Jump to content

Recommended Posts

Thank you in advance for your time:

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:13:22 AM, on 2/2/2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.9600.16384)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Users\Arianna\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Users\Arianna\Desktop\Maintenance\HiJackThis.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Startup: Dropbox.lnk = Arianna\AppData\Roaming\Dropbox\bin\Dropbox.exe

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.dell.com

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Product - 2013/01/09 15:02:03 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 9948 bytes

 

Link to post
Share on other sites

HJT doesn't work anymore, you can't go by the log it creates.

What are your issues???

If you think you're infected with malware.....

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8)

(please don't put logs in code or quotes and use the default font)

(Please don't forget to run the RogueKiller scan below)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

You should be able to run RogueKiller and FRST.

Please let me know what your concerns are with the computer!!

-----------------------

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

Avast AV found some trojans in the computer and since then it unexpectedly crashed a few times.  I selected the option to delete the viruses found but they keep coming up on the scans.  Since then I ran ESET online scanner and it seemed to delete them as they have not come up again, but I feel I have some other trojans/malware remaining.  The laptop screen is also dimming as if the adaptive display is turned on, but I checked every option and it seems to be turned off.  Logs are pasted below, let me know if the logfile from rogue is necessary. Thanks

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Arianna (administrator) on ARIANNA-DELL on 02-02-2014 20:39:46
Running from C:\Users\Arianna\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Dropbox, Inc.) C:\Users\Arianna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-14] (Synaptics Incorporated)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-05] (IDT, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-06] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-930036279-2066950193-2326160759-1002\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-930036279-2066950193-2326160759-1002\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-930036279-2066950193-2326160759-1002\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
HKU\S-1-5-21-930036279-2066950193-2326160759-1002\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-930036279-2066950193-2326160759-1002\...\Policies\Explorer: [NoLogOff] 0
Startup: C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Arianna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB5FCCF4BC21FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (myPlex Queue Extension) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\agmheakklldmclgmkfnncddgkiibboil [2013-11-22]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-06-23]
CHR Extension: (Google Docs) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-23]
CHR Extension: (Google Drive) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-23]
CHR Extension: (YouTube) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-23]
CHR Extension: (Abine TACO) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cadbkmipeldjmjfcpcjibfjgflahmphk [2013-06-23]
CHR Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfjbkbddpfnoplfhceolpopfoepleco [2013-08-06]
CHR Extension: (Google Search) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-23]
CHR Extension: (Reddit Widget [ANTP]) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpcomccnnochpjdakpakbieihbglblcn [2013-06-23]
CHR Extension: (Google Calendar) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-06-23]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-06-23]
CHR Extension: (Full Screen Weather) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2013-06-23]
CHR Extension: (avast! Ad Blocker) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-06-23]
CHR Extension: (Chuck Anderson) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2013-06-23]
CHR Extension: (AdBlock) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-23]
CHR Extension: (Awesome Weather Widget [ANTP]) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\goeepbfnllchoihkoiecpkkekbpfiboc [2013-06-23]
CHR Extension: (avast! Online Security) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-23]
CHR Extension: (Pixlr Editor) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2013-06-23]
CHR Extension: (Dropbox) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-06-23]
CHR Extension: (Youtube search widget [aNTP]) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjiebkkdnganciijgjbfnbbdiblkaaii [2013-06-23]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2013-06-23]
CHR Extension: (Google Maps) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-06-23]
CHR Extension: (Bigger Notes [ANTP]) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lohbonfeioofpgpcmebnncnmiobojbgk [2013-06-23]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-06-23]
CHR Extension: (Awesome New Tab Page™) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2013-06-23]
CHR Extension: (Online Calculator) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnegnogmdmccelhibehpmakmkiibinil [2013-06-23]
CHR Extension: (Facebook Notifications) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-06-23]
CHR Extension: (Google Wallet) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
CHR Extension: (Gmail) - C:\Users\Arianna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-23]
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-06-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [236144 2012-07-13] (CyberLink)
S2 HitmanPro37CrusaderBoot; C:\Users\Arianna\Desktop\Maintenance\HitmanPro_x64.exe [10820032 2014-02-01] (SurfRight B.V.)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-06] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-05] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1034464 2014-01-06] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [422216 2014-01-06] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [79672 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-06] ()
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-13] (Microsoft Corporation)
S3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46016 2012-07-25] ()
S3 lehidmini; C:\Windows\System32\drivers\leath_hid.sys [39704 2012-07-31] (Atheros)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-31] (Intel Corporation)
S3 qca_shb; C:\Windows\System32\drivers\qca_shb.sys [99328 2012-07-31] (Qualcomm Atheros Communications Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R0 rtcrfilt64; C:\Windows\System32\DRIVERS\rtcrfilt64.sys [19600 2012-07-23] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-13] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 GENERICDRV; \??\C:\Users\Arianna\Desktop\amifldrv64.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-02 20:39 - 2014-02-02 20:39 - 00017694 _____ () C:\Users\Arianna\Desktop\FRST.txt
2014-02-02 20:39 - 2014-02-02 20:39 - 00000000 ____D () C:\FRST
2014-02-02 20:30 - 2014-02-02 20:30 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-02 20:30 - 2014-02-02 20:30 - 00000690 _____ () C:\WINDOWS\system32\.crusader
2014-02-02 20:30 - 2014-02-02 20:30 - 00000372 _____ () C:\WINDOWS\system32\bootdelete.lst
2014-02-02 20:30 - 2014-02-02 20:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-02 20:24 - 2014-02-02 20:24 - 02080256 _____ (Farbar) C:\Users\Arianna\Desktop\FRST64.exe
2014-02-02 14:44 - 2014-02-02 14:44 - 00004188 _____ () C:\WINDOWS\PFRO.log
2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Program Files\7-Zip
2014-02-02 10:13 - 2014-02-02 14:20 - 00001199 _____ () C:\WINDOWS\setupact.log
2014-02-02 10:13 - 2014-02-02 10:13 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-02-02 10:13 - 2014-02-02 10:13 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2014-02-02 10:13 - 2014-02-02 10:13 - 00000000 ____D () C:\iBTWU
2014-02-02 10:13 - 2013-12-08 19:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-02 10:13 - 2013-12-08 19:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-02 10:13 - 2013-11-27 10:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-02 10:13 - 2013-11-27 10:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-02 10:13 - 2013-11-27 09:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-02 10:13 - 2013-11-27 08:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-02 10:13 - 2013-11-27 07:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-02 10:13 - 2013-11-27 05:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-02 10:13 - 2013-11-27 05:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-02 10:13 - 2013-11-27 05:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-02 10:13 - 2013-11-27 04:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-02 10:13 - 2013-11-27 04:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-02 10:13 - 2013-11-27 04:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-02 10:13 - 2013-11-27 04:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-02 10:13 - 2013-11-27 03:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-02 10:13 - 2013-11-27 03:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-02 10:13 - 2013-11-27 03:20 - 04106240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-02 10:13 - 2013-11-26 23:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-02 10:13 - 2013-11-26 08:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-02 10:13 - 2013-11-26 08:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-02 10:13 - 2013-11-26 08:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-02 10:13 - 2013-11-26 08:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-02 10:13 - 2013-11-26 06:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-02 10:13 - 2013-11-26 06:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-02 10:13 - 2013-11-26 06:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-02 10:13 - 2013-11-26 05:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-02 10:13 - 2013-11-26 04:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-02 10:13 - 2013-11-26 03:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-02 10:13 - 2013-11-24 20:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-02 10:13 - 2013-11-24 20:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-02 10:13 - 2013-11-24 18:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-02 10:13 - 2013-11-24 18:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-02 10:13 - 2013-11-23 07:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-02 10:13 - 2013-11-23 06:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-02 10:13 - 2013-11-23 03:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-02 10:13 - 2013-11-23 02:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-02 10:13 - 2013-11-23 02:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-02 10:13 - 2013-11-23 02:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-02 10:13 - 2013-11-22 23:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-02 10:13 - 2013-11-22 22:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-02 10:13 - 2013-11-22 22:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-02 10:13 - 2013-11-22 22:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-02 10:13 - 2013-11-22 22:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-02 10:13 - 2013-11-22 22:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-02 10:13 - 2013-11-22 22:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-02 10:13 - 2013-11-21 01:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-02 10:13 - 2013-11-21 01:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-02 10:13 - 2013-11-16 00:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-02 10:13 - 2013-11-15 13:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-02 10:13 - 2013-11-15 09:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-02 10:13 - 2013-11-15 09:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-02 10:13 - 2013-11-15 09:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-02 10:13 - 2013-11-15 08:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-02 10:13 - 2013-11-05 15:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-02 10:13 - 2013-10-30 19:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-02 10:13 - 2013-10-30 18:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-02 10:07 - 2013-12-11 02:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-02 10:05 - 2014-02-02 19:51 - 00214592 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-02 01:46 - 2014-02-02 01:46 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-02-02 01:33 - 2014-02-02 19:03 - 00000000 ____D () C:\Users\Arianna\Desktop\Maintenance
2014-02-02 01:19 - 2014-02-02 01:19 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-02-02 01:19 - 2014-02-02 01:19 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 01:16 - 2014-02-02 01:16 - 00000000 ____D () C:\SUPERDelete
2014-02-02 01:15 - 2014-02-02 01:15 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\SUPERAntiSpyware.com
2014-02-02 01:14 - 2014-02-02 01:15 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-02 01:14 - 2014-02-02 01:14 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-02-01 22:32 - 2013-06-23 15:11 - 00449813 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140201-223216.backup
2014-02-01 22:14 - 2014-02-02 20:30 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-01 22:14 - 2014-02-02 19:02 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-01 22:02 - 2014-02-02 01:36 - 00000000 ____D () C:\AdwCleaner
2014-02-01 22:02 - 2014-02-01 22:02 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-01-29 22:11 - 2014-01-29 22:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-29 22:11 - 2014-01-29 22:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-29 22:08 - 2014-01-29 22:10 - 13079688 _____ (Microsoft Corporation) C:\Users\Arianna\Desktop\Silverlight_x64.exe
2014-01-29 21:52 - 2014-01-29 21:54 - 05685732 _____ (Microsoft Corporation) C:\Users\Arianna\Desktop\C76D.tmp
2014-01-29 14:25 - 2014-01-29 14:25 - 00000000 ____D () C:\Users\Arianna\.android
2014-01-29 14:25 - 2014-01-29 14:25 - 00000000 _____ () C:\Users\Arianna\daemonprocess.txt
2014-01-22 00:09 - 2014-01-10 01:11 - 3347435393 _____ () C:\Users\Arianna\Desktop\Enough.Said.2013.1080p.BluRay.DTS.x264-PublicHD.mkv
2014-01-22 00:02 - 2014-01-22 00:02 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 00:01 - 2014-01-22 01:05 - 923040303 _____ () C:\Users\Arianna\Desktop\Pretty.Little.Liars.S04E16.720p.HDTV.X264-DIMENSION.mkv
2014-01-22 00:01 - 2014-01-22 00:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-16 18:15 - 2014-02-02 14:30 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98D836B5-FF24-4219-B744-F5CEA708AC75}
2014-01-16 18:14 - 2012-09-05 14:40 - 06100480 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-01-16 18:14 - 2012-09-05 14:40 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-01-16 18:14 - 2012-04-30 03:23 - 01008472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-01-16 18:14 - 2012-03-30 13:22 - 00849434 _____ () C:\WINDOWS\system32\W92HDM6BSKULL.mps
2014-01-16 18:14 - 2012-03-22 16:55 - 00188383 _____ () C:\WINDOWS\system32\W92HDM6B.mps
2014-01-16 18:14 - 2012-01-05 02:58 - 02603864 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib.dll
2014-01-16 18:14 - 2012-01-05 02:58 - 01806168 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioMeters64.exe
2014-01-16 18:14 - 2012-01-05 02:58 - 01468760 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioIDT.dll
2014-01-16 18:14 - 2011-04-20 04:59 - 00874496 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\imapo64.dll
2014-01-16 18:14 - 2011-04-20 04:58 - 00734720 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\imapo32.dll
2014-01-16 18:14 - 2010-10-14 15:26 - 00390656 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\imthx64.dll
2014-01-16 18:12 - 2012-09-05 14:40 - 00255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646426.dll
2014-01-16 17:53 - 2014-01-16 17:53 - 00000000 ____D () C:\WINDOWS\pss
2014-01-16 17:49 - 2014-02-01 22:20 - 00000000 ____D () C:\Users\Arianna\AppData\Local\Deployment
2014-01-16 17:49 - 2014-01-16 17:49 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-01-16 14:26 - 2014-01-27 00:05 - 00000000 ____D () C:\Users\Arianna\Desktop\PCB2099
2014-01-16 13:25 - 2014-01-06 17:31 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-16 13:25 - 2014-01-06 17:31 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-15 12:25 - 2013-11-27 10:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 12:25 - 2013-11-27 06:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 12:25 - 2013-11-27 05:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 12:25 - 2013-11-27 04:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 12:25 - 2013-11-27 03:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 12:25 - 2013-11-27 03:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 12:25 - 2013-11-27 03:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 12:25 - 2013-11-27 03:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 12:25 - 2013-11-27 03:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 12:25 - 2013-11-27 03:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 12:24 - 2013-12-08 19:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-13 22:08 - 2014-02-02 01:28 - 00000000 ___DC () C:\WINDOWS\Panther
2014-01-13 22:08 - 2014-01-13 22:08 - 00000000 __SHD () C:\Recovery
2014-01-13 22:07 - 2014-01-13 22:07 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-13 22:07 - 2014-01-13 22:07 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-13 22:07 - 2014-01-13 22:07 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-13 22:07 - 2014-01-13 22:07 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-13 22:07 - 2014-01-13 22:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-13 22:06 - 2014-01-13 22:06 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-13 22:06 - 2014-01-13 22:06 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-13 22:06 - 2014-01-13 22:06 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-13 22:05 - 2014-01-13 22:05 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-13 22:02 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-13 22:02 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-13 22:02 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-13 22:02 - 2014-01-13 19:23 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-13 22:02 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-01-13 22:02 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-01-13 22:02 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-01-13 22:01 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-01-13 22:01 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-13 22:01 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-01-13 21:42 - 2014-01-13 21:42 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\TeamViewer
2014-01-13 21:04 - 2014-02-02 20:30 - 00000000 __RDO () C:\Users\Arianna\SkyDrive
2014-01-13 21:02 - 2014-01-13 21:02 - 00001444 _____ () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-13 21:01 - 2014-01-13 21:01 - 00000020 ___SH () C:\Users\Arianna\ntuser.ini
2014-01-13 19:33 - 2014-01-13 19:33 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-13 19:21 - 2014-01-13 19:21 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-01-13 19:21 - 2014-01-13 19:21 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-01-13 19:18 - 2014-01-13 19:18 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-13 19:17 - 2014-01-29 14:25 - 00000000 ____D () C:\Users\Arianna
2014-01-13 19:17 - 2014-01-13 19:33 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-01-13 19:17 - 2014-01-13 19:33 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-01-13 19:17 - 2014-01-13 19:18 - 00000000 ___RD () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-13 19:17 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-13 19:17 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-13 19:17 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-13 19:11 - 2014-01-13 19:11 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Program Files\Intel
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Intel
2014-01-13 19:10 - 2014-01-13 19:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-13 19:10 - 2014-01-13 19:10 - 00000000 ____D () C:\Program Files\Synaptics
2014-01-07 20:42 - 2014-01-29 12:40 - 00000000 ____D () C:\Users\Arianna\Desktop\PET3325
2014-01-06 21:22 - 2014-01-06 21:23 - 00079672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
 
==================== One Month Modified Files and Folders =======
 
2014-02-02 20:39 - 2014-02-02 20:39 - 00017694 _____ () C:\Users\Arianna\Desktop\FRST.txt
2014-02-02 20:39 - 2014-02-02 20:39 - 00000000 ____D () C:\FRST
2014-02-02 20:37 - 2013-05-21 13:29 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-930036279-2066950193-2326160759-1002
2014-02-02 20:30 - 2014-02-02 20:30 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-02 20:30 - 2014-02-02 20:30 - 00000690 _____ () C:\WINDOWS\system32\.crusader
2014-02-02 20:30 - 2014-02-02 20:30 - 00000372 _____ () C:\WINDOWS\system32\bootdelete.lst
2014-02-02 20:30 - 2014-02-02 20:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-02 20:30 - 2014-02-01 22:14 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-02 20:30 - 2014-01-13 21:04 - 00000000 __RDO () C:\Users\Arianna\SkyDrive
2014-02-02 20:24 - 2014-02-02 20:24 - 02080256 _____ (Farbar) C:\Users\Arianna\Desktop\FRST64.exe
2014-02-02 20:13 - 2013-06-23 12:43 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 20:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-02 19:51 - 2014-02-02 10:05 - 00214592 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-02 19:03 - 2014-02-02 01:33 - 00000000 ____D () C:\Users\Arianna\Desktop\Maintenance
2014-02-02 19:02 - 2014-02-01 22:14 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-02 18:44 - 2013-11-14 02:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-02 14:46 - 2013-06-23 12:43 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 14:46 - 2013-05-28 21:33 - 00000000 ___RD () C:\Users\Arianna\Dropbox
2014-02-02 14:46 - 2013-05-28 21:31 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Dropbox
2014-02-02 14:45 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-02 14:45 - 2013-05-21 13:22 - 00000000 ___RD () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-02 14:45 - 2013-05-21 13:22 - 00000000 ___RD () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-02 14:44 - 2014-02-02 14:44 - 00004188 _____ () C:\WINDOWS\PFRO.log
2014-02-02 14:44 - 2013-08-22 09:44 - 00484160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-02 14:43 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-02 14:43 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-02 14:43 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-02 14:43 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-02 14:43 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-02 14:43 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-02 14:43 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-02 14:30 - 2014-01-16 18:15 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98D836B5-FF24-4219-B744-F5CEA708AC75}
2014-02-02 14:23 - 2014-02-02 14:23 - 00000000 ____D () C:\Program Files\7-Zip
2014-02-02 14:20 - 2014-02-02 10:13 - 00001199 _____ () C:\WINDOWS\setupact.log
2014-02-02 10:13 - 2014-02-02 10:13 - 00000262 _____ () C:\WINDOWS\setuperr.log
2014-02-02 10:13 - 2014-02-02 10:13 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2014-02-02 10:13 - 2014-02-02 10:13 - 00000000 ____D () C:\iBTWU
2014-02-02 01:47 - 2013-05-21 13:21 - 00000000 ____D () C:\Users\Arianna\AppData\Local\VirtualStore
2014-02-02 01:46 - 2014-02-02 01:46 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-02-02 01:36 - 2014-02-01 22:02 - 00000000 ____D () C:\AdwCleaner
2014-02-02 01:32 - 2013-06-23 15:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-02 01:28 - 2014-01-13 22:08 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-02 01:28 - 2013-08-18 17:03 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\uTorrent
2014-02-02 01:19 - 2014-02-02 01:19 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-02-02 01:19 - 2014-02-02 01:19 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 01:16 - 2014-02-02 01:16 - 00000000 ____D () C:\SUPERDelete
2014-02-02 01:15 - 2014-02-02 01:15 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\SUPERAntiSpyware.com
2014-02-02 01:15 - 2014-02-02 01:14 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-02 01:14 - 2014-02-02 01:14 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-02-01 22:27 - 2013-06-23 13:21 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-02-01 22:20 - 2014-01-16 17:49 - 00000000 ____D () C:\Users\Arianna\AppData\Local\Deployment
2014-02-01 22:02 - 2014-02-01 22:02 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-01-30 00:02 - 2013-08-13 22:33 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\vlc
2014-01-29 22:29 - 2013-06-23 12:58 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-01-29 22:11 - 2014-01-29 22:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-01-29 22:11 - 2014-01-29 22:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-01-29 22:10 - 2014-01-29 22:08 - 13079688 _____ (Microsoft Corporation) C:\Users\Arianna\Desktop\Silverlight_x64.exe
2014-01-29 21:54 - 2014-01-29 21:52 - 05685732 _____ (Microsoft Corporation) C:\Users\Arianna\Desktop\C76D.tmp
2014-01-29 14:25 - 2014-01-29 14:25 - 00000000 ____D () C:\Users\Arianna\.android
2014-01-29 14:25 - 2014-01-29 14:25 - 00000000 _____ () C:\Users\Arianna\daemonprocess.txt
2014-01-29 14:25 - 2014-01-13 19:17 - 00000000 ____D () C:\Users\Arianna
2014-01-29 14:25 - 2013-11-12 21:27 - 00000000 ____D () C:\Users\Arianna\AppData\Local\cache
2014-01-29 12:40 - 2014-01-07 20:42 - 00000000 ____D () C:\Users\Arianna\Desktop\PET3325
2014-01-29 12:25 - 2013-06-16 01:07 - 00416256 ___SH () C:\Users\Arianna\Desktop\Thumbs.db
2014-01-27 22:41 - 2013-06-23 12:43 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-27 00:05 - 2014-01-16 14:26 - 00000000 ____D () C:\Users\Arianna\Desktop\PCB2099
2014-01-26 23:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-01-22 01:05 - 2014-01-22 00:01 - 923040303 _____ () C:\Users\Arianna\Desktop\Pretty.Little.Liars.S04E16.720p.HDTV.X264-DIMENSION.mkv
2014-01-22 00:02 - 2014-01-22 00:02 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 00:02 - 2013-10-27 22:15 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-22 00:02 - 2013-08-01 14:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-22 00:01 - 2014-01-22 00:01 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-18 20:16 - 2013-01-09 15:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-18 20:08 - 2013-05-21 13:21 - 00000000 ____D () C:\Users\Arianna\AppData\Local\Packages
2014-01-16 18:14 - 2013-01-09 16:24 - 00000000 ____D () C:\Program Files\IDT
2014-01-16 18:12 - 2013-01-09 16:24 - 00000000 ____D () C:\ProgramData\Dell
2014-01-16 17:53 - 2014-01-16 17:53 - 00000000 ____D () C:\WINDOWS\pss
2014-01-16 17:49 - 2014-01-16 17:49 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2014-01-16 15:43 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-01-16 13:23 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-16 13:23 - 2013-08-18 17:22 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-16 13:22 - 2013-05-22 20:05 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 13:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-01-13 22:08 - 2014-01-13 22:08 - 00000000 __SHD () C:\Recovery
2014-01-13 22:08 - 2013-08-22 10:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-01-13 22:07 - 2014-01-13 22:07 - 23183360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 17112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 12996608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 11221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 05769216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 04243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-01-13 22:07 - 2014-01-13 22:07 - 01928192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-01-13 22:07 - 2014-01-13 22:07 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 01157632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-01-13 22:07 - 2014-01-13 22:07 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-01-13 22:07 - 2014-01-13 22:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-01-13 22:07 - 2014-01-13 22:07 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 13177344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 11674624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-01-13 22:06 - 2014-01-13 22:06 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-01-13 22:06 - 2014-01-13 22:06 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-01-13 22:06 - 2014-01-13 22:06 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-01-13 22:06 - 2014-01-13 22:06 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-01-13 22:06 - 2014-01-13 22:06 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-01-13 22:06 - 2014-01-13 22:06 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-01-13 22:05 - 2014-01-13 22:05 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-01-13 22:02 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-01-13 22:02 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files\MSBuild
2014-01-13 22:02 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-01-13 21:42 - 2014-01-13 21:42 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\TeamViewer
2014-01-13 21:02 - 2014-01-13 21:02 - 00001444 _____ () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-13 21:01 - 2014-01-13 21:01 - 00000020 ___SH () C:\Users\Arianna\ntuser.ini
2014-01-13 19:35 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-01-13 19:33 - 2014-01-13 19:33 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-01-13 19:33 - 2014-01-13 19:17 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-01-13 19:33 - 2014-01-13 19:17 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-01-13 19:33 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-01-13 19:29 - 2013-08-22 10:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-01-13 19:29 - 2013-08-22 10:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-01-13 19:23 - 2014-01-13 22:02 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-01-13 19:23 - 2013-11-23 02:54 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStars
2014-01-13 19:23 - 2013-11-14 02:17 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-01-13 19:23 - 2013-09-14 20:19 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plex Media Center
2014-01-13 19:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-01-13 19:23 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-01-13 19:23 - 2013-05-28 21:32 - 00000000 ____D () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-13 19:23 - 2013-01-09 16:10 - 00000000 ____D () C:\WINDOWS\en
2014-01-13 19:21 - 2014-01-13 19:21 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-01-13 19:21 - 2014-01-13 19:21 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-01-13 19:21 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-01-13 19:21 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-01-13 19:21 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-01-13 19:21 - 2013-08-22 10:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-01-13 19:21 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Help
2014-01-13 19:21 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-01-13 19:21 - 2013-01-09 15:43 - 00000000 ____D () C:\ProgramData\PRICache
2014-01-13 19:21 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-01-13 19:20 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-01-13 19:20 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-13 19:18 - 2014-01-13 19:18 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-01-13 19:18 - 2014-01-13 19:17 - 00000000 ___RD () C:\Users\Arianna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-13 19:18 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-01-13 19:11 - 2014-01-13 19:11 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Program Files\Intel
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-01-13 19:11 - 2014-01-13 19:11 - 00000000 ____D () C:\Intel
2014-01-13 19:10 - 2014-01-13 19:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-01-13 19:10 - 2014-01-13 19:10 - 00000000 ____D () C:\Program Files\Synaptics
2014-01-13 19:09 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Default
2014-01-13 18:17 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-01-10 01:11 - 2014-01-22 00:09 - 3347435393 _____ () C:\Users\Arianna\Desktop\Enough.Said.2013.1080p.BluRay.DTS.x264-PublicHD.mkv
2014-01-07 20:46 - 2013-12-24 22:05 - 00000000 ____D () C:\Users\Arianna\Desktop\New folder
2014-01-07 14:57 - 2013-06-23 13:43 - 00000000 ____D () C:\Users\Arianna\Documents\School
2014-01-06 21:23 - 2014-01-06 21:22 - 00079672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-01-06 21:22 - 2013-06-23 12:58 - 01034464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-06 21:22 - 2013-06-23 12:58 - 00422216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-06 21:22 - 2013-06-23 12:58 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-06 21:22 - 2013-06-23 12:58 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-06 21:22 - 2013-06-23 12:58 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-06 21:22 - 2013-06-23 12:57 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-06 17:31 - 2014-01-16 13:25 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 17:31 - 2014-01-16 13:25 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-01 22:55
 
==================== End Of Log ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
Ran by Arianna at 2014-02-02 20:40:10
Running from C:\Users\Arianna\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.04) (x32 Version: 11.0.04 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (x32 Version: 9.0.2011 - Avast Software)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 9.10.0.1629 (Version: 9.10.0.1629 - Bullzip)
CCleaner (Version: 4.10 - Piriform)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (x32 Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Dell System Detect (HKCU Version: 5.4.0.4 - Dell)
Dell Touchpad (Version: 16.2.10.3 - Synaptics Incorporated)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Full Tilt Poker (x32 Version: 4.65.0.WIN.FullTilt.COM - )
Google Chrome (x32 Version: 32.0.1700.102 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HiJackThis (x32 Version: 1.0.0 - Trend Micro)
HitmanPro 3.7 (Version: 3.7.9.212 - SurfRight B.V.)
iCloud (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6426.0 - IDT)
Intel® Processor Graphics (x32 Version: 10.18.10.3379 - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Dell (Version: 3.4.6422.14 - PC-Doctor, Inc.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plex (HKCU Version: 0.9.504 - Plex, Inc)
Plex Media Server (x32 Version: 0.9.806 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.806 - Plex, Inc.) Hidden
PokerStars (x32 Version:  - PokerStars)
Quickset64 (Version: 11.1.003 - Dell Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Respondus LockDown Browser (x32 Version: 1.02.0001 - Respondus, Inc.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Splashtop Streamer (x32 Version: 2.4.5.2 - Splashtop Inc.)
Spybot - Search & Destroy (x32 Version: 1.6.2 - Safer Networking Limited)
SpywareBlaster 5.0 (x32 Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (Version: 5.7.1018 - SUPERAntiSpyware.com)
Update for Microsoft Office 2010 (KB2494150) (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version:  - Microsoft)
VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)
Widevine Media Optimizer Chrome 6.0.0 (HKCU Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (x32 Version: 6.0.0.12442 - Widevine Technologies)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
19-01-2014 01:16:09 Removed Dell Backup and Recovery
22-01-2014 05:01:50 Installed Java 7 Update 51
30-01-2014 05:30:26 Windows Update
02-02-2014 06:45:29 Installed HiJackThis
 
==================== Hosts content: ==========================
 
2012-07-26 00:26 - 2014-02-01 22:32 - 00450712 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1457D8DD-BFDE-4B05-86DB-DC3F1FD4CC00} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22FBEF61-D092-4D16-B3B1-D13FAA79A441} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-14] (Synaptics Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39BD9B3C-36CD-4C31-B6B7-ECCB495A020E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DFBEBB8-CECC-4517-8849-E7B6364FC5FF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {8100600C-D620-4B36-95EC-646CE77B2C37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {815CC084-BD16-403D-905A-2FCB184D2050} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-06] (PC-Doctor, Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A6578277-25ED-4583-9BA6-E756349C0699} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-06] (AVAST Software)
Task: {C50EE195-948F-4BC1-A27A-80B98D962366} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E0EE274A-C262-4655-94D7-0DAB358EC0A2} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F6C33560-AA84-4E9A-BA7D-49C63B24F778} - \AmiUpdXp No Task File
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-02 11:52 - 2014-02-02 04:38 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020200\algo.dll
2014-02-02 14:45 - 2014-02-02 12:10 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020201\algo.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-18 18:55 - 2013-10-18 18:55 - 25100288 _____ () C:\Users\Arianna\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-05 02:24 - 2013-12-05 02:24 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-29 22:26 - 2014-01-23 00:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 22:26 - 2014-01-23 00:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 22:26 - 2014-01-23 00:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 22:26 - 2014-01-23 00:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 22:26 - 2014-01-23 00:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Arianna\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Could not start eventlog service, could not read events.
 
The requested service has already been started.
 
More help is available by typing NET HELPMSG 2182.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 24%
Total physical RAM: 8058.5 MB
Available physical RAM: 6055.43 MB
Total Pagefile: 9338.5 MB
Available Pagefile: 7232.01 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:456.32 GB) (Free:171.46 GB) NTFS
Drive d: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.28 GB) NTFS
Drive g: (DATAPART1) (Fixed) (Total:29.82 GB) (Free:29.67 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 35663749)
 
Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 30 GB) (Disk ID: 5A3E5162)
Partition 1: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Sorry for the late reply, couldn't get to the PC until now. Below is the roguekiller log.  The link you gave me for the x64 version is dead, I found it on the website but it said that it was an outdated version, 8.8.3.  Anyway, the log is pasted below.

 

RogueKiller V8.8.3 _x64_ [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Arianna [Admin rights]
Mode : Scan -- Date : 02/03/2014 23:04:49
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[sCREENSVR][sUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Users\Arianna\Desktop\dds.scr [x]) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD5000LPVT-75G33T0 +++++
--- User ---
[MBR] 6bb154bf63bc4457ed2aa7b98bbcaa7a
[bSP] d8c5f97494c02ae719dc42bb325b3d9a : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ SCSI) Micron C400 RealSSD mSATA 32GB +++++
--- User ---
[MBR] 86258291cd2186eaafcd990e917ee018
[bSP] efdf24977e4138762f2e847b9a2b349e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 30531 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_02032014_230449.txt >>
Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.