitmanPro.exe
2014-01-05 14:22 - 2014-01-05 14:22 - 00000848 _____ C:\Windows\PFRO.log
2014-01-05 12:10 - 2014-01-05 12:10 - 00002760 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_D_01052014_121006.txt
2014-01-05 11:48 - 2014-01-05 11:52 - 00002866 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_S_01052014_114859.txt
2014-01-05 11:48 - 2014-01-05 11:48 - 03668480 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02302976 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02216448 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw4v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01744928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00987648 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00986624 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00900712 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00659968 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00654336 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00316520 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00287608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\Tmfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235112 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00232040 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00206848 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00200704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00179896 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00177640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00117760 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00112232 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106088 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00098408 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00088680 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00080488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00078952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076928 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESM7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076584 _____ C:\Windows\system32\Drivers\int15.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071784 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\djsvs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062208 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\EMS7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00056936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045160 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045056 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043872 _____ (Sonic Solutions) C:\Windows\system32\Drivers\pxhelp20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00042240 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESD7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041576 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038504 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00037480 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (LSI Logic) C:\Windows\system32\Drivers\symc8xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteatapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034920 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_u3.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033384 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\Mraid35x.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031848 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_hi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00028776 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021264 _____ (Dritek System Inc.) C:\Windows\system32\Drivers\DKbFltr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (N-trig Innovative Technologies) C:\Windows\system32\Drivers\ntrigdigi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020264 _____ (HiTRUST) C:\Windows\system32\Drivers\psdfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018816 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017512 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4Prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015656 _____ C:\Windows\system32\Drivers\int15_64.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012672 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerfltj.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerflt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (NewTech Infosystems, Inc.) C:\Windows\system32\Drivers\NTIDrvr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-05 11:47 - 2014-01-05 11:48 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00534016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00420968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00297576 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00147048 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00098408 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00071808 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070688 _____ (THOMSON) C:\Windows\system32\Drivers\alcaudsl.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00062336 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00054888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00049904 _____ (Avanquest Software) C:\Windows\system32\Drivers\BVRPMPR5.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00045056 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm4sbxp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00026984 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00023040 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmbo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00018048 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmb.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00016488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00015464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014952 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00013568 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012160 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00011904 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005280 _____ (THOMSON) C:\Windows\system32\Drivers\alcawh.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005248 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00003968 _____ (THOMSON) C:\Windows\system32\Drivers\alcacr.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002560 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002432 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys.bak
2014-01-05 11:37 - 2014-01-05 12:10 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\RK_Quarantine
2014-01-05 11:37 - 2014-01-05 11:37 - 03810304 _____ C:\Users\Elizabeth Penny\Downloads\RogueKiller.exe
2014-01-05 09:44 - 2014-01-05 09:44 - 00239074 _____ C:\Users\Elizabeth Penny\Desktop\cc_20140105_094406.reg
2014-01-05 09:35 - 2014-01-05 09:35 - 04645232 _____ (Piriform Ltd) C:\Users\Elizabeth Penny\Downloads\ccsetup409.exe
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\ProgramData\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Program Files\RealNetworks
2014-01-05 01:48 - 2014-01-05 01:48 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\real
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\Common Files\xing shared
2014-01-05 01:40 - 2014-01-05 01:40 - 00684288 _____ (RealNetworks, Inc.) C:\Users\Elizabeth Penny\Downloads\RealPlayer.exe
2014-01-05 01:39 - 2014-01-05 01:39 - 04901896 _____ (Adobe Systems Inc.) C:\Users\Elizabeth Penny\Downloads\Shockwave_Installer_Slim.exe
2014-01-04 14:29 - 2003-02-14 19:14 - 00110592 _____ (TechSmith Corporation) C:\Windows\system32\tsccvid.dll
2014-01-04 13:39 - 2014-01-04 13:39 - 00002143 _____ C:\Users\Elizabeth Penny\Desktop\Safe Money.lnk
2014-01-04 13:33 - 2014-01-04 13:32 - 00001033 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-01-04 13:27 - 2014-01-05 21:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-04 13:27 - 2014-01-04 14:17 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-04 13:27 - 2014-01-04 13:27 - 00000000 ____D C:\Program Files\Kaspersky Lab
2014-01-04 13:27 - 2013-06-08 20:18 - 00094304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-01-04 11:42 - 2014-01-04 12:56 - 252836160 _____ (Kaspersky Lab) C:\Users\Elizabeth Penny\Downloads\kis14.0.0.4651abEN_5146_2.exe
2014-01-04 00:56 - 2014-01-04 00:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 00:56 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 00:53 - 2014-01-04 00:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-01-04 00:52 - 2014-01-04 00:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-04 00:50 - 2014-01-04 00:50 - 00001371 _____ C:\Users\Elizabeth Penny\Desktop\JRT.txt
2014-01-04 00:44 - 2014-01-04 00:44 - 01036305 _____ (Thisisu) C:\Users\Elizabeth Penny\Downloads\JRT.exe
2014-01-04 00:31 - 2014-01-04 00:31 - 01233962 _____ C:\Users\Elizabeth Penny\Downloads\adwcleaner.exe
2014-01-04 00:15 - 2014-01-04 00:15 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Old Firefox Data
2014-01-03 19:31 - 2014-01-03 19:31 - 00001668 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-03 19:29 - 2014-01-03 19:31 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-03 19:29 - 2014-01-03 19:31 - 00000000 ____D C:\Program Files\iTunes
2014-01-03 19:29 - 2014-01-03 19:29 - 00000000 ____D C:\Program Files\iPod
2014-01-03 18:38 - 2014-01-03 18:38 - 24805592 _____ (Microsoft Corporation) C:\Users\Elizabeth Penny\Downloads\Windows-KB890830-V5.7.exe
2014-01-03 18:06 - 2014-01-03 18:06 - 00614784 _____ C:\Users\Elizabeth Penny\Downloads\avast-free-antivirus-8-0-1489.exe
2014-01-03 17:54 - 2014-01-03 17:54 - 00003807 _____ C:\Users\Elizabeth Penny\Downloads\instruction.txt
2014-01-03 17:54 - 2014-01-03 17:54 - 00000381 _____ C:\Users\Elizabeth Penny\Downloads\script.zip
2014-01-02 20:31 - 2014-01-02 20:56 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\St. John's Ambulance
2014-01-02 18:01 - 2014-01-03 15:55 - 00011378 _____ C:\Users\Elizabeth Penny\Desktop\31 Rutland_Expenditure_2014.xlsx
2014-01-01 14:00 - 2014-01-01 14:00 - 00000000 ____D C:\ProgramData\jlkfdhicpgbehlmglllijdfokbgicncn
2013-12-28 20:03 - 2013-12-29 20:30 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\sw4b4[1]
2013-12-28 20:03 - 2013-12-28 20:03 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4[1].zip
2013-12-28 18:21 - 2013-12-28 18:21 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4.zip
2013-12-28 14:32 - 2013-12-28 14:32 - 00000000 ____D C:\Users\Elizabeth Penny\Documents\DVDFab9
2013-12-28 14:31 - 2013-12-28 14:31 - 00000000 ____D C:\Program Files\Xvid
2013-12-28 14:31 - 2009-06-07 16:25 - 00077824 _____ C:\Windows\system32\xvid.ax
2013-12-28 14:31 - 2009-06-07 16:24 - 00180224 _____ C:\Windows\system32\xvidvfw.dll
2013-12-28 14:31 - 2009-06-07 16:16 - 00819200 _____ C:\Windows\system32\xvidcore.dll
2013-12-28 14:28 - 2013-12-28 14:29 - 04700665 _____ (ffdshow                                                     ) C:\Users\Elizabeth Penny\Downloads\ffdshow_rev4500_20130106.exe
2013-12-28 14:27 - 2013-12-28 14:27 - 00001031 _____ C:\Users\Public\Desktop\WinX DVD Ripper.lnk
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Digiarty
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Program Files\Digiarty
2013-12-28 14:16 - 2013-12-28 14:16 - 00033019 _____ C:\Windows\system32\CoreAAC-uninstall.exe
2013-12-28 13:02 - 2013-12-28 13:02 - 10775712 _____ (Digiarty Software, Inc.                                     ) C:\Users\Elizabeth Penny\Downloads\winx-dvd-ripper.exe
2013-12-28 12:56 - 2014-01-04 10:13 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\LogMeInRemoteUser\Desktop\Avi2Dvd.lnk
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\Guest\Desktop\Avi2Dvd.lnk
2013-12-28 12:52 - 2013-12-28 12:52 - 37203147 _____ C:\Users\Elizabeth Penny\Downloads\Avi2Dvd_Setup_064.exe
2013-12-28 12:34 - 2013-12-28 12:34 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\1036
2013-12-28 12:03 - 2013-12-28 12:03 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\27798
2013-12-24 19:46 - 2013-12-24 19:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-12 19:07 - 2013-11-14 23:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 19:07 - 2013-11-14 22:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 19:07 - 2013-11-14 22:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 19:07 - 2013-11-14 22:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 19:07 - 2013-11-14 22:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 19:07 - 2013-11-14 22:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 19:07 - 2013-11-14 22:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-12 19:07 - 2013-11-14 22:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 19:07 - 2013-11-14 22:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-12 19:07 - 2013-11-14 22:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-12 19:07 - 2013-11-14 22:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 19:07 - 2013-11-14 22:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-12 19:07 - 2013-11-14 22:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 19:07 - 2013-11-14 22:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-12 19:07 - 2013-11-14 22:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 19:07 - 2013-11-14 22:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 20:57 - 2013-10-30 02:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 20:57 - 2013-10-30 01:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:57 - 2013-10-30 00:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 20:57 - 2013-10-30 00:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:57 - 2013-10-22 07:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:57 - 2013-10-11 02:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:57 - 2013-10-11 02:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:57 - 2013-10-11 02:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 20:57 - 2013-10-11 00:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:57 - 2013-10-11 00:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-09 22:08 - 2013-12-09 22:10 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Accomodation
2013-12-09 22:06 - 2013-12-09 22:10 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Private classes
2013-12-09 22:00 - 2013-12-28 13:15 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Images
 
==================== One Month Modified Files and Folders =======
 
2014-01-05 21:40 - 2014-01-05 17:35 - 00024657 _____ C:\Users\Elizabeth Penny\Downloads\FRST.txt
2014-01-05 21:39 - 2014-01-04 13:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-05 21:27 - 2006-11-02 12:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 21:27 - 2006-11-02 12:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 18:38 - 2013-01-24 01:49 - 01696395 _____ C:\Windows\WindowsUpdate.log
2014-01-05 17:37 - 2014-01-05 17:37 - 00030270 _____ C:\Users\Elizabeth Penny\Downloads\Addition.txt
2014-01-05 17:34 - 2014-01-05 17:34 - 00000000 ____D C:\FRST
2014-01-05 17:32 - 2014-01-05 17:32 - 01064761 _____ (Farbar) C:\Users\Elizabeth Penny\Downloads\FRST.exe
2014-01-05 15:32 - 2006-11-02 10:33 - 00772770 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 15:25 - 2010-01-06 22:24 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-05 15:25 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-05 15:24 - 2006-11-02 13:01 - 00032532 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-05 15:14 - 2014-01-05 15:14 - 00012380 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1514.log
2014-01-05 15:02 - 2014-01-05 15:02 - 00011748 _____ C:\Users\Elizabeth Penny\Desktop\HitmanPro_20140105_1502.log
2014-01-05 15:02 - 2014-01-05 14:35 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-05 14:41 - 2014-01-05 14:41 - 00000000 ____D C:\Program Files\HitmanPro
2014-01-05 14:35 - 2014-01-05 14:35 - 09452704 _____ (SurfRight B.V.) C:\Users\Elizabeth Penny\Downloads\HitmanPro.exe
2014-01-05 14:22 - 2014-01-05 14:22 - 00000848 _____ C:\Windows\PFRO.log
2014-01-05 12:10 - 2014-01-05 12:10 - 00002760 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_D_01052014_121006.txt
2014-01-05 12:10 - 2014-01-05 11:37 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\RK_Quarantine
2014-01-05 11:52 - 2014-01-05 11:48 - 00002866 _____ C:\Users\Elizabeth Penny\Desktop\RKreport[0]_S_01052014_114859.txt
2014-01-05 11:48 - 2014-01-05 11:48 - 03668480 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw5v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02302976 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 02216448 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETw4v32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01744928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00987648 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTDPV3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00986624 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_DPV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00914880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00900712 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql2300.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00659968 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSX_CNXT.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00654336 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTCNXT3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00316520 _____ (Emulex) C:\Windows\system32\Drivers\elxstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00287608 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\Tmfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00235112 _____ (ULi Electronics Inc.) C:\Windows\system32\Drivers\uliahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00232040 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00206848 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\HSXHWAZL.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00200704 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\VSTAZL3.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00179896 _____ (Synaptics, Inc.) C:\Windows\system32\Drivers\SynTP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00177640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcmcia.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00117760 _____ (Intel Corporation) C:\Windows\system32\Drivers\E1G60I32.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00115816 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00112232 _____ (VIA Technologies Inc.,Ltd) C:\Windows\system32\Drivers\vsmraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00106088 _____ (QLogic Corporation) C:\Windows\system32\Drivers\ql40xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00098408 _____ (Promise Technology, Inc.) C:\Windows\system32\Drivers\ulsata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00088680 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00080488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00078952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076928 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESM7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076584 _____ C:\Windows\system32\Drivers\int15.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071784 _____ (Silicon Integrated Systems) C:\Windows\system32\Drivers\sisraid4.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00071272 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\djsvs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_scsi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_sas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065640 _____ (LSI Logic) C:\Windows\system32\Drivers\lsi_fc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062208 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\EMS7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00062080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rspndr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\GAGP30KX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00058472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00056936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UAGP35.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00052792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045160 _____ (IBM Corporation) C:\Windows\system32\Drivers\nfrd960.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00045056 _____ (Apple, Inc.) C:\Windows\system32\Drivers\usbaapl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043872 _____ (Sonic Solutions) C:\Windows\system32\Drivers\pxhelp20.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00042240 _____ (ENE Technology Inc.) C:\Windows\system32\Drivers\ESD7SK.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041576 _____ (Intel Corp./ICP vortex GmbH) C:\Windows\system32\Drivers\iirsp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00040040 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crusoe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038504 _____ (Silicon Integrated Systems Corp.) C:\Windows\system32\Drivers\sisraid2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00037480 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpCISSs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4usb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (LSI Logic) C:\Windows\system32\Drivers\symc8xx.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteraid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035944 _____ (Integrated Technology Express, Inc.) C:\Windows\system32\Drivers\iteatapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034920 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_u3.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033384 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\Mraid35x.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031848 _____ (LSI Logic) C:\Windows\system32\Drivers\sym_hi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\qwavedrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00028776 _____ (LSI Logic Corporation) C:\Windows\system32\Drivers\megasas.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filetrace.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026840 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vgapnp.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vga.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fdc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tape.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00023144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crcdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidir.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021264 _____ (Dritek System Inc.) C:\Windows\system32\Drivers\DKbFltr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00021048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spldr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (N-trig Innovative Technologies) C:\Windows\system32\Drivers\ntrigdigi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wacompen.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020480 _____ (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) C:\Windows\system32\Drivers\secdrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00020264 _____ (HiTRUST) C:\Windows\system32\Drivers\psdfilter.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mcd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00018816 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmilib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017512 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viaide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smclib.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i2omgmt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dot4Prt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015656 _____ C:\Windows\system32\Drivers\int15_64.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00015288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffdisk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irenum.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxapi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_mmc.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00012672 _____ (Conexant) C:\Windows\system32\Drivers\mdmxsdk.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerfltj.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Nokia) C:\Windows\system32\Drivers\usbser_lowerflt.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00008192 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umpass.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (NewTech Infosystems, Inc.) C:\Windows\system32\Drivers\NTIDrvr.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPENCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mstee.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspclock.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00005504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mspqm.sys.bak
2014-01-05 11:48 - 2014-01-05 11:48 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys.bak
2014-01-05 11:48 - 2014-01-05 11:47 - 00020792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00534016 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL6.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00420968 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adp94xx.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00297576 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpahci.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00147048 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu320.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00098408 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\adpu160m.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00071808 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerId.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070688 _____ (THOMSON) C:\Windows\system32\Drivers\alcaudsl.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arcsas.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067688 _____ (Adaptec, Inc.) C:\Windows\system32\Drivers\arc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00062336 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrSerWdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00054888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00053376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394bus.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00049904 _____ (Avanquest Software) C:\Windows\system32\Drivers\BVRPMPR5.SYS.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00045056 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm4sbxp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthmodem.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk7.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\circlass.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00026984 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00023040 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmbo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00018048 _____ (Nokia) C:\Windows\system32\Drivers\ccdcmb.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\asyncmac.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00016488 _____ (CMD Technology, Inc.) C:\Windows\system32\Drivers\cmdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00015464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014952 _____ (Acer Laboratories Inc.) C:\Windows\system32\Drivers\aliide.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00013568 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltLo.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bdasup.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00012160 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbMdm.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00011904 _____ (Brother Industries Ltd.) C:\Windows\system32\Drivers\BrUsbSer.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005280 _____ (THOMSON) C:\Windows\system32\Drivers\alcawh.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00005248 _____ (Brother Industries, Ltd.) C:\Windows\system32\Drivers\BrFiltUp.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00003968 _____ (THOMSON) C:\Windows\system32\Drivers\alcacr.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002560 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys.bak
2014-01-05 11:47 - 2014-01-05 11:47 - 00002432 _____ (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys.bak
2014-01-05 11:37 - 2014-01-05 11:37 - 03810304 _____ C:\Users\Elizabeth Penny\Downloads\RogueKiller.exe
2014-01-05 09:57 - 2008-01-01 19:00 - 00000000 ____D C:\Windows\pss
2014-01-05 09:44 - 2014-01-05 09:44 - 00239074 _____ C:\Users\Elizabeth Penny\Desktop\cc_20140105_094406.reg
2014-01-05 09:37 - 2012-02-14 14:53 - 00000000 ____D C:\Program Files\CCleaner
2014-01-05 09:35 - 2014-01-05 09:35 - 04645232 _____ (Piriform Ltd) C:\Users\Elizabeth Penny\Downloads\ccsetup409.exe
2014-01-05 02:39 - 2013-02-18 16:22 - 00000000 ____D C:\Program Files\Youtube Movie Maker
2014-01-05 02:36 - 2013-09-01 08:10 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\vlc
2014-01-05 02:32 - 2013-04-29 18:45 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Local\Flvto Youtube Downloader
2014-01-05 01:54 - 2010-06-17 15:15 - 00000000 ____D C:\ProgramData\Real
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\ProgramData\RealNetworks
2014-01-05 01:49 - 2014-01-05 01:49 - 00000000 ____D C:\Program Files\RealNetworks
2014-01-05 01:49 - 2007-11-25 20:02 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Real
2014-01-05 01:48 - 2014-01-05 01:48 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\real
2014-01-05 01:48 - 2014-01-05 01:48 - 00000000 ____D C:\Program Files\Common Files\xing shared
2014-01-05 01:48 - 2003-03-19 02:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2014-01-05 01:48 - 2003-02-21 11:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-01-05 01:47 - 2007-11-25 20:02 - 00000000 ____D C:\Program Files\Common Files\Real
2014-01-05 01:40 - 2014-01-05 01:40 - 00684288 _____ (RealNetworks, Inc.) C:\Users\Elizabeth Penny\Downloads\RealPlayer.exe
2014-01-05 01:39 - 2014-01-05 01:39 - 04901896 _____ (Adobe Systems Inc.) C:\Users\Elizabeth Penny\Downloads\Shockwave_Installer_Slim.exe
2014-01-05 01:39 - 2012-03-14 21:53 - 00000000 ____D C:\Windows\system32\Adobe
2014-01-05 01:08 - 2013-01-27 21:24 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Dropbox
2014-01-04 14:34 - 2013-01-27 22:21 - 00000000 ___RD C:\Users\Elizabeth Penny\Dropbox
2014-01-04 14:17 - 2014-01-04 13:27 - 00574560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-04 14:17 - 2013-10-11 13:25 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-01-04 14:17 - 2013-06-06 17:38 - 00144992 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-01-04 13:39 - 2014-01-04 13:39 - 00002143 _____ C:\Users\Elizabeth Penny\Desktop\Safe Money.lnk
2014-01-04 13:32 - 2014-01-04 13:33 - 00001033 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-01-04 13:32 - 2007-10-09 18:13 - 00000000 ____D C:\Users\Elizabeth Penny
2014-01-04 13:27 - 2014-01-04 13:27 - 00000000 ____D C:\Program Files\Kaspersky Lab
2014-01-04 13:27 - 2006-11-02 12:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2014-01-04 13:10 - 2006-11-02 12:47 - 00432832 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-04 13:07 - 2013-01-24 02:53 - 00001945 _____ C:\Windows\epplauncher.mif
2014-01-04 12:56 - 2014-01-04 11:42 - 252836160 _____ (Kaspersky Lab) C:\Users\Elizabeth Penny\Downloads\kis14.0.0.4651abEN_5146_2.exe
2014-01-04 11:01 - 2013-08-19 18:00 - 00000000 ____D C:\Program Files\Common Files\SMART Technologies
2014-01-04 10:48 - 2013-08-19 18:01 - 00000000 ____D C:\ProgramData\SMART Technologies
2014-01-04 10:41 - 2013-08-19 20:11 - 00000000 ____D C:\ProgramData\LAT 2.0 - ES
2014-01-04 10:41 - 2013-08-19 20:08 - 00000000 ____D C:\ProgramData\LAT 2.0 Deutsch
2014-01-04 10:41 - 2013-08-19 20:05 - 00000000 ____D C:\ProgramData\LAT 2.0 - FR
2014-01-04 10:32 - 2013-08-31 21:29 - 00000000 ____D C:\Program Files\DVDFab 9
2014-01-04 10:13 - 2013-12-28 12:56 - 00000000 ____D C:\Program Files\AviSynth 2.5
2014-01-04 09:46 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\Web
2014-01-04 01:17 - 2012-09-07 18:47 - 00000000 ____D C:\ProgramData\YTD YouTube Downloader & Converter
2014-01-04 00:56 - 2014-01-04 00:56 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 00:53 - 2014-01-04 00:53 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-01-04 00:53 - 2014-01-04 00:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Elizabeth Penny\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-04 00:50 - 2014-01-04 00:50 - 00001371 _____ C:\Users\Elizabeth Penny\Desktop\JRT.txt
2014-01-04 00:44 - 2014-01-04 00:44 - 01036305 _____ (Thisisu) C:\Users\Elizabeth Penny\Downloads\JRT.exe
2014-01-04 00:36 - 2013-07-04 18:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-04 00:34 - 2013-11-02 22:20 - 00000000 ____D C:\AdwCleaner
2014-01-04 00:31 - 2014-01-04 00:31 - 01233962 _____ C:\Users\Elizabeth Penny\Downloads\adwcleaner.exe
2014-01-04 00:15 - 2014-01-04 00:15 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Old Firefox Data
2014-01-03 19:31 - 2014-01-03 19:31 - 00001668 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-03 19:31 - 2014-01-03 19:29 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-01-03 19:31 - 2014-01-03 19:29 - 00000000 ____D C:\Program Files\iTunes
2014-01-03 19:29 - 2014-01-03 19:29 - 00000000 ____D C:\Program Files\iPod
2014-01-03 19:29 - 2009-01-06 13:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-03 18:38 - 2014-01-03 18:38 - 24805592 _____ (Microsoft Corporation) C:\Users\Elizabeth Penny\Downloads\Windows-KB890830-V5.7.exe
2014-01-03 18:19 - 2013-11-20 15:59 - 00000000 ____D C:\ProgramData\d6d92c28a30dbe1c
2014-01-03 18:06 - 2014-01-03 18:06 - 00614784 _____ C:\Users\Elizabeth Penny\Downloads\avast-free-antivirus-8-0-1489.exe
2014-01-03 17:54 - 2014-01-03 17:54 - 00003807 _____ C:\Users\Elizabeth Penny\Downloads\instruction.txt
2014-01-03 17:54 - 2014-01-03 17:54 - 00000381 _____ C:\Users\Elizabeth Penny\Downloads\script.zip
2014-01-03 16:52 - 2007-03-22 11:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-03 15:55 - 2014-01-02 18:01 - 00011378 _____ C:\Users\Elizabeth Penny\Desktop\31 Rutland_Expenditure_2014.xlsx
2014-01-03 15:53 - 2013-08-20 10:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Local\Deployment
2014-01-02 20:56 - 2014-01-02 20:31 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\St. John's Ambulance
2014-01-02 16:31 - 2012-07-02 21:03 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-02 16:30 - 2010-01-06 22:24 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-01 14:00 - 2014-01-01 14:00 - 00000000 ____D C:\ProgramData\jlkfdhicpgbehlmglllijdfokbgicncn
2013-12-29 20:30 - 2013-12-28 20:03 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\sw4b4[1]
2013-12-28 20:03 - 2013-12-28 20:03 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4[1].zip
2013-12-28 20:02 - 2006-11-02 11:18 - 00000000 ___RD C:\Users\Public
2013-12-28 18:40 - 2006-11-02 12:37 - 00000000 ____D C:\Windows\twain_32
2013-12-28 18:21 - 2013-12-28 18:21 - 01092977 _____ C:\Users\Elizabeth Penny\Desktop\sw4b4.zip
2013-12-28 16:32 - 2013-02-22 22:05 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\dvdcss
2013-12-28 14:32 - 2013-12-28 14:32 - 00000000 ____D C:\Users\Elizabeth Penny\Documents\DVDFab9
2013-12-28 14:31 - 2013-12-28 14:31 - 00000000 ____D C:\Program Files\Xvid
2013-12-28 14:29 - 2013-12-28 14:28 - 04700665 _____ (ffdshow                                                     ) C:\Users\Elizabeth Penny\Downloads\ffdshow_rev4500_20130106.exe
2013-12-28 14:27 - 2013-12-28 14:27 - 00001031 _____ C:\Users\Public\Desktop\WinX DVD Ripper.lnk
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Digiarty
2013-12-28 14:27 - 2013-12-28 14:27 - 00000000 ____D C:\Program Files\Digiarty
2013-12-28 14:16 - 2013-12-28 14:16 - 00033019 _____ C:\Windows\system32\CoreAAC-uninstall.exe
2013-12-28 13:15 - 2013-12-09 22:00 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Images
2013-12-28 13:02 - 2013-12-28 13:02 - 10775712 _____ (Digiarty Software, Inc.                                     ) C:\Users\Elizabeth Penny\Downloads\winx-dvd-ripper.exe
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\LogMeInRemoteUser\Desktop\Avi2Dvd.lnk
2013-12-28 12:55 - 2013-12-28 12:55 - 00000792 _____ C:\Users\Guest\Desktop\Avi2Dvd.lnk
2013-12-28 12:52 - 2013-12-28 12:52 - 37203147 _____ C:\Users\Elizabeth Penny\Downloads\Avi2Dvd_Setup_064.exe
2013-12-28 12:34 - 2013-12-28 12:34 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\1036
2013-12-28 12:03 - 2013-12-28 12:03 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\27798
2013-12-24 19:47 - 2013-12-24 19:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-24 02:13 - 2007-12-08 22:27 - 00000000 ____D C:\Users\Elizabeth Penny\AppData\Roaming\Skype
2013-12-24 00:53 - 2013-03-23 00:47 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-15 20:52 - 2009-09-04 15:36 - 00000680 _____ C:\Users\Elizabeth Penny\AppData\Local\d3d9caps.dat
2013-12-12 19:31 - 2007-03-22 10:29 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-12 19:22 - 2013-08-16 10:10 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 21:31 - 2012-07-02 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 21:31 - 2012-07-02 21:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 22:10 - 2013-12-09 22:08 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Accomodation
2013-12-09 22:10 - 2013-12-09 22:06 - 00000000 ____D C:\Users\Elizabeth Penny\Desktop\Private classes
 
Files to move or delete:
====================
C:\ProgramData\ezsid.dat
 
 
Some content of TEMP:
====================
C:\Users\Elizabeth Penny\AppData\Local\Temp\lowproc.exe
C:\Users\Elizabeth Penny\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Elizabeth Penny\AppData\Local\Temp\stubhelper.dll
C:\Users\Guest\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Guest\AppData\Local\Temp\symlcsv1.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-05 15:31
 
==================== End Of Log =============================> MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-05 15:31
 
==================== End Of Log ============================


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:31 PM

Posted 05 January 2014 - 07:48 PM

Press the Windows key+R. At the Run Command type (or copy and paste) the following and press Enter:

CMD /C Dir /a /o:n C:\Windows\system32\Drivers\* >"%Userprofile%\desktop\Report.txt"

 

A report.txt file will be created on your desktop. Please attach that report to your reply.


Edited by JSntgRvr, 05 January 2014 - 07:55 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 05 January 2014 - 09:25 PM

Here it is:

 

Volume in drive C is ACER
 Volume Serial Number is 2C53-023E
 
 Directory of C:\Windows\system32\Drivers
 
05/01/2014  16:35    <DIR>          .
05/01/2014  16:35    <DIR>          ..
02/11/2006  08:55            53,376 1394bus.sys
05/01/2014  11:47            53,376 1394bus.sys.bak
22/03/2007  08:30                20 Acer_A568_HomePremium_X86_EN.MRK
11/04/2009  06:32           265,688 acpi.sys
05/01/2014  11:47           265,688 acpi.sys.bak
02/11/2006  09:51           420,968 adp94xx.sys
05/01/2014  11:47           420,968 adp94xx.sys.bak
02/11/2006  09:51           297,576 adpahci.sys
05/01/2014  11:47           297,576 adpahci.sys.bak
02/11/2006  09:50            98,408 adpu160m.sys
05/01/2014  11:47            98,408 adpu160m.sys.bak
02/11/2006  09:51           147,048 adpu320.sys
05/01/2014  11:47           147,048 adpu320.sys.bak
21/04/2011  13:58           273,408 afd.sys
05/01/2014  11:47           273,408 afd.sys.bak
02/11/2006  09:49            53,864 AGP440.sys
05/01/2014  11:47            53,864 AGP440.sys.bak
17/02/2004  09:38             3,968 alcacr.sys
05/01/2014  11:47             3,968 alcacr.sys.bak
17/02/2004  09:38            70,688 alcaudsl.sys
05/01/2014  11:47            70,688 alcaudsl.sys.bak
17/02/2004  09:38             5,280 alcawh.sys
05/01/2014  11:47             5,280 alcawh.sys.bak
02/11/2006  09:49            14,952 aliide.sys
05/01/2014  11:47            14,952 aliide.sys.bak
02/11/2006  09:49            54,888 AMDAGP.SYS
05/01/2014  11:47            54,888 AMDAGP.SYS.bak
02/11/2006  09:49            15,464 amdide.sys
05/01/2014  11:47            15,464 amdide.sys.bak
02/11/2006  08:30            38,912 amdk7.sys
05/01/2014  11:47            38,912 amdk7.sys.bak
02/11/2006  08:30            40,960 amdk8.sys
05/01/2014  11:47            40,960 amdk8.sys.bak
02/11/2006  09:50            67,688 arc.sys
05/01/2014  11:47            67,688 arc.sys.bak
02/11/2006  09:50            67,688 arcsas.sys
05/01/2014  11:47            67,688 arcsas.sys.bak
19/01/2008  05:56            17,408 asyncmac.sys
05/01/2014  11:47            17,408 asyncmac.sys.bak
11/04/2009  06:32            19,944 atapi.sys
05/01/2014  11:47            19,944 atapi.sys.bak
11/04/2009  06:32           109,032 ataport.sys
05/01/2014  11:47           109,032 ataport.sys.bak
11/12/2012  22:17            26,984 avgtpx86.sys
05/01/2014  11:47            26,984 avgtpx86.sys.bak
19/01/2008  07:41            28,216 battc.sys
05/01/2014  11:47            28,216 battc.sys.bak
02/11/2006  07:30            45,056 bcm4sbxp.sys
05/01/2014  11:47            45,056 bcm4sbxp.sys.bak
19/12/2006  04:18           534,016 BCMWL6.SYS
05/01/2014  11:47           534,016 BCMWL6.SYS.bak
19/01/2008  05:53            12,288 bdasup.sys
05/01/2014  11:47            12,288 bdasup.sys.bak
19/01/2008  05:49             6,144 beep.sys
05/01/2014  11:47             6,144 beep.sys.bak
22/02/2011  13:23            69,632 bowser.sys
05/01/2014  11:47            69,632 bowser.sys.bak
02/11/2006  08:24            13,568 BrFiltLo.sys
05/01/2014  11:47            13,568 BrFiltLo.sys.bak
02/11/2006  08:24             5,248 BrFiltUp.sys
05/01/2014  11:47             5,248 BrFiltUp.sys.bak
11/04/2009  05:42            93,696 bridge.sys
05/01/2014  11:47            93,696 bridge.sys.bak
02/11/2006  08:25            71,808 BrSerId.sys
05/01/2014  11:47            71,808 BrSerId.sys.bak
02/11/2006  08:24            62,336 BrSerWdm.sys
05/01/2014  11:47            62,336 BrSerWdm.sys.bak
02/11/2006  08:24            12,160 BrUsbMdm.sys
05/01/2014  11:47            12,160 BrUsbMdm.sys.bak
02/11/2006  08:24            11,904 BrUsbSer.sys
05/01/2014  11:47            11,904 BrUsbSer.sys.bak
02/11/2006  08:55            39,936 bthmodem.sys
05/01/2014  11:47            39,936 bthmodem.sys.bak
08/07/2010  14:31            49,904 BVRPMPR5.SYS
05/01/2014  11:47            49,904 BVRPMPR5.SYS.bak
30/07/2010  12:16            18,048 ccdcmb.sys
05/01/2014  11:47            18,048 ccdcmb.sys.bak
30/07/2010  12:16            23,040 ccdcmbo.sys
05/01/2014  11:47            23,040 ccdcmbo.sys.bak
19/01/2008  05:28            70,144 cdfs.sys
05/01/2014  11:47            70,144 cdfs.sys.bak
05/10/2006  02:42             2,432 cdr4_xp.sys
05/01/2014  11:47             2,432 cdr4_xp.sys.bak
05/10/2006  02:42             2,560 cdralw2k.sys
05/01/2014  11:47             2,560 cdralw2k.sys.bak
11/04/2009  04:39            67,072 cdrom.sys
05/01/2014  11:47            67,072 cdrom.sys.bak
02/11/2006  08:55            35,328 circlass.sys
05/01/2014  11:47            35,328 circlass.sys.bak
11/04/2009  06:32           125,928 Classpnp.sys
05/01/2014  11:47           125,928 Classpnp.sys.bak
19/01/2008  05:32            14,208 CmBatt.sys
05/01/2014  11:47            14,208 CmBatt.sys.bak
02/11/2006  09:49            16,488 cmdide.sys
05/01/2014  11:47            16,488 cmdide.sys.bak
19/01/2008  07:41            20,792 compbatt.sys
05/01/2014  11:48            20,792 compbatt.sys.bak
11/04/2009  06:32            35,304 crashdmp.sys
05/01/2014  11:48            35,304 crashdmp.sys.bak
02/11/2006  09:49            22,632 crcdisk.sys
05/01/2014  11:48            22,632 crcdisk.sys.bak
02/11/2006  08:30            38,912 crusoe.sys
05/01/2014  11:48            38,912 crusoe.sys.bak
14/04/2011  14:59            75,264 dfsc.sys
05/01/2014  11:48            75,264 dfsc.sys.bak
11/04/2009  06:32            53,736 disk.sys
05/01/2014  11:48            53,736 disk.sys.bak
11/04/2009  04:39            19,456 Diskdump.sys
05/01/2014  11:48            19,456 Diskdump.sys.bak
02/11/2006  09:50            71,272 djsvs.sys
05/01/2014  11:48            71,272 djsvs.sys.bak
02/11/2006  13:29            21,264 DKbFltr.sys
05/01/2014  11:48            21,264 DKbFltr.sys.bak
19/01/2008  05:49           131,584 Dot4.sys
05/01/2014  11:48           131,584 Dot4.sys.bak
19/01/2008  05:49            16,384 Dot4Prt.sys
05/01/2014  11:48            16,384 Dot4Prt.sys.bak
19/01/2008  05:49            36,864 Dot4usb.sys
05/01/2014  11:48            36,864 Dot4usb.sys.bak
30/10/2013  01:43           130,048 drmk.sys
05/01/2014  11:48           130,048 drmk.sys.bak
19/01/2008  05:53             5,632 drmkaud.sys
05/01/2014  11:48             5,632 drmkaud.sys.bak
11/04/2009  06:32            27,624 Dumpata.sys
05/01/2014  11:48            27,624 Dumpata.sys.bak
19/01/2008  05:36            13,312 dxapi.sys
05/01/2014  11:48            13,312 dxapi.sys.bak
11/04/2009  04:23            76,288 dxg.sys
05/01/2014  11:48            76,288 dxg.sys.bak
01/08/2013  03:16           638,400 dxgkrnl.sys
05/01/2014  11:48           638,400 dxgkrnl.sys.bak
02/11/2006  07:30           117,760 E1G60I32.sys
05/01/2014  11:48           117,760 E1G60I32.sys.bak
11/04/2009  06:32           141,288 ecache.sys
05/01/2014  11:48           141,288 ecache.sys.bak
02/11/2006  09:51           316,520 elxstor.sys
05/01/2014  11:48           316,520 elxstor.sys.bak
25/10/2006  06:36            62,208 EMS7SK.sys
05/01/2014  11:48            62,208 EMS7SK.sys.bak
14/12/2012  17:43    <DIR>          en-US
25/10/2006  06:36            42,240 ESD7SK.sys
05/01/2014  11:48            42,240 ESD7SK.sys.bak
25/10/2006  06:36            76,928 ESM7SK.sys
05/01/2014  11:48            76,928 ESM7SK.sys.bak
17/01/2012  12:01    <DIR>          etc
11/04/2009  04:13           136,704 exfat.sys
05/01/2014  11:48           136,704 exfat.sys.bak
11/04/2009  04:13           142,848 fastfat.sys
05/01/2014  11:48           142,848 fastfat.sys.bak
02/11/2006  08:51            25,088 fdc.sys
05/01/2014  11:48            25,088 fdc.sys.bak
19/01/2008  07:42            58,936 fileinfo.sys
05/01/2014  11:48            58,936 fileinfo.sys.bak
19/01/2008  05:30            27,648 filetrace.sys
05/01/2014  11:48            27,648 filetrace.sys.bak
02/11/2006  08:51            20,480 flpydisk.sys
05/01/2014  11:48            20,480 flpydisk.sys.bak
11/04/2009  06:32           190,424 fltMgr.sys
05/01/2014  11:48           190,424 fltMgr.sys.bak
29/02/2012  13:32            12,800 fs_rec.sys
05/01/2014  11:48            12,800 fs_rec.sys.bak
11/04/2009  06:32            99,816 FWPKCLNT.SYS
05/01/2014  11:48            99,816 FWPKCLNT.SYS.bak
02/11/2006  09:50            58,984 GAGP30KX.SYS
05/01/2014  11:48            58,984 GAGP30KX.SYS.bak
21/08/2012  13:01            26,840 GEARAspiWDM.sys
05/01/2014  11:48            26,840 GEARAspiWDM.sys.bak
18/09/2006  21:26         3,440,660 gm.dls
18/09/2006  21:26               646 gmreadme.txt
11/04/2009  04:42           561,152 hdaudbus.sys
05/01/2014  11:48           561,152 hdaudbus.sys.bak
02/11/2006  07:36           235,520 HdAudio.sys
05/01/2014  11:48           235,520 HdAudio.sys.bak
02/11/2006  08:55            29,184 hidbth.sys
05/01/2014  11:48            29,184 hidbth.sys.bak
11/04/2009  04:42            39,424 hidclass.sys
05/01/2014  11:48            39,424 hidclass.sys.bak
02/11/2006  08:55            21,504 hidir.sys
05/01/2014  11:48            21,504 hidir.sys.bak
03/07/2013  02:10            25,472 hidparse.sys
05/01/2014  11:48            25,472 hidparse.sys.bak
11/04/2009  04:42            12,800 hidusb.sys
05/01/2014  11:48            12,800 hidusb.sys.bak
02/11/2006  09:50            37,480 HpCISSs.sys
05/01/2014  11:48            37,480 HpCISSs.sys.bak
09/11/2006  02:10           144,201 HSFProf.cty
17/10/2006  19:08           659,968 HSX_CNXT.sys
05/01/2014  11:48           659,968 HSX_CNXT.sys.bak
17/10/2006  19:09           986,624 HSX_DPV.sys
05/01/2014  11:48           986,624 HSX_DPV.sys.bak
17/10/2006  19:08           206,848 HSXHWAZL.sys
05/01/2014  11:48           206,848 HSXHWAZL.sys.bak
20/02/2010  20:53           411,648 http.sys
05/01/2014  11:48           411,648 http.sys.bak
02/11/2006  09:49            16,488 i2omgmt.sys
05/01/2014  11:48            16,488 i2omgmt.sys.bak
02/11/2006  09:49            27,752 i2omp.sys
05/01/2014  11:48            27,752 i2omp.sys.bak
19/01/2008  05:49            54,784 i8042prt.sys
05/01/2014  11:48            54,784 i8042prt.sys.bak
02/11/2006  09:51           232,040 iaStorV.sys
05/01/2014  11:48           232,040 iaStorV.sys.bak
11/02/2008  17:36         2,302,976 igdkmd32.sys
05/01/2014  11:48         2,302,976 igdkmd32.sys.bak
02/11/2006  09:50            41,576 iirsp.sys
05/01/2014  11:48            41,576 iirsp.sys.bak
25/04/2007  02:15            76,584 int15.sys
05/01/2014  11:48            76,584 int15.sys.bak
25/04/2007  02:15            15,656 int15_64.sys
05/01/2014  11:48            15,656 int15_64.sys.bak
19/01/2008  07:41            17,976 intelide.sys
05/01/2014  11:48            17,976 intelide.sys.bak
19/01/2008  05:27            41,472 intelppm.sys
05/01/2014  11:48            41,472 intelppm.sys.bak
19/01/2008  05:56            47,616 ipfltdrv.sys
05/01/2014  11:48            47,616 ipfltdrv.sys.bak
02/11/2006  08:42            65,536 IPMIDrv.sys
05/01/2014  11:48            65,536 IPMIDrv.sys.bak
19/01/2008  05:56           100,864 ipnat.sys
05/01/2014  11:48           100,864 ipnat.sys.bak
19/01/2008  05:55            95,744 irda.sys
05/01/2014  11:48            95,744 irda.sys.bak
19/01/2008  05:55            13,312 irenum.sys
05/01/2014  11:48            13,312 irenum.sys.bak
02/11/2006  09:50            47,208 isapnp.sys
05/01/2014  11:48            47,208 isapnp.sys.bak
02/11/2006  09:50            35,944 iteatapi.sys
05/01/2014  11:48            35,944 iteatapi.sys.bak
02/11/2006  09:50            35,944 iteraid.sys
05/01/2014  11:48            35,944 iteraid.sys.bak
19/01/2008  07:41            35,384 kbdclass.sys
05/01/2014  11:48            35,384 kbdclass.sys.bak
11/04/2009  04:38            17,408 kbdhid.sys
05/01/2014  11:48            17,408 kbdhid.sys.bak
04/01/2014  14:17           135,776 kl1.sys
08/06/2013  20:18            94,304 klflt.sys
04/01/2014  14:17           574,560 klif.sys
11/10/2013  13:25            25,696 klim6.sys
11/10/2013  13:25            25,696 klkbdflt.sys
11/10/2013  13:25            25,696 klmouflt.sys
12/04/2013  15:34            14,432 klpd.sys
14/05/2013  17:34            45,024 kltdi.sys
04/01/2014  14:17           144,992 kneps.sys
11/04/2009  04:38           149,504 ks.sys
05/01/2014  11:48           149,504 ks.sys.bak
04/06/2012  15:26           440,704 ksecdd.sys
05/01/2014  11:48           440,704 ksecdd.sys.bak
19/01/2008  05:55            47,104 lltdio.sys
05/01/2014  11:48            47,104 lltdio.sys.bak
29/11/2012  11:56            10,144 lmimirr.sys
05/01/2014  11:48            10,144 lmimirr.sys.bak
29/11/2012  11:56            47,640 LMIRfsDriver.sys
05/01/2014  11:48            47,640 LMIRfsDriver.sys.bak
02/11/2006  09:50            65,640 lsi_fc.sys
05/01/2014  11:48            65,640 lsi_fc.sys.bak
02/11/2006  09:50            65,640 lsi_sas.sys
05/01/2014  11:48            65,640 lsi_sas.sys.bak
02/11/2006  09:50            65,640 lsi_scsi.sys
05/01/2014  11:48            65,640 lsi_scsi.sys.bak
19/01/2008  05:30            84,480 luafv.sys
05/01/2014  11:48            84,480 luafv.sys.bak
26/07/2008  06:44            69,592 LVFaL000.cfg
26/07/2008  06:44           227,172 LVFeL000.cfg
26/07/2008  06:44           146,680 LVFeL001.cfg
26/07/2008  06:44            85,302 LVFeL002.cfg
04/04/2013  14:50            22,856 mbam.sys
05/01/2014  11:48            22,856 mbam.sys.bak
19/01/2008  05:49            18,944 mcd.sys
05/01/2014  11:48            18,944 mcd.sys.bak
19/06/2006  21:26            12,672 mdmxsdk.sys
05/01/2014  11:48            12,672 mdmxsdk.sys.bak
02/11/2006  09:49            28,776 megasas.sys
05/01/2014  11:48            28,776 megasas.sys.bak
19/01/2008  05:57            31,744 modem.sys
05/01/2014  11:48            31,744 modem.sys.bak
19/01/2008  05:52            41,984 monitor.sys
05/01/2014  11:48            41,984 monitor.sys.bak
19/01/2008  07:41            34,360 mouclass.sys
05/01/2014  11:48            34,360 mouclass.sys.bak
19/01/2008  05:49            15,872 mouhid.sys
05/01/2014  11:48            15,872 mouhid.sys.bak
19/01/2008  07:42            57,400 mountmgr.sys
05/01/2014  11:48            57,400 mountmgr.sys.bak
02/11/2006  09:50            78,952 mpio.sys
05/01/2014  11:48            78,952 mpio.sys.bak
19/01/2008  05:54            64,000 mpsdrv.sys
05/01/2014  11:48            64,000 mpsdrv.sys.bak
02/11/2006  09:49            33,384 Mraid35x.sys
05/01/2014  11:48            33,384 Mraid35x.sys.bak
11/04/2009  04:14           114,688 mrxdav.sys
05/01/2014  11:48           114,688 mrxdav.sys.bak
29/04/2011  13:24           106,496 mrxsmb.sys
05/01/2014  11:48           106,496 mrxsmb.sys.bak
06/07/2011  15:31           214,016 mrxsmb10.sys
05/01/2014  11:48           214,016 mrxsmb10.sys.bak
29/04/2011  13:24            79,872 mrxsmb20.sys
05/01/2014  11:48            79,872 mrxsmb20.sys.bak
02/11/2006  09:49            23,144 msahci.sys
05/01/2014  11:48            23,144 msahci.sys.bak
02/11/2006  09:50            80,488 msdsm.sys
05/01/2014  11:48            80,488 msdsm.sys.bak
19/01/2008  05:28            22,528 msfs.sys
05/01/2014  11:48            22,528 msfs.sys.bak
14/09/2008  21:08                 0 Msft_Kernel_ccdcmb_01005.Wdf
27/01/2009  13:46                 0 Msft_Kernel_ccdcmb_01007.Wdf
21/06/2011  12:37                 0 Msft_Kernel_ccdcmb_01009.Wdf
22/03/2007  10:34                 0 Msft_Kernel_SynTP_01000.Wdf
14/09/2008  21:08                 0 Msft_User_PCCSWpdDriver_01_05_00.Wdf
07/03/2012  16:32                 0 Msft_User_PCCSWpdDriver_01_09_00.Wdf
22/03/2008  12:34                 0 Msft_User_WpdFs_01_00_00.Wdf
18/11/2009  03:43                 0 Msft_User_WpdFs_01_07_00.Wdf
10/07/2008  19:50                 0 Msft_User_WpdMtpDr_01_00_00.Wdf
18/11/2009  03:43                 0 Msft_User_WpdMtpDr_01_07_00.Wdf
21/06/2011  12:37                 0 MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
02/06/2012  14:57                 3 MsftWdf_User_01_11_00_Inbox_Critical.Wdf
19/01/2008  07:41            16,440 msisadrv.sys
05/01/2014  11:48            16,440 msisadrv.sys.bak
11/04/2009  06:32           180,712 msiscsi.sys
05/01/2014  11:48           180,712 msiscsi.sys.bak
19/01/2008  05:49             8,192 mskssrv.sys
05/01/2014  11:48             8,192 mskssrv.sys.bak
19/01/2008  05:49             5,888 mspclock.sys
05/01/2014  11:48             5,888 mspclock.sys.bak
19/01/2008  05:49             5,504 mspqm.sys
05/01/2014  11:48             5,504 mspqm.sys.bak
11/04/2009  06:32           161,752 msrpc.sys
05/01/2014  11:48           161,752 msrpc.sys.bak
19/01/2008  07:41            31,288 mssmbios.sys
05/01/2014  11:48            31,288 mssmbios.sys.bak
19/01/2008  05:49             6,016 mstee.sys
05/01/2014  11:48             6,016 mstee.sys.bak
11/04/2009  06:32            48,104 mup.sys
05/01/2014  11:48            48,104 mup.sys.bak
11/04/2009  06:32           527,848 ndis.sys
05/01/2014  11:48           527,848 ndis.sys.bak
19/01/2008  05:56            20,992 ndistapi.sys
05/01/2014  11:48            20,992 ndistapi.sys.bak
19/01/2008  05:55            16,896 ndisuio.sys
05/01/2014  11:48            16,896 ndisuio.sys.bak
11/04/2009  04:46           121,344 ndiswan.sys
05/01/2014  11:48           121,344 ndiswan.sys.bak
19/01/2008  05:56            49,664 ndproxy.sys
05/01/2014  11:48            49,664 ndproxy.sys.bak
19/01/2008  05:55            35,840 netbios.sys
05/01/2014  11:48            35,840 netbios.sys.bak
11/04/2009  04:45           185,856 netbt.sys
05/01/2014  11:48           185,856 netbt.sys.bak
05/04/2010  20:00           221,568 netio.sys
05/01/2014  11:48           221,568 netio.sys.bak
24/02/2007  22:14         2,216,448 NETw4v32.sys
05/01/2014  11:48         2,216,448 NETw4v32.sys.bak
17/11/2008  05:40         3,668,480 NETw5v32.sys
05/01/2014  11:48         3,668,480 NETw5v32.sys.bak
02/11/2006  09:50            45,160 nfrd960.sys
05/01/2014  11:48            45,160 nfrd960.sys.bak
11/04/2009  04:14            35,328 npfs.sys
05/01/2014  11:48            35,328 npfs.sys.bak
19/01/2008  05:55            16,384 nsiproxy.sys
05/01/2014  11:48            16,384 nsiproxy.sys.bak
03/03/2013  19:07         1,082,232 ntfs.sys
05/01/2014  11:48         1,082,232 ntfs.sys.bak
22/03/2007  10:51             6,144 NTIDrvr.sys
05/01/2014  11:48             6,144 NTIDrvr.sys.bak
02/11/2006  07:36            20,608 ntrigdigi.sys
05/01/2014  11:48            20,608 ntrigdigi.sys.bak
19/01/2008  05:49             4,608 null.sys
05/01/2014  11:48             4,608 null.sys.bak
02/11/2006  09:50           106,600 NV_AGP.SYS
05/01/2014  11:48           106,600 NV_AGP.SYS.bak
02/11/2006  09:50            88,680 nvraid.sys
05/01/2014  11:48            88,680 nvraid.sys.bak
02/11/2006  09:50            40,040 nvstor.sys
05/01/2014  11:48            40,040 nvstor.sys.bak
11/04/2009  04:43           148,480 nwifi.sys
05/01/2014  11:48           148,480 nwifi.sys.bak
02/11/2006  08:55            62,080 ohci1394.sys
05/01/2014  11:48            62,080 ohci1394.sys.bak
11/04/2009  04:45            72,192 pacer.sys
05/01/2014  11:48            72,192 pacer.sys.bak
02/11/2006  08:51            79,360 parport.sys
05/01/2014  11:48            79,360 parport.sys.bak
20/03/2012  23:28            53,120 partmgr.sys
05/01/2014  11:48            53,120 partmgr.sys.bak
02/11/2006  08:51             8,704 parvdm.sys
05/01/2014  11:48             8,704 parvdm.sys.bak
26/08/2008  07:26            18,816 pccsmcfd.sys
05/01/2014  11:48            18,816 pccsmcfd.sys.bak
11/04/2009  06:32           149,480 pci.sys
05/01/2014  11:48           149,480 pci.sys.bak
02/11/2006  09:49            13,416 pciide.sys
05/01/2014  11:48            13,416 pciide.sys.bak
11/04/2009  06:32            43,496 pciidex.sys
05/01/2014  11:48            43,496 pciidex.sys.bak
11/04/2009  06:32           177,640 pcmcia.sys
05/01/2014  11:48           177,640 pcmcia.sys.bak
14/08/2009  04:58             7,396 pctcore.cat
02/11/2006  09:04           878,080 PEAuth.sys
05/01/2014  11:48           878,080 PEAuth.sys.bak
30/10/2013  00:43           167,936 portcls.sys
05/01/2014  11:48           167,936 portcls.sys.bak
02/11/2006  08:30            38,400 processr.sys
05/01/2014  11:48            38,400 processr.sys.bak
07/02/2007  07:04            20,264 psdfilter.sys
05/01/2014  11:48            20,264 psdfilter.sys.bak
20/11/2008  19:19            43,872 pxhelp20.sys
05/01/2014  11:48            43,872 pxhelp20.sys.bak
02/11/2006  09:51           900,712 ql2300.sys
05/01/2014  11:48           900,712 ql2300.sys.bak
02/11/2006  09:50           106,088 ql40xx.sys
05/01/2014  11:48           106,088 ql40xx.sys.bak
19/01/2008  05:56            31,232 qwavedrv.sys
05/01/2014  11:48            31,232 qwavedrv.sys.bak
19/01/2008  05:56            11,776 rasacd.sys
05/01/2014  11:48            11,776 rasacd.sys.bak
19/01/2008  05:56            76,288 rasl2tp.sys
05/01/2014  11:48            76,288 rasl2tp.sys.bak
11/04/2009  04:46            41,472 raspppoe.sys
05/01/2014  11:48            41,472 raspppoe.sys.bak
19/01/2008  05:56            62,976 raspptp.sys
05/01/2014  11:48            62,976 raspptp.sys.bak
11/04/2009  04:46            69,120 rassstp.sys
05/01/2014  11:48            69,120 rassstp.sys.bak
11/04/2009  04:14           225,280 rdbss.sys
05/01/2014  11:48           225,280 rdbss.sys.bak
19/01/2008  06:01             6,144 RDPCDD.sys
05/01/2014  11:48             6,144 RDPCDD.sys.bak
02/11/2006  09:03           242,688 rdpdr.sys
05/01/2014  11:48           242,688 rdpdr.sys.bak
19/01/2008  06:01             6,144 RDPENCDD.sys
05/01/2014  11:48             6,144 RDPENCDD.sys.bak
01/05/2012  14:03           180,736 rdpwd.sys
05/01/2014  11:48           180,736 rdpwd.sys.bak
11/04/2009  04:45           113,664 rmcast.sys
05/01/2014  11:48           113,664 rmcast.sys.bak
11/04/2009  04:46            33,280 RNDISMP.sys
05/01/2014  11:48            33,280 RNDISMP.sys.bak
19/01/2008  05:57             8,192 rootmdm.sys
05/01/2014  11:48             8,192 rootmdm.sys.bak
19/01/2008  05:55            60,416 rspndr.sys
05/01/2014  11:48            60,416 rspndr.sys.bak
01/03/2007  08:21         1,744,928 RTKVHDA.sys
05/01/2014  11:48         1,744,928 RTKVHDA.sys.bak
02/11/2006  09:50            76,392 sbp2port.sys
05/01/2014  11:48            76,392 sbp2port.sys.bak
19/01/2008  07:42           142,904 scsiport.sys
05/01/2014  11:48           142,904 scsiport.sys.bak
11/04/2009  04:19            89,088 sdbus.sys
05/01/2014  11:48            89,088 sdbus.sys.bak
02/11/2006  06:37            20,480 secdrv.sys
05/01/2014  11:48            20,480 secdrv.sys.bak
02/11/2006  08:51            17,920 serenum.sys
05/01/2014  11:48            17,920 serenum.sys.bak
02/11/2006  08:51            83,456 serial.sys
05/01/2014  11:48            83,456 serial.sys.bak
19/01/2008  05:49            19,968 sermouse.sys
05/01/2014  11:48            19,968 sermouse.sys.bak
02/11/2006  08:51            13,312 sffdisk.sys
05/01/2014  11:48            13,312 sffdisk.sys.bak
02/11/2006  08:51            12,800 sffp_mmc.sys
05/01/2014  11:48            12,800 sffp_mmc.sys.bak
02/11/2006  08:51            12,800 sffp_sd.sys
05/01/2014  11:48            12,800 sffp_sd.sys.bak
02/11/2006  08:51            13,312 sfloppy.sys
05/01/2014  11:48            13,312 sfloppy.sys.bak
02/11/2006  09:49            53,352 SISAGP.SYS
05/01/2014  11:48            53,352 SISAGP.SYS.bak
02/11/2006  09:50            38,504 sisraid2.sys
05/01/2014  11:48            38,504 sisraid2.sys.bak
02/11/2006  09:50            71,784 sisraid4.sys
05/01/2014  11:48            71,784 sisraid4.sys.bak
11/04/2009  04:45            66,560 smb.sys
05/01/2014  11:48            66,560 smb.sys.bak
19/01/2008  05:49            17,408 smclib.sys
05/01/2014  11:48            17,408 smclib.sys.bak
19/01/2008  07:41            21,048 spldr.sys
05/01/2014  11:48            21,048 spldr.sys.bak
11/04/2009  02:52           684,032 spsys.sys
05/01/2014  11:48           684,032 spsys.sys.bak
18/02/2011  14:03           305,152 srv.sys
05/01/2014  11:48           305,152 srv.sys.bak
29/04/2011  13:25           146,432 srv2.sys
05/01/2014  11:48           146,432 srv2.sys.bak
29/04/2011  13:25           102,400 srvnet.sys
05/01/2014  11:48           102,400 srvnet.sys.bak
11/04/2009  06:32           122,344 Storport.sys
05/01/2014  11:48           122,344 Storport.sys.bak
11/04/2009  04:42            52,992 stream.sys
05/01/2014  11:48            52,992 stream.sys.bak
19/01/2008  07:41            15,288 swenum.sys
05/01/2014  11:48            15,288 swenum.sys.bak
02/11/2006  09:49            31,848 sym_hi.sys
05/01/2014  11:48            31,848 sym_hi.sys.bak
02/11/2006  09:50            34,920 sym_u3.sys
05/01/2014  11:48            34,920 sym_u3.sys.bak
02/11/2006  09:50            35,944 symc8xx.sys
05/01/2014  11:48            35,944 symc8xx.sys.bak
23/10/2006  03:17           179,896 SynTP.sys
05/01/2014  11:48           179,896 SynTP.sys.bak
19/01/2008  05:49            24,576 tape.sys
05/01/2014  11:48            24,576 tape.sys.bak
05/07/2013  03:20           914,880 tcpip.sys
05/01/2014  11:48           914,880 tcpip.sys.bak
05/07/2013  01:43            31,232 tcpipreg.sys
05/01/2014  11:48            31,232 tcpipreg.sys.bak
19/01/2008  05:57            20,992 tdi.sys
05/01/2014  11:48            20,992 tdi.sys.bak
19/01/2008  06:01            17,920 tdpipe.sys
05/01/2014  11:48            17,920 tdpipe.sys.bak
19/01/2008  06:01            29,184 tdtcp.sys
05/01/2014  11:48            29,184 tdtcp.sys.bak
11/04/2009  04:45            72,192 tdx.sys
05/01/2014  11:48            72,192 tdx.sys.bak
11/04/2009  06:32            53,224 termdd.sys
05/01/2014  11:48            53,224 termdd.sys.bak
21/05/2009  22:58           287,608 Tmfilter.sys
05/01/2014  11:48           287,608 Tmfilter.sys.bak
15/06/2013  11:23            24,064 tssecsrv.sys
05/01/2014  11:48            24,064 tssecsrv.sys.bak
19/01/2008  05:55            15,360 TUNMP.SYS
05/01/2014  11:48            15,360 TUNMP.SYS.bak
18/02/2010  11:28            25,088 tunnel.sys
05/01/2014  11:48            25,088 tunnel.sys.bak
02/11/2006  09:49            56,936 UAGP35.SYS
05/01/2014  11:48            56,936 UAGP35.SYS.bak
11/04/2009  04:13           226,816 udfs.sys
05/01/2014  11:48           226,816 udfs.sys.bak
02/11/2006  09:50            58,472 ULIAGPKX.SYS
05/01/2014  11:48            58,472 ULIAGPKX.SYS.bak
02/11/2006  09:51           235,112 uliahci.sys
05/01/2014  11:48           235,112 uliahci.sys.bak
02/11/2006  09:50            98,408 ulsata.sys
05/01/2014  11:48            98,408 ulsata.sys.bak
02/11/2006  09:50           115,816 ulsata2.sys
05/01/2014  11:48           115,816 ulsata2.sys.bak
19/01/2008  05:53            34,816 umbus.sys
05/01/2014  11:48            34,816 umbus.sys.bak
02/03/2012  17:38    <DIR>          UMDF
19/01/2008  05:53             7,680 umpass.sys
05/01/2014  11:48             7,680 umpass.sys.bak
12/02/2013  01:57            15,872 usb8023.sys
05/01/2014  11:48            15,872 usb8023.sys.bak
13/12/2012  13:50            45,056 usbaapl.sys
05/01/2014  11:48            45,056 usbaapl.sys.bak
11/04/2009  04:42            73,216 USBAUDIO.sys
05/01/2014  11:48            73,216 USBAUDIO.sys.bak
11/04/2009  04:42            25,856 USBCAMD.sys
05/01/2014  11:48            25,856 USBCAMD.sys.bak
11/04/2009  04:42            25,856 USBCAMD2.sys
05/01/2014  11:48            25,856 USBCAMD2.sys.bak
29/06/2013  02:07            73,216 usbccgp.sys
05/01/2014  11:48            73,216 usbccgp.sys.bak
02/11/2006  08:55            68,608 usbcir.sys
05/01/2014  11:48            68,608 usbcir.sys.bak
29/06/2013  02:06             6,016 usbd.sys
05/01/2014  11:48             6,016 usbd.sys.bak
05/05/2011  13:54            39,936 usbehci.sys
05/01/2014  11:48            39,936 usbehci.sys.bak
29/06/2013  02:07           197,632 usbhub.sys
05/01/2014  11:48           197,632 usbhub.sys.bak
02/11/2006  08:55            19,456 usbohci.sys
05/01/2014  11:48            19,456 usbohci.sys.bak
29/06/2013  02:07           226,304 usbport.sys
05/01/2014  11:48           226,304 usbport.sys.bak
19/01/2008  06:14            18,944 usbprint.sys
05/01/2014  11:48            18,944 usbprint.sys.bak
03/07/2013  02:33            35,328 usbscan.sys
05/01/2014  11:48            35,328 usbscan.sys.bak
29/08/2013  07:56            27,648 usbser.sys
05/01/2014  11:48            27,648 usbser.sys.bak
30/07/2010  12:16             8,192 usbser_lowerflt.sys
05/01/2014  11:48             8,192 usbser_lowerflt.sys.bak
30/07/2010  12:16             8,192 usbser_lowerfltj.sys
05/01/2014  11:48             8,192 usbser_lowerfltj.sys.bak
11/04/2009  04:42            65,536 USBSTOR.SYS
05/01/2014  11:48            65,536 USBSTOR.SYS.bak
05/05/2011  13:54            23,552 usbuhci.sys
05/01/2014  11:48            23,552 usbuhci.sys.bak
19/01/2008  05:52            25,088 vga.sys
05/01/2014  11:48            25,088 vga.sys.bak
02/11/2006  08:53            26,112 vgapnp.sys
05/01/2014  11:48            26,112 vgapnp.sys.bak
02/11/2006  09:49            54,376 VIAAGP.SYS
05/01/2014  11:48            54,376 VIAAGP.SYS.bak
02/11/2006  08:30            39,424 viac7.sys
05/01/2014  11:48            39,424 viac7.sys.bak
02/11/2006  09:49            17,512 viaide.sys
05/01/2014  11:48            17,512 viaide.sys.bak
19/01/2008  05:52           110,080 videoprt.sys
05/01/2014  11:48           110,080 videoprt.sys.bak
19/01/2008  07:42            52,792 volmgr.sys
05/01/2014  11:48            52,792 volmgr.sys.bak
11/04/2009  06:33           292,840 volmgrx.sys
05/01/2014  11:48           292,840 volmgrx.sys.bak
21/08/2012  11:47           224,640 volsnap.sys
05/01/2014  11:48           224,640 volsnap.sys.bak
02/11/2006  09:50           112,232 vsmraid.sys
05/01/2014  11:48           112,232 vsmraid.sys.bak
02/11/2006  07:41           200,704 VSTAZL3.SYS
05/01/2014  11:48           200,704 VSTAZL3.SYS.bak
02/11/2006  07:41           654,336 VSTCNXT3.SYS
05/01/2014  11:48           654,336 VSTCNXT3.SYS.bak
18/09/2006  21:42           133,972 VSTDProf.cty
02/11/2006  07:41           987,648 VSTDPV3.SYS
05/01/2014  11:48           987,648 VSTDPV3.SYS.bak
18/09/2006  21:42           133,528 VSTEProf.cty
05/01/2008  11:33           141,611 VSTProf.cty
18/09/2006  21:42           141,572 VSTSProf.cty
02/11/2006  08:52            20,608 wacompen.sys
05/01/2014  11:48            20,608 wacompen.sys.bak
19/01/2008  05:56            62,464 wanarp.sys
05/01/2014  11:48            62,464 wanarp.sys.bak
11/04/2009  04:22            33,280 watchdog.sys
05/01/2014  11:48            33,280 watchdog.sys.bak
02/11/2006  09:49            19,560 wd.sys
05/01/2014  11:48            19,560 wd.sys.bak
26/06/2013  23:01           527,064 Wdf01000.sys
05/01/2014  11:48           527,064 Wdf01000.sys.bak
26/07/2012  03:39            47,720 WdfLdr.sys
05/01/2014  11:48            47,720 WdfLdr.sys.bak
19/01/2008  05:32            11,264 wmiacpi.sys
05/01/2014  11:48            11,264 wmiacpi.sys.bak
19/01/2008  07:41            17,976 wmilib.sys
05/01/2014  11:48            17,976 wmilib.sys.bak
01/10/2009  01:01            40,448 WpdUsb.sys
05/01/2014  11:48            40,448 WpdUsb.sys.bak
19/01/2008  05:56            15,872 ws2ifsl.sys
05/01/2014  11:48            15,872 ws2ifsl.sys.bak
26/07/2012  02:33            66,560 WUDFPf.sys
05/01/2014  11:48            66,560 WUDFPf.sys.bak
26/07/2012  02:32           155,136 WUDFRd.sys
05/01/2014  11:48           155,136 WUDFRd.sys.bak
05/08/2006  00:39           386,560 XAudio.exe
05/08/2006  00:39             8,192 XAudio.sys
05/01/2014  11:48             8,192 XAudio.sys.bak
             631 File(s)     85,601,763 bytes
               5 Dir(s)   7,790,522,368 bytes free
 

 



#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:31 PM

Posted 05 January 2014 - 09:56 PM

Download the enclosed file.

 

Save it in the same location FRST is saved.

 

Run FRST and click on the Fix button. Wait until finished.

 

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt
 

 

bf_new.gif Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 06 January 2014 - 05:07 PM

Hi. Thanks. Here are the logs:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-01-2014
Ran by Elizabeth Penny at 2014-01-06 20:05:39 Run:1
Running from C:\Users\Elizabeth Penny\Desktop\FRST
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
 
 
 
Start
C:\Users\Elizabeth Penny\AppData\Local\Temp\lowproc.exe
C:\Users\Elizabeth Penny\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Elizabeth Penny\AppData\Local\Temp\stubhelper.dll
C:\Users\Guest\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Guest\AppData\Local\Temp\symlcsv1.exe
C:\ProgramData\ezsid.dat
CMD: Dir /a /b C:\Windows\system32\Drivers\*.bak
End
*****************
 
C:\Users\Elizabeth Penny\AppData\Local\Temp\lowproc.exe => Moved successfully.
C:\Users\Elizabeth Penny\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\Elizabeth Penny\AppData\Local\Temp\RtkBtMnt.exe => Moved successfully.
C:\Users\Elizabeth Penny\AppData\Local\Temp\stubhelper.dll => Moved successfully.
Could not move "C:\Users\Guest\AppData\Local\Temp\RtkBtMnt.exe" => Scheduled to move on reboot.
C:\Users\Guest\AppData\Local\Temp\symlcsv1.exe => Moved successfully.
C:\ProgramData\ezsid.dat => Moved successfully.
 
=========  Dir /a /b C:\Windows\system32\Drivers\*.bak =========
 
1394bus.sys.bak
acpi.sys.bak
adp94xx.sys.bak
adpahci.sys.bak
adpu160m.sys.bak
adpu320.sys.bak
afd.sys.bak
AGP440.sys.bak
alcacr.sys.bak
alcaudsl.sys.bak
alcawh.sys.bak
aliide.sys.bak
AMDAGP.SYS.bak
amdide.sys.bak
amdk7.sys.bak
amdk8.sys.bak
arc.sys.bak
arcsas.sys.bak
asyncmac.sys.bak
atapi.sys.bak
ataport.sys.bak
avgtpx86.sys.bak
battc.sys.bak
bcm4sbxp.sys.bak
BCMWL6.SYS.bak
bdasup.sys.bak
beep.sys.bak
bowser.sys.bak
BrFiltLo.sys.bak
BrFiltUp.sys.bak
bridge.sys.bak
BrSerId.sys.bak
BrSerWdm.sys.bak
BrUsbMdm.sys.bak
BrUsbSer.sys.bak
bthmodem.sys.bak
BVRPMPR5.SYS.bak
ccdcmb.sys.bak
ccdcmbo.sys.bak
cdfs.sys.bak
cdr4_xp.sys.bak
cdralw2k.sys.bak
cdrom.sys.bak
circlass.sys.bak
Classpnp.sys.bak
CmBatt.sys.bak
cmdide.sys.bak
compbatt.sys.bak
crashdmp.sys.bak
crcdisk.sys.bak
crusoe.sys.bak
dfsc.sys.bak
disk.sys.bak
Diskdump.sys.bak
djsvs.sys.bak
DKbFltr.sys.bak
Dot4.sys.bak
Dot4Prt.sys.bak
Dot4usb.sys.bak
drmk.sys.bak
drmkaud.sys.bak
Dumpata.sys.bak
dxapi.sys.bak
dxg.sys.bak
dxgkrnl.sys.bak
E1G60I32.sys.bak
ecache.sys.bak
elxstor.sys.bak
EMS7SK.sys.bak
ESD7SK.sys.bak
ESM7SK.sys.bak
exfat.sys.bak
fastfat.sys.bak
fdc.sys.bak
fileinfo.sys.bak
filetrace.sys.bak
flpydisk.sys.bak
fltMgr.sys.bak
fs_rec.sys.bak
FWPKCLNT.SYS.bak
GAGP30KX.SYS.bak
GEARAspiWDM.sys.bak
hdaudbus.sys.bak
HdAudio.sys.bak
hidbth.sys.bak
hidclass.sys.bak
hidir.sys.bak
hidparse.sys.bak
hidusb.sys.bak
HpCISSs.sys.bak
HSXHWAZL.sys.bak
HSX_CNXT.sys.bak
HSX_DPV.sys.bak
http.sys.bak
i2omgmt.sys.bak
i2omp.sys.bak
i8042prt.sys.bak
iaStorV.sys.bak
igdkmd32.sys.bak
iirsp.sys.bak
int15.sys.bak
int15_64.sys.bak
intelide.sys.bak
intelppm.sys.bak
ipfltdrv.sys.bak
IPMIDrv.sys.bak
ipnat.sys.bak
irda.sys.bak
irenum.sys.bak
isapnp.sys.bak
iteatapi.sys.bak
iteraid.sys.bak
kbdclass.sys.bak
kbdhid.sys.bak
ks.sys.bak
ksecdd.sys.bak
lltdio.sys.bak
lmimirr.sys.bak
LMIRfsDriver.sys.bak
lsi_fc.sys.bak
lsi_sas.sys.bak
lsi_scsi.sys.bak
luafv.sys.bak
mbam.sys.bak
mcd.sys.bak
mdmxsdk.sys.bak
megasas.sys.bak
modem.sys.bak
monitor.sys.bak
mouclass.sys.bak
mouhid.sys.bak
mountmgr.sys.bak
mpio.sys.bak
mpsdrv.sys.bak
Mraid35x.sys.bak
mrxdav.sys.bak
mrxsmb.sys.bak
mrxsmb10.sys.bak
mrxsmb20.sys.bak
msahci.sys.bak
msdsm.sys.bak
msfs.sys.bak
msisadrv.sys.bak
msiscsi.sys.bak
mskssrv.sys.bak
mspclock.sys.bak
mspqm.sys.bak
msrpc.sys.bak
mssmbios.sys.bak
mstee.sys.bak
mup.sys.bak
ndis.sys.bak
ndistapi.sys.bak
ndisuio.sys.bak
ndiswan.sys.bak
ndproxy.sys.bak
netbios.sys.bak
netbt.sys.bak
netio.sys.bak
NETw4v32.sys.bak
NETw5v32.sys.bak
nfrd960.sys.bak
npfs.sys.bak
nsiproxy.sys.bak
ntfs.sys.bak
NTIDrvr.sys.bak
ntrigdigi.sys.bak
null.sys.bak
nvraid.sys.bak
nvstor.sys.bak
NV_AGP.SYS.bak
nwifi.sys.bak
ohci1394.sys.bak
pacer.sys.bak
parport.sys.bak
partmgr.sys.bak
parvdm.sys.bak
pccsmcfd.sys.bak
pci.sys.bak
pciide.sys.bak
pciidex.sys.bak
pcmcia.sys.bak
PEAuth.sys.bak
portcls.sys.bak
processr.sys.bak
psdfilter.sys.bak
pxhelp20.sys.bak
ql2300.sys.bak
ql40xx.sys.bak
qwavedrv.sys.bak
rasacd.sys.bak
rasl2tp.sys.bak
raspppoe.sys.bak
raspptp.sys.bak
rassstp.sys.bak
rdbss.sys.bak
RDPCDD.sys.bak
rdpdr.sys.bak
RDPENCDD.sys.bak
rdpwd.sys.bak
rmcast.sys.bak
RNDISMP.sys.bak
rootmdm.sys.bak
rspndr.sys.bak
RTKVHDA.sys.bak
sbp2port.sys.bak
scsiport.sys.bak
sdbus.sys.bak
secdrv.sys.bak
serenum.sys.bak
serial.sys.bak
sermouse.sys.bak
sffdisk.sys.bak
sffp_mmc.sys.bak
sffp_sd.sys.bak
sfloppy.sys.bak
SISAGP.SYS.bak
sisraid2.sys.bak
sisraid4.sys.bak
smb.sys.bak
smclib.sys.bak
spldr.sys.bak
spsys.sys.bak
srv.sys.bak
srv2.sys.bak
srvnet.sys.bak
Storport.sys.bak
stream.sys.bak
swenum.sys.bak
symc8xx.sys.bak
sym_hi.sys.bak
sym_u3.sys.bak
SynTP.sys.bak
tape.sys.bak
tcpip.sys.bak
tcpipreg.sys.bak
tdi.sys.bak
tdpipe.sys.bak
tdtcp.sys.bak
tdx.sys.bak
termdd.sys.bak
Tmfilter.sys.bak
tssecsrv.sys.bak
TUNMP.SYS.bak
tunnel.sys.bak
UAGP35.SYS.bak
udfs.sys.bak
ULIAGPKX.SYS.bak
uliahci.sys.bak
ulsata.sys.bak
ulsata2.sys.bak
umbus.sys.bak
umpass.sys.bak
usb8023.sys.bak
usbaapl.sys.bak
USBAUDIO.sys.bak
USBCAMD.sys.bak
USBCAMD2.sys.bak
usbccgp.sys.bak
usbcir.sys.bak
usbd.sys.bak
usbehci.sys.bak
usbhub.sys.bak
usbohci.sys.bak
usbport.sys.bak
usbprint.sys.bak
usbscan.sys.bak
usbser.sys.bak
usbser_lowerflt.sys.bak
usbser_lowerfltj.sys.bak
USBSTOR.SYS.bak
usbuhci.sys.bak
vga.sys.bak
vgapnp.sys.bak
VIAAGP.SYS.bak
viac7.sys.bak
viaide.sys.bak
videoprt.sys.bak
volmgr.sys.bak
volmgrx.sys.bak
volsnap.sys.bak
vsmraid.sys.bak
VSTAZL3.SYS.bak
VSTCNXT3.SYS.bak
VSTDPV3.SYS.bak
wacompen.sys.bak
wanarp.sys.bak
watchdog.sys.bak
wd.sys.bak
Wdf01000.sys.bak
WdfLdr.sys.bak
wmiacpi.sys.bak
wmilib.sys.bak
WpdUsb.sys.bak
ws2ifsl.sys.bak
WUDFPf.sys.bak
WUDFRd.sys.bak
XAudio.sys.bak
 
========= End of CMD: =========
 
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-01-06 20:07:40)<=
 
C:\Users\Guest\AppData\Local\Temp\RtkBtMnt.exe => Is moved successfully.
 
==== End of Fixlog ====
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Elizabeth Penny on 06/01/2014 at 20:13:19.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/01/2014 at 20:18:06.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
# AdwCleaner v3.016 - Report created 06/01/2014 at 21:08:06
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Elizabeth Penny - ELIZABETHPEN-PC
# Running from : C:\Users\Elizabeth Penny\Desktop\ADW Cleaner\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16526
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\Profiles\1ytdc0ct.default-1388794523538\prefs.js ]
 
 
[ File : C:\Users\Elizabeth Penny\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Elizabeth Penny\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [8964 octets] - [02/11/2013 22:20:12]
AdwCleaner[R2].txt - [1200 octets] - [06/01/2014 21:03:23]
AdwCleaner[S0].txt - [9199 octets] - [02/11/2013 22:21:40]
AdwCleaner[S2].txt - [1121 octets] - [06/01/2014 21:08:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1181 octets] ##########
 
 
 
 


#11 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 06 January 2014 - 05:29 PM

And here is the MBAM log - no malware detected. Do you also need the FRST log too?

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.01.06.07
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Elizabeth Penny :: ELIZABETHPEN-PC [administrator]
 
06/01/2014 22:12:59
mbam-log-2014-01-06 (22-12-59).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 274980
Time elapsed: 10 minute(s), 41 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#12 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 06 January 2014 - 05:31 PM

I have just checked and I still have the Netoo Cooupuoni 6.1 extension in Google Chrome. Should I delete it again?



#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,315 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:10:31 PM

Posted 06 January 2014 - 06:03 PM

Download the enclosed file.

 

Save it in the same location FRST is saved.

 

Run FRST and click on the Fix button. Wait until finished.

 

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

 

 

Please download SystemLook from one of the links below and save it to your Desktop.

32 bit Download Mirror #1
32 bit Download Mirror #2


For 64bit systems, Please download SystemLook from the link below and save it to your Desktop.

64 bit Download Mirror
 

  • Double-click SystemLook.exe (or SystemLook_x64.exe) to run the application.
  • Copy the content of the following quote box into the main textfield:
    :filefind
    Cooupuoni
    
    :Regfind
    Cooupuoni
    
    :Folderfind
    Cooupuoni
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt
 


Edited by JSntgRvr, 06 January 2014 - 06:05 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 06 January 2014 - 07:36 PM

Ok, I'm on the case...

 

I have just spotted a weird file named with a long list of Chinese characters in the FRST folder on my desktop. I also noticed a similar file while using my pen drive on my work laptop yesterday - I just deleted it. I have taken a screen shot, but I guess I can't attach anything here!



#15 penguinlady88

penguinlady88
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 06 January 2014 - 07:43 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-01-2014
Ran by Elizabeth Penny at 2014-01-07 00:40:11 Run:2
Running from C:\Users\Elizabeth Penny\Desktop\FRST
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
C:\Windows\system32\Drivers\1394bus.sys.bak 
C:\Windows\system32\Drivers\acpi.sys.bak 
C:\Windows\system32\Drivers\adp94xx.sys.bak 
C:\Windows\system32\Drivers\adpahci.sys.bak 
C:\Windows\system32\Drivers\adpu160m.sys.bak 
C:\Windows\system32\Drivers\adpu320.sys.bak 
C:\Windows\system32\Drivers\afd.sys.bak 
C:\Windows\system32\Drivers\AGP440.sys.bak 
C:\Windows\system32\Drivers\alcacr.sys.bak 
C:\Windows\system32\Drivers\alcaudsl.sys.bak 
C:\Windows\system32\Drivers\alcawh.sys.bak 
C:\Windows\system32\Drivers\aliide.sys.bak 
C:\Windows\system32\Drivers\AMDAGP.SYS.bak 
C:\Windows\system32\Drivers\amdide.sys.bak 
C:\Windows\system32\Drivers\amdk7.sys.bak 
C:\Windows\system32\Drivers\amdk8.sys.bak 
C:\Windows\system32\Drivers\arc.sys.bak 
C:\Windows\system32\Drivers\arcsas.sys.bak 
C:\Windows\system32\Drivers\asyncmac.sys.bak 
C:\Windows\system32\Drivers\atapi.sys.bak 
C:\Windows\system32\Drivers\ataport.sys.bak 
C:\Windows\system32\Drivers\avgtpx86.sys.bak 
C:\Windows\system32\Drivers\battc.sys.bak 
C:\Windows\system32\Drivers\bcm4sbxp.sys.bak 
C:\Windows\system32\Drivers\BCMWL6.SYS.bak 
C:\Windows\system32\Drivers\bdasup.sys.bak 
C:\Windows\system32\Drivers\beep.sys.bak 
C:\Windows\system32\Drivers\bowser.sys.bak 
C:\Windows\system32\Drivers\BrFiltLo.sys.bak 
C:\Windows\system32\Drivers\BrFiltUp.sys.bak 
C:\Windows\system32\Drivers\bridge.sys.bak 
C:\Windows\system32\Drivers\BrSerId.sys.bak 
C:\Windows\system32\Drivers\BrSerWdm.sys.bak 
C:\Windows\system32\Drivers\BrUsbMdm.sys.bak 
C:\Windows\system32\Drivers\BrUsbSer.sys.bak 
C:\Windows\system32\Drivers\bthmodem.sys.bak 
C:\Windows\system32\Drivers\BVRPMPR5.SYS.bak 
C:\Windows\system32\Drivers\ccdcmb.sys.bak 
C:\Windows\system32\Drivers\ccdcmbo.sys.bak 
C:\Windows\system32\Drivers\cdfs.sys.bak 
C:\Windows\system32\Drivers\cdr4_xp.sys.bak 
C:\Windows\system32\Drivers\cdralw2k.sys.bak 
C:\Windows\system32\Drivers\cdrom.sys.bak 
C:\Windows\system32\Drivers\circlass.sys.bak 
C:\Windows\system32\Drivers\Classpnp.sys.bak 
C:\Windows\system32\Drivers\CmBatt.sys.bak 
C:\Windows\system32\Drivers\cmdide.sys.bak 
C:\Windows\system32\Drivers\compbatt.sys.bak 
C:\Windows\system32\Drivers\crashdmp.sys.bak 
C:\Windows\system32\Drivers\crcdisk.sys.bak 
C:\Windows\system32\Drivers\crusoe.sys.bak 
C:\Windows\system32\Drivers\dfsc.sys.bak 
C:\Windows\system32\Drivers\disk.sys.bak 
C:\Windows\system32\Drivers\Diskdump.sys.bak 
C:\Windows\system32\Drivers\djsvs.sys.bak 
C:\Windows\system32\Drivers\DKbFltr.sys.bak 
C:\Windows\system32\Drivers\Dot4.sys.bak 
C:\Windows\system32\Drivers\Dot4Prt.sys.bak 
C:\Windows\system32\Drivers\Dot4usb.sys.bak 
C:\Windows\system32\Drivers\drmk.sys.bak 
C:\Windows\system32\Drivers\drmkaud.sys.bak 
C:\Windows\system32\Drivers\Dumpata.sys.bak 
C:\Windows\system32\Drivers\dxapi.sys.bak 
C:\Windows\system32\Drivers\dxg.sys.bak 
C:\Windows\system32\Drivers\dxgkrnl.sys.bak 
C:\Windows\system32\Drivers\E1G60I32.sys.bak 
C:\Windows\system32\Drivers\ecache.sys.bak 
C:\Windows\system32\Drivers\elxstor.sys.bak 
C:\Windows\system32\Drivers\EMS7SK.sys.bak 
C:\Windows\system32\Drivers\ESD7SK.sys.bak 
C:\Windows\system32\Drivers\ESM7SK.sys.bak 
C:\Windows\system32\Drivers\exfat.sys.bak 
C:\Windows\system32\Drivers\fastfat.sys.bak 
C:\Windows\system32\Drivers\fdc.sys.bak 
C:\Windows\system32\Drivers\fileinfo.sys.bak 
C:\Windows\system32\Drivers\filetrace.sys.bak 
C:\Windows\system32\Drivers\flpydisk.sys.bak 
C:\Windows\system32\Drivers\fltMgr.sys.bak 
C:\Windows\system32\Drivers\fs_rec.sys.bak 
C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak 
C:\Windows\system32\Drivers\GAGP30KX.SYS.bak 
C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak 
C:\Windows\system32\Drivers\hdaudbus.sys.bak 
C:\Windows\system32\Drivers\HdAudio.sys.bak 
C:\Windows\system32\Drivers\hidbth.sys.bak 
C:\Windows\system32\Drivers\hidclass.sys.bak 
C:\Windows\system32\Drivers\hidir.sys.bak 
C:\Windows\system32\Drivers\hidparse.sys.bak 
C:\Windows\system32\Drivers\hidusb.sys.bak 
C:\Windows\system32\Drivers\HpCISSs.sys.bak 
C:\Windows\system32\Drivers\HSXHWAZL.sys.bak 
C:\Windows\system32\Drivers\HSX_CNXT.sys.bak 
C:\Windows\system32\Drivers\HSX_DPV.sys.bak 
C:\Windows\system32\Drivers\http.sys.bak 
C:\Windows\system32\Drivers\i2omgmt.sys.bak 
C:\Windows\system32\Drivers\i2omp.sys.bak 
C:\Windows\system32\Drivers\i8042prt.sys.bak 
C:\Windows\system32\Drivers\iaStorV.sys.bak 
C:\Windows\system32\Drivers\igdkmd32.sys.bak 
C:\Windows\system32\Drivers\iirsp.sys.bak 
C:\Windows\system32\Drivers\int15.sys.bak 
C:\Windows\system32\Drivers\int15_64.sys.bak 
C:\Windows\system32\Drivers\intelide.sys.bak 
C:\Windows\system32\Drivers\intelppm.sys.bak 
C:\Windows\system32\Drivers\ipfltdrv.sys.bak 
C:\Windows\system32\Drivers\IPMIDrv.sys.bak 
C:\Windows\system32\Drivers\ipnat.sys.bak 
C:\Windows\system32\Drivers\irda.sys.bak 
C:\Windows\system32\Drivers\irenum.sys.bak 
C:\Windows\system32\Drivers\isapnp.sys.bak 
C:\Windows\system32\Drivers\iteatapi.sys.bak 
C:\Windows\system32\Drivers\iteraid.sys.bak 
C:\Windows\system32\Drivers\kbdclass.sys.bak 
C:\Windows\system32\Drivers\kbdhid.sys.bak 
C:\Windows\system32\Drivers\ks.sys.bak 
C:\Windows\system32\Drivers\ksecdd.sys.bak 
C:\Windows\system32\Drivers\lltdio.sys.bak 
C:\Windows\system32\Drivers\lmimirr.sys.bak 
C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak 
C:\Windows\system32\Drivers\lsi_fc.sys.bak 
C:\Windows\system32\Drivers\lsi_sas.sys.bak 
C:\Windows\system32\Drivers\lsi_scsi.sys.bak 
C:\Windows\system32\Drivers\luafv.sys.bak 
C:\Windows\system32\Drivers\mbam.sys.bak 
C:\Windows\system32\Drivers\mcd.sys.bak 
C:\Windows\system32\Drivers\mdmxsdk.sys.bak 
C:\Windows\system32\Drivers\megasas.sys.bak 
C:\Windows\system32\Drivers\modem.sys.bak 
C:\Windows\system32\Drivers\monitor.sys.bak 
C:\Windows\system32\Drivers\mouclass.sys.bak 
C:\Windows\system32\Drivers\mouhid.sys.bak 
C:\Windows\system32\Drivers\mountmgr.sys.bak 
C:\Windows\system32\Drivers\mpio.sys.bak 
C:\Windows\system32\Drivers\mpsdrv.sys.bak 
C:\Windows\system32\Drivers\Mraid35x.sys.bak 
C:\Windows\system32\Drivers\mrxdav.sys.bak 
C:\Windows\system32\Drivers\mrxsmb.sys.bak 
C:\Windows\system32\Drivers\mrxsmb10.sys.bak 
C:\Windows\system32\Drivers\mrxsmb20.sys.bak 
C:\Windows\system32\Drivers\msahci.sys.bak 
C:\Windows\system32\Drivers\msdsm.sys.bak 
C:\Windows\system32\Drivers\msfs.sys.bak 
C:\Windows\system32\Drivers\msisadrv.sys.bak 
C:\Windows\system32\Drivers\msiscsi.sys.bak 
C:\Windows\system32\Drivers\mskssrv.sys.bak 
C:\Windows\system32\Drivers\mspclock.sys.bak 
C:\Windows\system32\Drivers\mspqm.sys.bak 
C:\Windows\system32\Drivers\msrpc.sys.bak 
C:\Windows\system32\Drivers\mssmbios.sys.bak 
C:\Windows\system32\Drivers\mstee.sys.bak 
C:\Windows\system32\Drivers\mup.sys.bak 
C:\Windows\system32\Drivers\ndis.sys.bak 
C:\Windows\system32\Drivers\ndistapi.sys.bak 
C:\Windows\system32\Drivers\ndisuio.sys.bak 
C:\Windows\system32\Drivers\ndiswan.sys.bak 
C:\Windows\system32\Drivers\ndproxy.sys.bak 
C:\Windows\system32\Drivers\netbios.sys.bak 
C:\Windows\system32\Drivers\netbt.sys.bak 
C:\Windows\system32\Drivers\netio.sys.bak 
C:\Windows\system32\Drivers\NETw4v32.sys.bak 
C:\Windows\system32\Drivers\NETw5v32.sys.bak 
C:\Windows\system32\Drivers\nfrd960.sys.bak 
C:\Windows\system32\Drivers\npfs.sys.bak 
C:\Windows\system32\Drivers\nsiproxy.sys.bak 
C:\Windows\system32\Drivers\ntfs.sys.bak 
C:\Windows\system32\Drivers\NTIDrvr.sys.bak 
C:\Windows\system32\Drivers\ntrigdigi.sys.bak 
C:\Windows\system32\Drivers\null.sys.bak 
C:\Windows\system32\Drivers\nvraid.sys.bak 
C:\Windows\system32\Drivers\nvstor.sys.bak 
C:\Windows\system32\Drivers\NV_AGP.SYS.bak 
C:\Windows\system32\Drivers\nwifi.sys.bak 
C:\Windows\system32\Drivers\ohci1394.sys.bak 
C:\Windows\system32\Drivers\pacer.sys.bak 
C:\Windows\system32\Drivers\parport.sys.bak 
C:\Windows\system32\Drivers\partmgr.sys.bak 
C:\Windows\system32\Drivers\parvdm.sys.bak 
C:\Windows\system32\Drivers\pccsmcfd.sys.bak 
C:\Windows\system32\Drivers\pci.sys.bak 
C:\Windows\system32\Drivers\pciide.sys.bak 
C:\Windows\system32\Drivers\pciidex.sys.bak 
C:\Windows\system32\Drivers\pcmcia.sys.bak 
C:\Windows\system32\Drivers\PEAuth.sys.bak 
C:\Windows\system32\Drivers\portcls.sys.bak 
C:\Windows\system32\Drivers\processr.sys.bak 
C:\Windows\system32\Drivers\psdfilter.sys.bak 
C:\Windows\system32\Drivers\pxhelp20.sys.bak 
C:\Windows\system32\Drivers\ql2300.sys.bak 
C:\Windows\system32\Drivers\ql40xx.sys.bak 
C:\Windows\system32\Drivers\qwavedrv.sys.bak 
C:\Windows\system32\Drivers\rasacd.sys.bak 
C:\Windows\system32\Drivers\rasl2tp.sys.bak 
C:\Windows\system32\Drivers\raspppoe.sys.bak 
C:\Windows\system32\Drivers\raspptp.sys.bak 
C:\Windows\system32\Drivers\rassstp.sys.bak 
C:\Windows\system32\Drivers\rdbss.sys.bak 
C:\Windows\system32\Drivers\RDPCDD.sys.bak 
C:\Windows\system32\Drivers\rdpdr.sys.bak 
C:\Windows\system32\Drivers\RDPENCDD.sys.bak 
C:\Windows\system32\Drivers\rdpwd.sys.bak 
C:\Windows\system32\Drivers\rmcast.sys.bak 
C:\Windows\system32\Drivers\RNDISMP.sys.bak 
C:\Windows\system32\Drivers\rootmdm.sys.bak 
C:\Windows\system32\Drivers\rspndr.sys.bak 
C:\Windows\system32\Drivers\RTKVHDA.sys.bak 
C:\Windows\system32\Drivers\sbp2port.sys.bak 
C:\Windows\system32\Drivers\scsiport.sys.bak 
C:\Windows\system32\Drivers\sdbus.sys.bak 
C:\Windows\system32\Drivers\secdrv.sys.bak 
C:\Windows\system32\Drivers\serenum.sys.bak 
C:\Windows\system32\Drivers\serial.sys.bak 
C:\Windows\system32\Drivers\sermouse.sys.bak 
C:\Windows\system32\Drivers\sffdisk.sys.bak 
C:\Windows\system32\Drivers\sffp_mmc.sys.bak 
C:\Windows\system32\Drivers\sffp_sd.sys.bak 
C:\Windows\system32\Drivers\sfloppy.sys.bak 
C:\Windows\system32\Drivers\SISAGP.SYS.bak 
C:\Windows\system32\Drivers\sisraid2.sys.bak 
C:\Windows\system32\Drivers\sisraid4.sys.bak 
C:\Windows\system32\Drivers\smb.sys.bak 
C:\Windows\system32\Drivers\smclib.sys.bak 
C:\Windows\system32\Drivers\spldr.sys.bak 
C:\Windows\system32\Drivers\spsys.sys.bak 
C:\Windows\system32\Drivers\srv.sys.bak 
C:\Windows\system32\Drivers\srv2.sys.bak 
C:\Windows\system32\Drivers\srvnet.sys.bak 
C:\Windows\system32\Drivers\Storport.sys.bak 
C:\Windows\system32\Drivers\stream.sys.bak 
C:\Windows\system32\Drivers\swenum.sys.bak 
C:\Windows\system32\Drivers\symc8xx.sys.bak 
C:\Windows\system32\Drivers\sym_hi.sys.bak 
C:\Windows\system32\Drivers\sym_u3.sys.bak 
C:\Windows\system32\Drivers\SynTP.sys.bak 
C:\Windows\system32\Drivers\tape.sys.bak 
C:\Windows\system32\Drivers\tcpip.sys.bak 
C:\Windows\system32\Drivers\tcpipreg.sys.bak 
C:\Windows\system32\Drivers\tdi.sys.bak 
C:\Windows\system32\Drivers\tdpipe.sys.bak 
C:\Windows\system32\Drivers\tdtcp.sys.bak 
C:\Windows\system32\Drivers\tdx.sys.bak 
C:\Windows\system32\Drivers\termdd.sys.bak 
C:\Windows\system32\Drivers\Tmfilter.sys.bak 
C:\Windows\system32\Drivers\tssecsrv.sys.bak 
C:\Windows\system32\Drivers\TUNMP.SYS.bak 
C:\Windows\system32\Drivers\tunnel.sys.bak 
C:\Windows\system32\Drivers\UAGP35.SYS.bak 
C:\Windows\system32\Drivers\udfs.sys.bak 
C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak 
C:\Windows\system32\Drivers\uliahci.sys.bak 
C:\Windows\system32\Drivers\ulsata.sys.bak 
C:\Windows\system32\Drivers\ulsata2.sys.bak 
C:\Windows\system32\Drivers\umbus.sys.bak 
C:\Windows\system32\Drivers\umpass.sys.bak 
C:\Windows\system32\Drivers\usb8023.sys.bak 
C:\Windows\system32\Drivers\usbaapl.sys.bak 
C:\Windows\system32\Drivers\USBAUDIO.sys.bak 
C:\Windows\system32\Drivers\USBCAMD.sys.bak 
C:\Windows\system32\Drivers\USBCAMD2.sys.bak 
C:\Windows\system32\Drivers\usbccgp.sys.bak 
C:\Windows\system32\Drivers\usbcir.sys.bak 
C:\Windows\system32\Drivers\usbd.sys.bak 
C:\Windows\system32\Drivers\usbehci.sys.bak 
C:\Windows\system32\Drivers\usbhub.sys.bak 
C:\Windows\system32\Drivers\usbohci.sys.bak 
C:\Windows\system32\Drivers\usbport.sys.bak 
C:\Windows\system32\Drivers\usbprint.sys.bak 
C:\Windows\system32\Drivers\usbscan.sys.bak 
C:\Windows\system32\Drivers\usbser.sys.bak 
C:\Windows\system32\Drivers\usbser_lowerflt.sys.bak 
C:\Windows\system32\Drivers\usbser_lowerfltj.sys.bak 
C:\Windows\system32\Drivers\USBSTOR.SYS.bak 
C:\Windows\system32\Drivers\usbuhci.sys.bak 
C:\Windows\system32\Drivers\vga.sys.bak 
C:\Windows\system32\Drivers\vgapnp.sys.bak 
C:\Windows\system32\Drivers\VIAAGP.SYS.bak 
C:\Windows\system32\Drivers\viac7.sys.bak 
C:\Windows\system32\Drivers\viaide.sys.bak 
C:\Windows\system32\Drivers\videoprt.sys.bak 
C:\Windows\system32\Drivers\volmgr.sys.bak 
C:\Windows\system32\Drivers\volmgrx.sys.bak 
C:\Windows\system32\Drivers\volsnap.sys.bak 
C:\Windows\system32\Drivers\vsmraid.sys.bak 
C:\Windows\system32\Drivers\VSTAZL3.SYS.bak 
C:\Windows\system32\Drivers\VSTCNXT3.SYS.bak 
C:\Windows\system32\Drivers\VSTDPV3.SYS.bak 
C:\Windows\system32\Drivers\wacompen.sys.bak 
C:\Windows\system32\Drivers\wanarp.sys.bak 
C:\Windows\system32\Drivers\watchdog.sys.bak 
C:\Windows\system32\Drivers\wd.sys.bak 
C:\Windows\system32\Drivers\Wdf01000.sys.bak 
C:\Windows\system32\Drivers\WdfLdr.sys.bak 
C:\Windows\system32\Drivers\wmiacpi.sys.bak 
C:\Windows\system32\Drivers\wmilib.sys.bak 
C:\Windows\system32\Drivers\WpdUsb.sys.bak 
C:\Windows\system32\Drivers\ws2ifsl.sys.bak 
C:\Windows\system32\Drivers\WUDFPf.sys.bak 
C:\Windows\system32\Drivers\WUDFRd.sys.bak 
C:\Windows\system32\Drivers\XAudio.sys.bak 
End
*****************
 
C:\Windows\system32\Drivers\1394bus.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\acpi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\adp94xx.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\adpahci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\adpu160m.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\adpu320.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\afd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\AGP440.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\alcacr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\alcaudsl.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\alcawh.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\aliide.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\AMDAGP.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\amdide.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\amdk7.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\amdk8.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\arc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\arcsas.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\asyncmac.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\atapi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ataport.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\avgtpx86.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\battc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\bcm4sbxp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BCMWL6.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\bdasup.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\beep.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\bowser.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BrFiltLo.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BrFiltUp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\bridge.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BrSerId.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BrSerWdm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BrUsbMdm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BrUsbSer.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\bthmodem.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\BVRPMPR5.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\ccdcmb.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ccdcmbo.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\cdfs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\cdr4_xp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\cdralw2k.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\cdrom.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\circlass.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Classpnp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\CmBatt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\cmdide.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\compbatt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\crashdmp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\crcdisk.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\crusoe.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\dfsc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\disk.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Diskdump.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\djsvs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\DKbFltr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Dot4.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Dot4Prt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Dot4usb.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\drmk.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\drmkaud.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Dumpata.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\dxapi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\dxg.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\dxgkrnl.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\E1G60I32.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ecache.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\elxstor.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\EMS7SK.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ESD7SK.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ESM7SK.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\exfat.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\fastfat.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\fdc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\fileinfo.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\filetrace.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\flpydisk.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\fltMgr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\fs_rec.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\FWPKCLNT.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\GAGP30KX.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\GEARAspiWDM.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\hdaudbus.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\HdAudio.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\hidbth.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\hidclass.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\hidir.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\hidparse.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\hidusb.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\HpCISSs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\HSXHWAZL.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\HSX_CNXT.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\HSX_DPV.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\http.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\i2omgmt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\i2omp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\i8042prt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\iaStorV.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\igdkmd32.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\iirsp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\int15.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\int15_64.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\intelide.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\intelppm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ipfltdrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\IPMIDrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ipnat.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\irda.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\irenum.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\isapnp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\iteatapi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\iteraid.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\kbdclass.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\kbdhid.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ks.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ksecdd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\lltdio.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\lmimirr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\LMIRfsDriver.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\lsi_fc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\lsi_sas.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\lsi_scsi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\luafv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mbam.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mcd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mdmxsdk.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\megasas.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\modem.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\monitor.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mouclass.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mouhid.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mountmgr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mpio.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mpsdrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Mraid35x.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mrxdav.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mrxsmb.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mrxsmb10.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mrxsmb20.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\msahci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\msdsm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\msfs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\msisadrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\msiscsi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mskssrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mspclock.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mspqm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\msrpc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mssmbios.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mstee.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\mup.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ndis.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ndistapi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ndisuio.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ndiswan.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ndproxy.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\netbios.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\netbt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\netio.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\NETw4v32.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\NETw5v32.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\nfrd960.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\npfs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\nsiproxy.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ntfs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\NTIDrvr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ntrigdigi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\null.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\nvraid.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\nvstor.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\NV_AGP.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\nwifi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ohci1394.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pacer.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\parport.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\partmgr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\parvdm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pccsmcfd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pciide.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pciidex.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pcmcia.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\PEAuth.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\portcls.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\processr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\psdfilter.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\pxhelp20.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ql2300.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ql40xx.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\qwavedrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rasacd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rasl2tp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\raspppoe.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\raspptp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rassstp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rdbss.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\RDPCDD.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rdpdr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\RDPENCDD.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rdpwd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rmcast.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\RNDISMP.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rootmdm.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\rspndr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\RTKVHDA.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sbp2port.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\scsiport.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sdbus.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\secdrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\serenum.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\serial.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sermouse.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sffdisk.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sffp_mmc.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sffp_sd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sfloppy.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\SISAGP.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\sisraid2.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sisraid4.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\smb.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\smclib.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\spldr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\spsys.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\srv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\srv2.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\srvnet.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Storport.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\stream.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\swenum.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\symc8xx.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sym_hi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\sym_u3.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\SynTP.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tape.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tcpip.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tcpipreg.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tdi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tdpipe.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tdtcp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tdx.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\termdd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Tmfilter.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\tssecsrv.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\TUNMP.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\tunnel.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\UAGP35.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\udfs.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ULIAGPKX.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\uliahci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ulsata.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ulsata2.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\umbus.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\umpass.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usb8023.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbaapl.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\USBAUDIO.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\USBCAMD.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\USBCAMD2.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbccgp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbcir.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbehci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbhub.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbohci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbport.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbprint.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbscan.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbser.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbser_lowerflt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\usbser_lowerfltj.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\USBSTOR.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\usbuhci.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\vga.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\vgapnp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\VIAAGP.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\viac7.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\viaide.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\videoprt.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\volmgr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\volmgrx.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\volsnap.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\vsmraid.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\VSTAZL3.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\VSTCNXT3.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\VSTDPV3.SYS.bak => Moved successfully.
C:\Windows\system32\Drivers\wacompen.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\wanarp.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\watchdog.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\wd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\Wdf01000.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\WdfLdr.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\wmiacpi.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\wmilib.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\WpdUsb.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\ws2ifsl.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\WUDFPf.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\WUDFRd.sys.bak => Moved successfully.
C:\Windows\system32\Drivers\XAudio.sys.bak => Moved successfully.
 
==== End of Fixlog ====





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users