Jump to content

Infected and cannot even open DDs scanner

Chiaradelly

By Chiaradelly
in Resolved Malware Removal Logs

 Share

Recommended Posts

Chiaradelly

Chiaradelly

Posted
Posted

Hi, since yesterday a box has started popping up every 2 minutes, saying "successfully blocked access to a potentially malicious website" and it shows always different numbers. I had realized my browser (Chrome) was infected by Aartemis.com, so to remove it, I installed Malwarebytes Anti-Malwar... I did a scan and it found like 300 objects, which I removed, but now this message won't stop popping up, even when I'm just on youtube or facebook (or here).

The scans I ran with my antivirus, Avast, didn't find any threat (however it reports that some files could not be scanned). I tried to follow the directions from "I'm infected. What do I do now?", but my computer (Windows 8.1) doesn't let me open DDs scanner, saying that it is not meant to run in compatibility mode... Please help me

Chiara

 
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Link to post
Share on other sites
Chiaradelly

Chiaradelly

Posted
  • Author
Posted
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013

Ran by Chiara (administrator) on CHIARAS-PC on 21-11-2013 10:52:05

Running from C:\Users\Chiara\Downloads

Windows 8.1 (X64) OS Language: English(UK)

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(AMD) C:\WINDOWS\system32\atiesrxx.exe

(AMD) C:\WINDOWS\system32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe

(Microsoft Corporation) C:\Windows\System32\skydrive.exe

(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe

() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe

(Microsoft Corporation) C:\WINDOWS\WinStore\WSHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe

(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkDMS.exe

(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2889072 2013-03-25] (ELAN Microelectronics Corp.)

HKLM\...\Run: [btPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64128 2013-04-24] ()

HKLM\...\Run: [bitcasa] - C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [499608 2011-06-16] (Adobe Systems Incorporated)

HKLM\...\Run: [samsung Link] - C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-07-05] (Copyright 2013 SAMSUNG)

HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()

HKCU\...\Run: [skyDrive] - C:\Users\Chiara\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-09-22] (Microsoft Corporation)

HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)

HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)

HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-09] (AVAST Software)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1384806159&from=cor&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD600149&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1384806159&from=cor&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD600149&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1384806159&from=cor&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD600149&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1384806159&from=cor&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD600149&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1384806159&from=cor&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD600149&q={searchTerms}

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1384806159&from=cor&uid=SAMSUNGXMZMTD128HAFV-000_S15MNYBD600149&q={searchTerms}

SearchScopes: HKLM - {4D82643C-6E97-475C-A34C-3E4945B61B6D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS

SearchScopes: HKLM-x32 - {4D82643C-6E97-475C-A34C-3E4945B61B6D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS

SearchScopes: HKCU - {4D82643C-6E97-475C-A34C-3E4945B61B6D} URL = 

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (avast! Online Security) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0

CHR Extension: (Google Wallet) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR Extension: (Gmail) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.14\AllShareFrameworkManagerDMS.exe [404360 2013-06-18] (Samsung)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [310400 2013-04-24] (Windows ® Win 7 DDK provider)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-09] (AVAST Software)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-07-05] (Copyright 2013 SAMSUNG)

R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594928 2013-06-14] (Samsung Electronics CO., LTD.)

R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-04-24] (Atheros)

 

==================== Drivers (Whitelisted) ====================

 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-17] (AppEx Networks Corporation)

R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [38984 2013-11-09] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [84328 2013-11-09] (AVAST Software)

R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-11-09] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-09] ()

R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1032416 2013-11-09] (AVAST Software)

R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [409832 2013-11-10] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-09] ()

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-13] (Advanced Micro Devices)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)

R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [223432 2013-04-24] (Qualcomm Atheros)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-24] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)

R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-10-08] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)

R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)

R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-11-21 10:52 - 2013-11-21 10:52 - 00015324 _____ C:\Users\Chiara\Downloads\FRST.txt

2013-11-21 10:51 - 2013-11-21 10:51 - 01957964 _____ (Farbar) C:\Users\Chiara\Downloads\FRST64.exe

2013-11-21 10:51 - 2013-11-21 10:51 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2013-11-21 10:51 - 2013-11-21 10:51 - 00000000 ____D C:\FRST

2013-11-21 10:50 - 2013-11-21 10:50 - 01090881 _____ (Farbar) C:\Users\Chiara\Downloads\FRST.exe

2013-11-21 00:16 - 2013-11-21 00:16 - 00688992 _____ (Swearware) C:\Users\Chiara\Downloads\dds (1).scr

2013-11-21 00:05 - 2013-11-21 00:05 - 00688992 _____ (Swearware) C:\Users\Chiara\Downloads\dds.com

2013-11-21 00:04 - 2013-11-21 00:04 - 00688992 _____ (Swearware) C:\Users\Chiara\Downloads\dds.scr

2013-11-20 23:09 - 2013-11-20 23:09 - 00000099 _____ C:\Users\Public\LMDebug.log

2013-11-20 20:37 - 2013-11-20 20:37 - 00373777 _____ C:\Users\Chiara\Downloads\al vecchio pozzo.htm

2013-11-19 12:35 - 2013-11-19 12:35 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Malwarebytes

2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-19 12:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2013-11-19 12:34 - 2013-11-19 12:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Chiara\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-19 12:34 - 2013-11-19 12:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Chiara\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-11-18 20:23 - 2013-11-18 20:23 - 00000000 ____D C:\Users\Chiara\AppData\Local\CrashRpt

2013-11-18 20:22 - 2013-11-19 12:04 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals

2013-11-18 20:22 - 2013-11-18 20:22 - 00003532 _____ C:\WINDOWS\System32\Tasks\AllmyappsUpdateTask

2013-11-18 20:21 - 2013-11-18 20:21 - 00598304 _____ C:\Users\Chiara\Downloads\Bitstrips_Allmyapps.exe

2013-11-17 21:07 - 2013-11-17 21:08 - 100400976 _____ (Apple Inc.) C:\Users\Chiara\Downloads\iTunes64Setup (1).exe

2013-11-16 16:25 - 2013-11-18 10:24 - 3154119423 ____R C:\Users\Chiara\Desktop\Monsters University [2013].mp4

2013-11-16 11:01 - 2013-11-16 11:01 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Samsung

2013-11-16 10:33 - 2013-11-05 20:21 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2013-11-16 10:33 - 2013-11-05 18:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2013-11-16 10:33 - 2013-11-05 16:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2013-11-16 10:33 - 2013-11-05 16:11 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2013-11-16 10:33 - 2013-11-05 14:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2013-11-16 10:33 - 2013-11-05 14:29 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2013-11-16 10:33 - 2013-10-10 11:26 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2013-11-16 10:33 - 2013-10-10 11:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2013-11-16 10:33 - 2013-10-10 10:34 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2013-11-16 10:33 - 2013-10-10 10:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2013-11-16 10:32 - 2013-10-23 11:29 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll

2013-11-16 10:32 - 2013-10-23 11:21 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys

2013-11-16 10:32 - 2013-10-23 11:13 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll

2013-11-16 10:32 - 2013-10-23 05:09 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2013-11-16 10:32 - 2013-10-23 04:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2013-11-16 10:32 - 2013-10-23 04:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2013-11-16 10:32 - 2013-10-22 08:18 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2013-11-16 10:32 - 2013-10-22 07:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2013-11-16 10:32 - 2013-10-22 06:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2013-11-16 10:32 - 2013-10-22 05:15 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll

2013-11-16 10:32 - 2013-10-22 04:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll

2013-11-16 10:32 - 2013-10-22 04:02 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2013-11-16 10:32 - 2013-10-22 03:44 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll

2013-11-16 10:32 - 2013-10-22 02:38 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2013-11-16 10:32 - 2013-10-22 02:07 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2013-11-16 10:32 - 2013-10-22 01:53 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2013-11-16 10:32 - 2013-10-22 01:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2013-11-16 10:32 - 2013-10-19 09:13 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2013-11-16 10:32 - 2013-10-19 08:51 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2013-11-16 10:32 - 2013-10-19 07:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2013-11-16 10:32 - 2013-10-19 06:24 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2013-11-16 10:32 - 2013-10-19 04:48 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll

2013-11-16 10:32 - 2013-10-19 04:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll

2013-11-16 10:32 - 2013-10-19 03:57 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2013-11-16 10:32 - 2013-10-19 03:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2013-11-16 10:32 - 2013-10-19 03:26 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2013-11-16 10:32 - 2013-10-19 03:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2013-11-16 10:32 - 2013-10-17 15:42 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2013-11-16 10:32 - 2013-10-17 15:42 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll

2013-11-16 10:32 - 2013-10-17 14:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll

2013-11-16 10:32 - 2013-10-16 09:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2013-11-16 10:32 - 2013-10-16 09:33 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2013-11-16 10:32 - 2013-10-13 03:06 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys

2013-11-16 10:32 - 2013-10-13 02:43 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll

2013-11-16 10:32 - 2013-10-11 13:04 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2013-11-16 10:32 - 2013-10-10 16:44 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll

2013-11-16 10:32 - 2013-10-10 16:26 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2013-11-16 10:32 - 2013-10-10 16:26 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2013-11-16 10:32 - 2013-10-10 16:23 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2013-11-16 10:32 - 2013-10-10 14:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll

2013-11-16 10:32 - 2013-10-10 14:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2013-11-16 10:32 - 2013-10-10 11:38 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2013-11-16 10:32 - 2013-10-10 10:40 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2013-11-16 10:32 - 2013-10-08 10:28 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2013-11-16 10:32 - 2013-10-08 10:13 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2013-11-16 10:32 - 2013-10-08 05:50 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll

2013-11-16 10:32 - 2013-10-08 05:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll

2013-11-16 10:32 - 2013-10-08 05:09 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll

2013-11-16 10:32 - 2013-10-08 04:50 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2013-11-16 10:32 - 2013-10-08 04:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll

2013-11-16 10:32 - 2013-10-07 07:21 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2013-11-16 10:32 - 2013-10-07 02:13 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2013-11-16 10:32 - 2013-10-05 15:25 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2013-11-16 10:32 - 2013-10-05 15:25 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2013-11-16 10:32 - 2013-10-05 14:21 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll

2013-11-16 10:32 - 2013-10-05 12:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll

2013-11-16 10:32 - 2013-10-05 11:01 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2013-11-16 10:32 - 2013-10-05 09:36 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe

2013-11-16 10:32 - 2013-10-05 09:18 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2013-11-16 10:32 - 2013-10-05 09:07 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll

2013-11-16 10:32 - 2013-10-05 08:56 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2013-11-16 10:32 - 2013-10-05 08:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2013-11-16 10:32 - 2013-10-05 08:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2013-11-16 10:32 - 2013-10-05 08:15 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll

2013-11-16 10:32 - 2013-10-05 07:43 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2013-11-16 10:32 - 2013-10-05 07:39 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2013-11-16 10:32 - 2013-10-05 07:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2013-11-16 10:32 - 2013-10-05 07:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2013-11-16 10:32 - 2013-10-04 08:10 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2013-11-16 10:32 - 2013-09-19 05:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2013-11-16 10:32 - 2013-09-17 09:06 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2013-11-16 10:32 - 2013-09-17 09:06 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2013-11-16 10:32 - 2013-09-17 06:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2013-11-16 10:32 - 2013-09-17 06:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2013-11-16 10:32 - 2013-09-17 04:37 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2013-11-16 10:32 - 2013-09-14 14:07 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2013-11-16 10:32 - 2013-09-14 14:00 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2013-11-16 10:32 - 2013-09-14 12:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2013-11-16 10:32 - 2013-09-14 12:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2013-11-16 10:32 - 2013-09-14 09:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2013-11-16 10:32 - 2013-09-12 08:08 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll

2013-11-16 10:32 - 2013-09-12 07:44 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll

2013-11-16 10:32 - 2013-09-12 07:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll

2013-11-16 10:32 - 2013-09-11 12:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS

2013-11-16 10:32 - 2013-09-10 05:26 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2013-11-16 10:32 - 2013-09-10 04:52 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll

2013-11-16 10:32 - 2013-09-10 04:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2013-11-16 10:31 - 2013-10-23 05:27 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-11-16 10:31 - 2013-10-23 05:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-11-16 10:31 - 2013-10-22 03:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll

2013-11-16 10:31 - 2013-10-22 02:22 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2013-11-16 10:31 - 2013-10-22 02:13 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2013-11-16 10:31 - 2013-10-11 15:11 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll

2013-11-16 10:31 - 2013-10-11 14:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll

2013-11-16 10:31 - 2013-10-11 13:24 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2013-11-16 10:31 - 2013-10-11 13:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2013-11-16 10:31 - 2013-10-10 11:53 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2013-11-16 10:31 - 2013-10-10 11:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2013-11-16 10:31 - 2013-10-10 10:19 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2013-11-16 10:31 - 2013-10-09 05:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml

2013-11-16 10:31 - 2013-10-08 11:07 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

2013-11-16 10:31 - 2013-10-08 06:46 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll

2013-11-16 10:31 - 2013-10-08 05:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll

2013-11-16 10:31 - 2013-10-08 05:48 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll

2013-11-16 10:31 - 2013-10-07 07:21 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2013-11-16 10:31 - 2013-10-05 08:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll

2013-11-16 10:31 - 2013-10-05 08:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll

2013-11-16 10:31 - 2013-09-14 10:05 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2013-11-16 10:31 - 2013-09-13 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe

2013-11-16 10:31 - 2013-09-13 07:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe

2013-11-16 10:31 - 2013-09-12 08:45 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll

2013-11-16 10:31 - 2013-09-12 08:08 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2013-11-16 10:31 - 2013-09-12 08:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll

2013-11-16 10:31 - 2013-09-12 07:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll

2013-11-16 10:31 - 2013-09-12 07:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll

2013-11-16 10:31 - 2013-09-12 07:16 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll

2013-11-16 10:31 - 2013-09-12 07:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll

2013-11-15 14:15 - 2013-11-15 15:37 - 02100575 _____ C:\Users\Chiara\Downloads\Diet presentation updated on 15 Nov.pptx

2013-11-14 22:05 - 2013-11-14 22:05 - 00136596 _____ C:\Users\Chiara\Downloads\star-wars.zip

2013-11-14 22:00 - 2013-11-14 22:00 - 00026921 _____ C:\Users\Chiara\Downloads\starvader.zip

2013-11-14 21:59 - 2010-04-06 18:56 - 00025784 _____ C:\Users\Chiara\Downloads\Star_Jedi_Rounded.ttf

2013-11-14 21:59 - 2010-04-06 15:53 - 00032072 ____N C:\Users\Chiara\Downloads\Starjhol.ttf

2013-11-14 21:59 - 2010-04-06 15:53 - 00025656 ____N C:\Users\Chiara\Downloads\Starjedi.ttf

2013-11-14 21:57 - 2013-11-14 21:57 - 00149384 _____ C:\Users\Chiara\Downloads\boba-fonts_star-jedi.zip

2013-11-14 18:39 - 2013-11-14 18:39 - 00001457 _____ C:\Users\Public\Desktop\Dell B1160W Mono Laser Printer Dell Supplies Ordering Utility.lnk

2013-11-14 18:39 - 2013-11-14 18:39 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2013-11-14 18:38 - 2013-11-18 22:26 - 00000000 ____D C:\Users\Chiara\AppData\Local\CrashDumps

2013-11-14 18:38 - 2013-11-14 18:39 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Dell

2013-11-14 18:38 - 2013-11-14 18:38 - 00000139 _____ C:\WINDOWS\fwdownsetup.log

2013-11-14 18:38 - 2013-11-14 18:38 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\InstallShield

2013-11-14 18:38 - 2013-11-14 18:38 - 00000000 ____D C:\ProgramData\Dell

2013-11-14 18:38 - 2013-11-14 18:38 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent

2013-11-14 18:38 - 2012-01-11 00:58 - 00484672 _____ () C:\WINDOWS\SSndii.exe

2013-11-14 18:37 - 2013-01-17 00:28 - 00157032 _____ (SS) C:\WINDOWS\system32\sdb2xci.exe

2013-11-14 18:37 - 2012-11-15 00:00 - 00157032 _____ (SS) C:\WINDOWS\system32\sdb2mci.exe

2013-11-14 18:37 - 2011-10-29 05:24 - 00102775 ____N C:\WINDOWS\sdb2xLtr.prn

2013-11-14 18:37 - 2011-10-29 05:24 - 00102775 ____N C:\WINDOWS\sdb2mLTR.prn

2013-11-14 18:37 - 2011-10-29 05:24 - 00100792 ____N C:\WINDOWS\sdb2xA4.prn

2013-11-14 18:37 - 2011-10-29 05:24 - 00100792 ____N C:\WINDOWS\sdb2mA4.prn

2013-11-14 18:37 - 2011-10-14 01:30 - 00000355 _____ C:\WINDOWS\system32\sdb2xlm.smt

2013-11-14 18:37 - 2011-09-26 19:57 - 00034304 _____ () C:\WINDOWS\system32\sdb2mlm.dll

2013-11-14 18:37 - 2011-09-26 19:57 - 00000359 _____ C:\WINDOWS\system32\sdb2mlm.smt

2013-11-14 18:37 - 2011-09-26 19:56 - 00089600 _____ (SS) C:\WINDOWS\system32\sdb2mci.dll

2013-11-14 18:37 - 2011-09-25 21:44 - 00034304 _____ () C:\WINDOWS\system32\sdb2xlm.dll

2013-11-14 18:37 - 2011-09-25 21:43 - 00089600 _____ (SS) C:\WINDOWS\system32\sdb2xci.dll

2013-11-14 18:36 - 2013-11-14 18:38 - 00000000 ____D C:\Program Files (x86)\Dell

2013-11-14 18:36 - 2011-09-24 00:54 - 00049152 ____N (Samsung Electronics) C:\WINDOWS\SysWOW64\ssusbpn.dll

2013-11-14 18:36 - 2011-09-24 00:54 - 00047104 ____N (Samsung Electronics) C:\WINDOWS\system32\ssusbp64.dll

2013-11-13 20:47 - 2013-10-19 08:08 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2013-11-13 20:47 - 2013-10-19 06:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2013-11-13 20:47 - 2013-10-19 06:02 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2013-11-13 20:47 - 2013-10-19 05:37 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2013-11-13 20:47 - 2013-10-19 05:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2013-11-13 20:47 - 2013-10-19 05:10 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2013-11-13 20:47 - 2013-10-19 04:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2013-11-13 20:47 - 2013-10-19 04:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2013-11-13 20:47 - 2013-10-19 04:37 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2013-11-13 20:47 - 2013-10-19 04:31 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2013-11-13 20:47 - 2013-10-19 03:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2013-11-13 20:47 - 2013-10-19 03:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2013-11-13 20:47 - 2013-10-19 03:53 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2013-11-13 20:47 - 2013-10-19 03:23 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2013-11-13 20:47 - 2013-10-19 03:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2013-11-13 20:47 - 2013-10-19 03:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2013-11-13 20:47 - 2013-10-13 02:48 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2013-11-13 20:47 - 2013-10-12 21:48 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2013-11-13 20:47 - 2013-10-12 21:34 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2013-11-13 20:47 - 2013-10-05 14:21 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2013-11-13 20:47 - 2013-10-05 08:39 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2013-11-13 20:46 - 2013-11-13 20:46 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2013-11-13 20:46 - 2013-10-16 15:58 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2013-11-13 20:46 - 2013-10-16 13:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2013-11-13 20:45 - 2013-11-13 20:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2013-11-13 10:08 - 2013-11-13 12:05 - 04622848 _____ C:\Users\Chiara\Downloads\NF3007agingRA2013.ppt

2013-11-11 11:17 - 2013-11-11 11:19 - 00044032 _____ C:\Users\Chiara\Downloads\DI6050 Class Data for Coursework (2013-14).xls

2013-11-10 19:18 - 2013-11-10 19:20 - 00014182 ____H C:\Users\Chiara\Desktop\~WRL4066.tmp

2013-11-09 13:01 - 2013-11-09 13:01 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\AVAST Software

2013-11-09 13:00 - 2013-11-18 14:13 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

2013-11-09 13:00 - 2013-11-10 11:41 - 00409832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 01032416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2013-11-09 13:00 - 2013-11-09 13:00 - 00205320 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00084328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2013-11-09 13:00 - 2013-11-09 13:00 - 00038984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00001982 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2013-11-09 13:00 - 2013-05-02 15:29 - 00278800 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2013-11-09 12:58 - 2013-11-09 12:58 - 00000000 ____D C:\Program Files\AVAST Software

2013-11-09 12:57 - 2013-11-09 12:57 - 00000000 ____D C:\ProgramData\AVAST Software

2013-11-09 12:56 - 2013-11-09 12:57 - 87227720 _____ (AVAST Software) C:\Users\Chiara\Downloads\avast_free_antivirus_setup (1).exe

2013-11-09 12:38 - 2013-11-09 12:42 - 84379524 _____ C:\Users\Chiara\Downloads\Non confermato 3946.crdownload

2013-11-08 14:23 - 2013-11-08 14:23 - 00000000 ____D C:\ProgramData\APN

2013-11-08 14:17 - 2013-11-08 14:19 - 123650800 _____ C:\Users\Chiara\Downloads\avira_free_antivirus_en.exe

2013-11-06 23:55 - 2013-11-06 23:57 - 00000000 ____D C:\Users\Chiara\Desktop\V per vendetta

2013-11-06 23:54 - 2013-11-06 23:54 - 00088970 _____ C:\Users\Chiara\Downloads\V per vendetta.torrent

2013-11-06 08:14 - 2013-11-06 08:14 - 589653797 _____ C:\WINDOWS\MEMORY.DMP

2013-11-06 08:14 - 2013-11-06 08:14 - 00280552 _____ C:\WINDOWS\Minidump\110613-12984-01.dmp

2013-11-06 08:14 - 2013-11-06 08:14 - 00000000 ____D C:\WINDOWS\Minidump

2013-10-31 14:05 - 2013-10-31 14:05 - 03424256 _____ C:\Users\Chiara\Downloads\BODYCOMP.PPT

2013-10-31 13:18 - 2013-10-31 13:18 - 00000451 _____ C:\Users\Chiara\Desktop\buttons in london.txt

2013-10-30 18:21 - 2013-10-30 18:21 - 02259656 _____ C:\Users\Chiara\Downloads\trickyoldteacher_103_fhg_1.wmv

2013-10-30 12:07 - 2013-10-30 12:07 - 00213504 _____ C:\Users\Chiara\Downloads\HN6003 coursework (3).ppt

2013-10-30 12:06 - 2013-10-30 12:06 - 00213504 _____ C:\Users\Chiara\Downloads\HN6003 coursework (2).ppt

2013-10-29 18:56 - 2013-10-29 18:56 - 00000000 ___RD C:\WINDOWS\BrowserChoice

2013-10-29 15:53 - 2013-10-29 15:53 - 00417792 _____ C:\Users\Chiara\Downloads\2b7999f2-599c-4b3f64d70880 (1).ppt

2013-10-29 15:51 - 2013-10-29 15:51 - 01506816 _____ C:\Users\Chiara\Downloads\Nutritional_Assessment.ppt

2013-10-29 15:50 - 2013-10-29 15:50 - 00419840 _____ C:\Users\Chiara\Downloads\2b7999f2-599c-4b3f64d70880.ppt

2013-10-29 12:56 - 2013-10-23 11:01 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2013-10-29 12:56 - 2013-10-23 08:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2013-10-29 10:55 - 2013-10-29 10:55 - 00764416 _____ C:\Users\Chiara\Downloads\DRVS1 (3).ppt

2013-10-29 10:54 - 2013-10-29 10:54 - 02067456 _____ C:\Users\Chiara\Downloads\Concepts and Principles in nutritional epidemiology 2013 for slide show.ppt

2013-10-29 10:54 - 2013-10-29 10:54 - 00764416 _____ C:\Users\Chiara\Downloads\DRVS1 (2).ppt

2013-10-29 10:34 - 2013-10-29 10:34 - 02579456 _____ C:\Users\Chiara\Downloads\Epidemiology of Obesity 2010 (2).ppt

2013-10-29 10:34 - 2013-10-29 10:34 - 00214528 _____ C:\Users\Chiara\Downloads\Maternal_nutrition%2c_fetal_program  (1).ppt

2013-10-29 10:11 - 2013-10-29 11:41 - 01191424 _____ C:\Users\Chiara\Downloads\DRVS1 (1).ppt

2013-10-29 10:11 - 2013-10-29 10:11 - 00764416 _____ C:\Users\Chiara\Downloads\DRVS1.ppt

2013-10-29 10:10 - 2013-10-29 10:10 - 02579456 _____ C:\Users\Chiara\Downloads\Epidemiology of Obesity 2010 (1).ppt

2013-10-28 18:15 - 2013-10-28 18:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services

2013-10-28 18:14 - 2013-10-28 18:14 - 00000000 ____D C:\WINDOWS\PCHEALTH

2013-10-28 18:14 - 2013-10-28 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework

2013-10-28 18:14 - 2013-10-28 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-10-28 18:12 - 2013-10-28 18:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8

2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\Program Files\Microsoft Office

2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services

2013-10-28 18:10 - 2013-10-28 18:10 - 00000000 __RHD C:\MSOCache

2013-10-28 17:32 - 2013-10-28 17:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 15

2013-10-28 17:31 - 2013-10-28 17:31 - 02920469 _____ C:\Users\Chiara\Downloads\O15CTRRemove.diagcab

2013-10-28 12:06 - 2013-10-28 12:06 - 00002054 _____ C:\Users\Public\Desktop\Support Center.lnk

2013-10-28 12:03 - 2013-10-28 12:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2013-10-27 23:46 - 2013-11-21 10:48 - 00000296 _____ C:\WINDOWS\Tasks\AutoKMS.job

2013-10-27 23:46 - 2013-11-19 13:28 - 00000000 ____D C:\WINDOWS\AutoKMS

2013-10-27 23:46 - 2013-11-18 14:11 - 00002906 _____ C:\WINDOWS\System32\Tasks\AutoKMS

2013-10-27 22:24 - 2013-11-21 10:38 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3293FF42-9BCD-4454-945E-D9649B368710}

2013-10-27 21:55 - 2013-10-27 21:55 - 00003312 _____ C:\WINDOWS\System32\Tasks\{DEF2C0A4-7BF1-446C-BB51-1CE6ADC7DE6A}

2013-10-27 20:26 - 2013-10-27 20:26 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-3299057831-706162602-1696328398-1001

2013-10-27 20:23 - 2013-11-19 12:05 - 00001442 _____ C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-10-27 20:23 - 2013-10-27 20:23 - 00000020 ___SH C:\Users\Chiara\ntuser.ini

2013-10-27 20:20 - 2013-11-21 10:30 - 01914486 _____ C:\WINDOWS\WindowsUpdate.log

2013-10-27 20:20 - 2013-10-27 20:20 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

2013-10-27 20:09 - 2013-10-27 20:09 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2013-10-27 20:08 - 2013-11-21 10:47 - 00000000 ____D C:\Users\Chiara

2013-10-27 20:08 - 2013-10-27 20:09 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-27 20:08 - 2013-08-22 15:36 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-27 20:08 - 2013-08-22 15:36 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-10-27 20:08 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-27 20:07 - 2013-10-27 20:20 - 00024768 _____ C:\WINDOWS\diagwrn.xml

2013-10-27 20:07 - 2013-10-27 20:20 - 00024768 _____ C:\WINDOWS\diagerr.xml

2013-10-27 20:03 - 2013-11-21 06:42 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\Program Files\Realtek

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\Program Files\Elantech

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 _____ C:\WINDOWS\ativpsrm.bin

2013-10-27 20:02 - 2013-10-27 20:24 - 00000000 ___DC C:\WINDOWS\Panther

2013-10-27 20:02 - 2013-10-27 20:02 - 00000000 __SHD C:\Recovery

2013-10-27 20:00 - 2013-10-27 20:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2013-10-27 20:00 - 2013-10-27 20:00 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2013-10-27 19:59 - 2013-10-27 19:59 - 00262144 _____ C:\WINDOWS\system32\config\userdiff

2013-10-27 19:57 - 2013-10-28 18:15 - 00000000 ____D C:\Program Files (x86)\MSBuild

2013-10-27 19:57 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files\Reference Assemblies

2013-10-27 19:57 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files\MSBuild

2013-10-27 19:57 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2013-10-27 19:57 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2013-10-27 19:57 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-27 19:57 - 2013-08-03 04:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2013-10-27 19:57 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2013-10-27 19:57 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-27 19:57 - 2013-08-03 04:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2013-10-27 19:32 - 2013-10-27 20:20 - 00006564 _____ C:\WINDOWS\comsetup.log

2013-10-27 13:01 - 2013-10-27 13:01 - 01117164 _____ C:\Users\Chiara\Downloads\The Raw Food Diet.pptx

2013-10-27 13:01 - 2013-10-27 13:01 - 01117164 _____ C:\Users\Chiara\Downloads\The Raw Food Diet (1).pptx

2013-10-26 19:12 - 2013-10-27 23:05 - 00000000 ____D C:\Users\Chiara\Desktop\work

2013-10-24 14:22 - 2013-10-24 14:22 - 00426684 _____ C:\Users\Chiara\Downloads\flv-media-player.exe

2013-10-23 12:38 - 2013-10-23 12:38 - 00001946 _____ C:\Users\Public\Desktop\SW Update.lnk

2013-10-23 11:11 - 2013-10-23 11:14 - 00000000 ____D C:\Users\Chiara\Desktop\volunteering

2013-10-22 09:17 - 2013-10-22 10:40 - 01103872 _____ C:\Users\Chiara\Downloads\Epidemiology of Obesity 2010.ppt

 

==================== One Month Modified Files and Folders =======

 

2013-11-21 10:53 - 2013-09-09 12:27 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3299057831-706162602-1696328398-1001

2013-11-21 10:52 - 2013-11-21 10:52 - 00015324 _____ C:\Users\Chiara\Downloads\FRST.txt

2013-11-21 10:51 - 2013-11-21 10:51 - 01957964 _____ (Farbar) C:\Users\Chiara\Downloads\FRST64.exe

2013-11-21 10:51 - 2013-11-21 10:51 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2013-11-21 10:51 - 2013-11-21 10:51 - 00000000 ____D C:\FRST

2013-11-21 10:51 - 2013-07-05 02:00 - 00000000 ____D C:\ProgramData\WinClon

2013-11-21 10:50 - 2013-11-21 10:50 - 01090881 _____ (Farbar) C:\Users\Chiara\Downloads\FRST.exe

2013-11-21 10:50 - 2013-09-12 07:50 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-11-21 10:49 - 2013-09-18 11:34 - 00000000 __RDO C:\Users\Chiara\SkyDrive

2013-11-21 10:49 - 2013-09-12 07:49 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2013-11-21 10:48 - 2013-10-27 23:46 - 00000296 _____ C:\WINDOWS\Tasks\AutoKMS.job

2013-11-21 10:48 - 2013-08-22 14:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-11-21 10:48 - 2013-08-22 13:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2013-11-21 10:47 - 2013-10-27 20:08 - 00000000 ____D C:\Users\Chiara

2013-11-21 10:45 - 2013-07-05 02:02 - 00000000 ____D C:\ProgramData\PopCap Games

2013-11-21 10:38 - 2013-10-27 22:24 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3293FF42-9BCD-4454-945E-D9649B368710}

2013-11-21 10:34 - 2013-10-04 14:54 - 00062976 ___SH C:\Users\Chiara\Downloads\Thumbs.db

2013-11-21 10:30 - 2013-10-27 20:20 - 01914486 _____ C:\WINDOWS\WindowsUpdate.log

2013-11-21 10:30 - 2013-09-09 13:24 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\BitTorrent

2013-11-21 10:20 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\sru

2013-11-21 06:42 - 2013-10-27 20:03 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2013-11-21 00:39 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\AppReadiness

2013-11-21 00:16 - 2013-11-21 00:16 - 00688992 _____ (Swearware) C:\Users\Chiara\Downloads\dds (1).scr

2013-11-21 00:05 - 2013-11-21 00:05 - 00688992 _____ (Swearware) C:\Users\Chiara\Downloads\dds.com

2013-11-21 00:04 - 2013-11-21 00:04 - 00688992 _____ (Swearware) C:\Users\Chiara\Downloads\dds.scr

2013-11-20 23:59 - 2013-09-12 07:49 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-11-20 23:09 - 2013-11-20 23:09 - 00000099 _____ C:\Users\Public\LMDebug.log

2013-11-20 22:24 - 2013-10-05 10:47 - 01436160 ___SH C:\Users\Chiara\Desktop\Thumbs.db

2013-11-20 21:52 - 2013-09-30 04:11 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-11-20 20:37 - 2013-11-20 20:37 - 00373777 _____ C:\Users\Chiara\Downloads\al vecchio pozzo.htm

2013-11-20 18:43 - 2013-10-07 11:34 - 00000000 ____D C:\Users\Chiara\Desktop\University

2013-11-19 15:50 - 2013-09-29 20:03 - 00996288 _____ C:\WINDOWS\PFRO.log

2013-11-19 15:50 - 2013-09-09 13:28 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Iminent

2013-11-19 15:49 - 2013-09-09 13:28 - 00000000 ____D C:\ProgramData\Iminent

2013-11-19 13:28 - 2013-10-27 23:46 - 00000000 ____D C:\WINDOWS\AutoKMS

2013-11-19 12:35 - 2013-11-19 12:35 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Malwarebytes

2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-19 12:35 - 2013-11-19 12:35 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-19 12:34 - 2013-11-19 12:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Chiara\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-19 12:34 - 2013-11-19 12:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Chiara\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-11-19 12:05 - 2013-10-27 20:23 - 00001442 _____ C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-19 12:04 - 2013-11-18 20:22 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals

2013-11-18 22:26 - 2013-11-14 18:38 - 00000000 ____D C:\Users\Chiara\AppData\Local\CrashDumps

2013-11-18 20:23 - 2013-11-18 20:23 - 00000000 ____D C:\Users\Chiara\AppData\Local\CrashRpt

2013-11-18 20:22 - 2013-11-18 20:22 - 00003532 _____ C:\WINDOWS\System32\Tasks\AllmyappsUpdateTask

2013-11-18 20:21 - 2013-11-18 20:21 - 00598304 _____ C:\Users\Chiara\Downloads\Bitstrips_Allmyapps.exe

2013-11-18 14:13 - 2013-11-09 13:00 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

2013-11-18 14:11 - 2013-10-27 23:46 - 00002906 _____ C:\WINDOWS\System32\Tasks\AutoKMS

2013-11-18 14:11 - 2013-09-09 12:19 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-11-18 14:11 - 2013-09-09 12:19 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-11-18 14:10 - 2013-08-22 14:44 - 03487136 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-11-18 14:09 - 2013-08-22 15:36 - 00000000 ___RD C:\WINDOWS\ToastData

2013-11-18 14:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\WinStore

2013-11-18 14:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB

2013-11-18 14:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\migwiz

2013-11-18 14:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\en-GB

2013-11-18 14:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2013-11-18 10:24 - 2013-11-16 16:25 - 3154119423 ____R C:\Users\Chiara\Desktop\Monsters University [2013].mp4

2013-11-17 21:08 - 2013-11-17 21:07 - 100400976 _____ (Apple Inc.) C:\Users\Chiara\Downloads\iTunes64Setup (1).exe

2013-11-17 13:00 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\rescache

2013-11-17 12:59 - 2013-08-22 14:46 - 00291539 _____ C:\WINDOWS\setupact.log

2013-11-16 11:01 - 2013-11-16 11:01 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Samsung

2013-11-16 11:01 - 2013-07-04 22:54 - 00000000 ____D C:\Program Files (x86)\Samsung

2013-11-15 15:37 - 2013-11-15 14:15 - 02100575 _____ C:\Users\Chiara\Downloads\Diet presentation updated on 15 Nov.pptx

2013-11-15 15:36 - 2013-10-07 11:44 - 00105984 ___SH C:\Users\Chiara\Documents\Thumbs.db

2013-11-14 22:05 - 2013-11-14 22:05 - 00136596 _____ C:\Users\Chiara\Downloads\star-wars.zip

2013-11-14 22:00 - 2013-11-14 22:00 - 00026921 _____ C:\Users\Chiara\Downloads\starvader.zip

2013-11-14 21:57 - 2013-11-14 21:57 - 00149384 _____ C:\Users\Chiara\Downloads\boba-fonts_star-jedi.zip

2013-11-14 18:39 - 2013-11-14 18:39 - 00001457 _____ C:\Users\Public\Desktop\Dell B1160W Mono Laser Printer Dell Supplies Ordering Utility.lnk

2013-11-14 18:39 - 2013-11-14 18:39 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell

2013-11-14 18:39 - 2013-11-14 18:38 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Dell

2013-11-14 18:38 - 2013-11-14 18:38 - 00000139 _____ C:\WINDOWS\fwdownsetup.log

2013-11-14 18:38 - 2013-11-14 18:38 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\InstallShield

2013-11-14 18:38 - 2013-11-14 18:38 - 00000000 ____D C:\ProgramData\Dell

2013-11-14 18:38 - 2013-11-14 18:38 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent

2013-11-14 18:38 - 2013-11-14 18:36 - 00000000 ____D C:\Program Files (x86)\Dell

2013-11-14 18:38 - 2013-07-04 22:54 - 00000000 ____D C:\ProgramData\Samsung

2013-11-14 18:38 - 2013-07-04 22:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2013-11-14 15:20 - 2013-09-12 00:08 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-11-14 15:18 - 2013-09-12 00:07 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-11-13 21:24 - 2013-09-22 23:37 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-11-13 20:46 - 2013-11-13 20:46 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2013-11-13 20:45 - 2013-11-13 20:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2013-11-13 12:05 - 2013-11-13 10:08 - 04622848 _____ C:\Users\Chiara\Downloads\NF3007agingRA2013.ppt

2013-11-11 11:19 - 2013-11-11 11:17 - 00044032 _____ C:\Users\Chiara\Downloads\DI6050 Class Data for Coursework (2013-14).xls

2013-11-10 19:20 - 2013-11-10 19:18 - 00014182 ____H C:\Users\Chiara\Desktop\~WRL4066.tmp

2013-11-10 11:41 - 2013-11-09 13:00 - 00409832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys

2013-11-09 13:01 - 2013-11-09 13:01 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\AVAST Software

2013-11-09 13:00 - 2013-11-09 13:00 - 01032416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2013-11-09 13:00 - 2013-11-09 13:00 - 00205320 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00084328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2013-11-09 13:00 - 2013-11-09 13:00 - 00038984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys

2013-11-09 13:00 - 2013-11-09 13:00 - 00001982 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2013-11-09 12:58 - 2013-11-09 12:58 - 00000000 ____D C:\Program Files\AVAST Software

2013-11-09 12:57 - 2013-11-09 12:57 - 00000000 ____D C:\ProgramData\AVAST Software

2013-11-09 12:57 - 2013-11-09 12:56 - 87227720 _____ (AVAST Software) C:\Users\Chiara\Downloads\avast_free_antivirus_setup (1).exe

2013-11-09 12:50 - 2013-09-09 12:22 - 00000000 ____D C:\Users\Chiara\Documents\Bluetooth Folder

2013-11-09 12:45 - 2013-07-05 01:58 - 00000000 ____D C:\ProgramData\Norton

2013-11-09 12:42 - 2013-11-09 12:38 - 84379524 _____ C:\Users\Chiara\Downloads\Non confermato 3946.crdownload

2013-11-09 12:40 - 2013-08-22 13:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM

2013-11-09 12:40 - 2012-07-26 08:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP

2013-11-08 14:23 - 2013-11-08 14:23 - 00000000 ____D C:\ProgramData\APN

2013-11-08 14:23 - 2013-09-09 12:17 - 00000000 ____D C:\Users\Chiara\AppData\Local\Packages

2013-11-08 14:19 - 2013-11-08 14:17 - 123650800 _____ C:\Users\Chiara\Downloads\avira_free_antivirus_en.exe

2013-11-06 23:57 - 2013-11-06 23:55 - 00000000 ____D C:\Users\Chiara\Desktop\V per vendetta

2013-11-06 23:54 - 2013-11-06 23:54 - 00088970 _____ C:\Users\Chiara\Downloads\V per vendetta.torrent

2013-11-06 08:14 - 2013-11-06 08:14 - 589653797 _____ C:\WINDOWS\MEMORY.DMP

2013-11-06 08:14 - 2013-11-06 08:14 - 00280552 _____ C:\WINDOWS\Minidump\110613-12984-01.dmp

2013-11-06 08:14 - 2013-11-06 08:14 - 00000000 ____D C:\WINDOWS\Minidump

2013-11-05 23:31 - 2013-08-22 15:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2013-11-05 23:31 - 2013-08-22 15:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2013-11-05 20:32 - 2013-09-09 12:18 - 00025741 _____ C:\Users\Chiara\AppData\Roaming\AbsoluteReminder.xml

2013-11-05 20:21 - 2013-11-16 10:33 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2013-11-05 18:51 - 2013-11-16 10:33 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2013-11-05 16:20 - 2013-11-16 10:33 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2013-11-05 16:11 - 2013-11-16 10:33 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2013-11-05 14:30 - 2013-11-16 10:33 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2013-11-05 14:29 - 2013-11-16 10:33 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2013-10-31 14:05 - 2013-10-31 14:05 - 03424256 _____ C:\Users\Chiara\Downloads\BODYCOMP.PPT

2013-10-31 13:18 - 2013-10-31 13:18 - 00000451 _____ C:\Users\Chiara\Desktop\buttons in london.txt

2013-10-30 18:21 - 2013-10-30 18:21 - 02259656 _____ C:\Users\Chiara\Downloads\trickyoldteacher_103_fhg_1.wmv

2013-10-30 12:07 - 2013-10-30 12:07 - 00213504 _____ C:\Users\Chiara\Downloads\HN6003 coursework (3).ppt

2013-10-30 12:06 - 2013-10-30 12:06 - 00213504 _____ C:\Users\Chiara\Downloads\HN6003 coursework (2).ppt

2013-10-29 18:56 - 2013-10-29 18:56 - 00000000 ___RD C:\WINDOWS\BrowserChoice

2013-10-29 15:53 - 2013-10-29 15:53 - 00417792 _____ C:\Users\Chiara\Downloads\2b7999f2-599c-4b3f64d70880 (1).ppt

2013-10-29 15:51 - 2013-10-29 15:51 - 01506816 _____ C:\Users\Chiara\Downloads\Nutritional_Assessment.ppt

2013-10-29 15:50 - 2013-10-29 15:50 - 00419840 _____ C:\Users\Chiara\Downloads\2b7999f2-599c-4b3f64d70880.ppt

2013-10-29 11:41 - 2013-10-29 10:11 - 01191424 _____ C:\Users\Chiara\Downloads\DRVS1 (1).ppt

2013-10-29 10:55 - 2013-10-29 10:55 - 00764416 _____ C:\Users\Chiara\Downloads\DRVS1 (3).ppt

2013-10-29 10:54 - 2013-10-29 10:54 - 02067456 _____ C:\Users\Chiara\Downloads\Concepts and Principles in nutritional epidemiology 2013 for slide show.ppt

2013-10-29 10:54 - 2013-10-29 10:54 - 00764416 _____ C:\Users\Chiara\Downloads\DRVS1 (2).ppt

2013-10-29 10:34 - 2013-10-29 10:34 - 02579456 _____ C:\Users\Chiara\Downloads\Epidemiology of Obesity 2010 (2).ppt

2013-10-29 10:34 - 2013-10-29 10:34 - 00214528 _____ C:\Users\Chiara\Downloads\Maternal_nutrition%2c_fetal_program  (1).ppt

2013-10-29 10:11 - 2013-10-29 10:11 - 00764416 _____ C:\Users\Chiara\Downloads\DRVS1.ppt

2013-10-29 10:10 - 2013-10-29 10:10 - 02579456 _____ C:\Users\Chiara\Downloads\Epidemiology of Obesity 2010 (1).ppt

2013-10-28 18:15 - 2013-10-28 18:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services

2013-10-28 18:15 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files (x86)\MSBuild

2013-10-28 18:14 - 2013-10-28 18:14 - 00000000 ____D C:\WINDOWS\PCHEALTH

2013-10-28 18:14 - 2013-10-28 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework

2013-10-28 18:14 - 2013-10-28 18:14 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2013-10-28 18:14 - 2013-07-05 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2013-10-28 18:12 - 2013-10-28 18:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8

2013-10-28 18:12 - 2013-08-22 15:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\Program Files\Microsoft Office

2013-10-28 18:11 - 2013-10-28 18:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services

2013-10-28 18:11 - 2013-09-30 03:59 - 00000000 ____D C:\WINDOWS\ShellNew

2013-10-28 18:11 - 2012-07-26 05:26 - 00000167 _____ C:\WINDOWS\win.ini

2013-10-28 18:10 - 2013-10-28 18:10 - 00000000 __RHD C:\MSOCache

2013-10-28 17:53 - 2013-09-22 23:37 - 00000000 ____D C:\Users\Chiara\AppData\Local\Microsoft Help

2013-10-28 17:32 - 2013-10-28 17:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 15

2013-10-28 17:31 - 2013-10-28 17:31 - 02920469 _____ C:\Users\Chiara\Downloads\O15CTRRemove.diagcab

2013-10-28 12:06 - 2013-10-28 12:06 - 00002054 _____ C:\Users\Public\Desktop\Support Center.lnk

2013-10-28 12:03 - 2013-10-28 12:03 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2013-10-27 23:05 - 2013-10-26 19:12 - 00000000 ____D C:\Users\Chiara\Desktop\work

2013-10-27 21:55 - 2013-10-27 21:55 - 00003312 _____ C:\WINDOWS\System32\Tasks\{DEF2C0A4-7BF1-446C-BB51-1CE6ADC7DE6A}

2013-10-27 21:21 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\restore

2013-10-27 20:31 - 2012-07-26 08:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2013-10-27 20:26 - 2013-10-27 20:26 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-3299057831-706162602-1696328398-1001

2013-10-27 20:25 - 2013-09-09 12:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD

2013-10-27 20:24 - 2013-10-27 20:02 - 00000000 ___DC C:\WINDOWS\Panther

2013-10-27 20:23 - 2013-10-27 20:23 - 00000020 ___SH C:\Users\Chiara\ntuser.ini

2013-10-27 20:20 - 2013-10-27 20:20 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

2013-10-27 20:20 - 2013-10-27 20:07 - 00024768 _____ C:\WINDOWS\diagwrn.xml

2013-10-27 20:20 - 2013-10-27 20:07 - 00024768 _____ C:\WINDOWS\diagerr.xml

2013-10-27 20:20 - 2013-10-27 19:32 - 00006564 _____ C:\WINDOWS\comsetup.log

2013-10-27 20:20 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Registration

2013-10-27 20:18 - 2013-08-22 15:36 - 00000000 __RSD C:\WINDOWS\Media

2013-10-27 20:18 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Public\Libraries

2013-10-27 20:17 - 2013-09-29 16:59 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-10-27 20:17 - 2013-09-22 21:59 - 00000000 ____D C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-10-27 20:17 - 2013-08-22 13:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2013-10-27 20:16 - 2013-09-30 03:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN

2013-10-27 20:16 - 2013-09-30 03:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep

2013-10-27 20:16 - 2013-09-30 03:56 - 00000000 ____D C:\WINDOWS\system32\WCN

2013-10-27 20:16 - 2013-08-22 15:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\spool

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\NDF

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\MUI

2013-10-27 20:16 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\IME

2013-10-27 20:16 - 2013-08-22 13:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI

2013-10-27 20:16 - 2013-08-22 13:36 - 00000000 ____D C:\WINDOWS\system32\oobe

2013-10-27 20:16 - 2013-07-05 01:49 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2013-10-27 20:16 - 2012-07-26 05:37 - 00000000 ____D C:\Users\Default.migrated

2013-10-27 20:15 - 2013-08-22 15:43 - 00000000 ____D C:\WINDOWS\DigitalLocker

2013-10-27 20:15 - 2013-08-22 15:36 - 00000000 __SHD C:\Program Files\Windows Sidebar

2013-10-27 20:15 - 2013-08-22 15:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2013-10-27 20:15 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\IME

2013-10-27 20:15 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Help

2013-10-27 20:15 - 2013-08-22 15:36 - 00000000 ____D C:\Program Files\Common Files\System

2013-10-27 20:15 - 2012-08-05 21:11 - 00000000 ____D C:\ProgramData\PRICache

2013-10-27 20:09 - 2013-10-27 20:09 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2013-10-27 20:09 - 2013-10-27 20:08 - 00000000 ___RD C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-27 20:09 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Recovery

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\Program Files\Realtek

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\Program Files\Elantech

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies

2013-10-27 20:03 - 2013-10-27 20:03 - 00000000 _____ C:\WINDOWS\ativpsrm.bin

2013-10-27 20:03 - 2013-08-22 14:46 - 00000084 _____ C:\WINDOWS\setuperr.log

2013-10-27 20:02 - 2013-10-27 20:02 - 00000000 __SHD C:\Recovery

2013-10-27 20:02 - 2013-08-22 13:36 - 00000000 __RHD C:\Users\Default

2013-10-27 20:01 - 2013-08-22 15:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template

2013-10-27 20:00 - 2013-10-27 20:00 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2013-10-27 20:00 - 2013-10-27 20:00 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2013-10-27 20:00 - 2013-10-27 20:00 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2013-10-27 20:00 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Camera

2013-10-27 19:59 - 2013-10-27 19:59 - 00262144 _____ C:\WINDOWS\system32\config\userdiff

2013-10-27 19:57 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files\Reference Assemblies

2013-10-27 19:57 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files\MSBuild

2013-10-27 19:57 - 2013-10-27 19:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2013-10-27 19:51 - 2013-07-04 22:54 - 01460879 _____ C:\WINDOWS\WindowsUpdate (1).log

2013-10-27 19:15 - 2012-07-26 08:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

2013-10-27 13:01 - 2013-10-27 13:01 - 01117164 _____ C:\Users\Chiara\Downloads\The Raw Food Diet.pptx

2013-10-27 13:01 - 2013-10-27 13:01 - 01117164 _____ C:\Users\Chiara\Downloads\The Raw Food Diet (1).pptx

2013-10-24 14:22 - 2013-10-24 14:22 - 00426684 _____ C:\Users\Chiara\Downloads\flv-media-player.exe

2013-10-23 12:38 - 2013-10-23 12:38 - 00001946 _____ C:\Users\Public\Desktop\SW Update.lnk

2013-10-23 11:29 - 2013-11-16 10:32 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll

2013-10-23 11:21 - 2013-11-16 10:32 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys

2013-10-23 11:14 - 2013-10-23 11:11 - 00000000 ____D C:\Users\Chiara\Desktop\volunteering

2013-10-23 11:13 - 2013-11-16 10:32 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll

2013-10-23 11:01 - 2013-10-29 12:56 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2013-10-23 08:59 - 2013-10-29 12:56 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2013-10-23 05:27 - 2013-11-16 10:31 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-10-23 05:09 - 2013-11-16 10:32 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2013-10-23 05:04 - 2013-11-16 10:31 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-10-23 04:55 - 2013-11-16 10:32 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2013-10-23 04:46 - 2013-11-16 10:32 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2013-10-22 10:40 - 2013-10-22 09:17 - 01103872 _____ C:\Users\Chiara\Downloads\Epidemiology of Obesity 2010.ppt

2013-10-22 08:18 - 2013-11-16 10:32 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2013-10-22 07:55 - 2013-11-16 10:32 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2013-10-22 06:03 - 2013-11-16 10:32 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2013-10-22 05:15 - 2013-11-16 10:32 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll

2013-10-22 04:04 - 2013-11-16 10:32 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll

2013-10-22 04:02 - 2013-11-16 10:32 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2013-10-22 03:56 - 2013-11-16 10:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll

2013-10-22 03:44 - 2013-11-16 10:32 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll

2013-10-22 02:38 - 2013-11-16 10:32 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2013-10-22 02:22 - 2013-11-16 10:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2013-10-22 02:13 - 2013-11-16 10:31 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2013-10-22 02:07 - 2013-11-16 10:32 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2013-10-22 01:53 - 2013-11-16 10:32 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2013-10-22 01:47 - 2013-11-16 10:32 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

 

Files to move or delete:

====================

C:\ProgramData\MakeMarkerFile.exe

C:\Users\EasySurvey\EasySurvey.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe

[2013-11-16 10:32] - [2013-10-22 07:55] - 2328872 ____A (Microsoft Corporation) 63DC38C3E4564B2405D562855643ABA2

 

C:\Windows\SysWOW64\explorer.exe

[2013-11-16 10:32] - [2013-10-22 06:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

 

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll

[2013-11-16 10:32] - [2013-10-22 02:38] - 1362944 ____A (Microsoft Corporation) C72456BFFE941714CF05B0AA0BEE5B45

 

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-11-20 23:25

 

==================== End Of Log ============================

Addition.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Unfortunately I cannot offer any further help, you are using illegal software. This is designed to crack Microsoft Office and Microsoft OS...

 

2013-10-27 23:46 - 2013-11-21 10:48 - 00000296 _____ C:\WINDOWS\Tasks\AutoKMS.job
2013-10-27 23:46 - 2013-11-19 13:28 - 00000000 ____D C:\WINDOWS\AutoKMS
2013-10-27 23:46 - 2013-11-18 14:11 - 00002906 _____ C:\WINDOWS\System32\Tasks\AutoKMS
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.