Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Deals Finder Pro


  • This topic is locked This topic is locked
18 replies to this topic

#1 uniquewoman

uniquewoman

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 02:03 PM

HI please can someone help me,this malware has pretty much taken over my laptop, it has attached itself as an extension to Chrome and no matter what I have tried I cannot remove it, 

 

Every where I have looked is giving me instructions for what looks like Windows 7

 

Please can someone tell me how to remove this

 

Thanks x



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 02:52 PM

Hello,
 
since this is about a Chrome extension a DDS log will not bring us anywhere.
So please don't follow the instructions in the preparation guide but run a FRST scan instead:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 03:21 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2014 01
Ran by Niki at 2014-02-26 20:18:11
Running from C:\Users\Niki\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
calibre (HKLM-x32\...\{4D9EE5BD-93DF-4473-9F57-E73E9F36DC84}) (Version: 0.9.38 - Kovid Goyal)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2817 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Dropbox (HKCU\...\Dropbox) (Version: 2.4.6 - Dropbox, Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - http://www.FlashGet.com)
FlashGet3.7 (HKLM-x32\...\FlashGet3.7) (Version: 3.7.0.1203 - http://www.FlashGet.com)
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.212 - SurfRight B.V.)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.0.10.45 - SurfRight B.V.)
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{5AAB470B-88CE-4158-AEF1-EB8DAB4CDFCF}) (Version: 1.2.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 8.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.11.0 - HTC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.12.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PDF Creator Packages (HKCU\...\PDF Creator Packages) (Version:  - ) <==== ATTENTION
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Rapport (x32 Version: 3.5.1304.48 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Sky Go Desktop (HKCU\...\2115394781.go.sky.com) (Version:  - go.sky.com)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1304.48 - Trusteer)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Viber (HKCU\...\Viber) (Version: 3.0.0.133634 - Viber Media Inc)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
03-02-2014 22:20:40 Installed Rapport
13-02-2014 00:05:45 Windows Update
16-02-2014 14:14:56 Windows Update
18-02-2014 18:49:36 Installed HP Support Assistant
21-02-2014 23:27:23 Windows Update
23-02-2014 16:47:02 Installed AVG 2014
23-02-2014 16:48:03 Installed AVG 2014
26-02-2014 16:46:33 Installed SpyHunter
 
==================== Hosts content: ==========================
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {20557D58-D9EB-4246-BDFD-9DA1F25C7DD0} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2013-08-31] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2700D823-EE8B-44C2-AD53-A38A749C2ACA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {28E9211F-0D2C-453E-BF6B-56535B49BEF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-29] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37E80F5D-FBE9-4CEB-8823-37542A8D7BDC} - System32\Tasks\Digital Sites => C:\Users\Niki\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {45C934F8-9CCD-4CDF-9123-42F89D3D5582} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {66C4C9F7-5E68-4AEA-93A4-B8510F89475F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F1A946A-A96D-42BF-83CF-0C431B169E26} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {82CCF258-B2BF-4EF5-8F63-FAE0CAB0E2B5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-19] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93C30F0F-689A-466E-A149-D8D791301EF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-29] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B6C3768B-AD1E-4599-8B88-0D84B66EDB8B} - \DSite No Task File
Task: {C30A0570-E9D4-41B6-A7FE-A3614C554B8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CAE1EB2C-AEC3-4564-88C9-611110F58F9A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-15] (Synaptics Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Niki\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNiki.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-11-14 21:32 - 2013-11-14 21:32 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-08-12 14:19 - 2013-08-31 21:42 - 09186960 _____ () C:\Program Files\pia_manager\pia_manager.exe
2012-12-14 01:42 - 2012-12-14 01:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-12 16:22 - 2012-10-12 16:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 16:22 - 2012-10-12 16:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 16:22 - 2012-10-12 16:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-10-18 00:39 - 2013-10-18 00:39 - 00120224 _____ () C:\Users\Niki\AppData\Local\assembly\dl3\5P1XPV0Q.EER\D7CJLZT5.8P3\1c2aeeaf\004b58b8_95a8cd01\HPItunesModule.DLL
2013-08-12 14:19 - 2013-08-31 21:42 - 00176128 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2013-08-12 14:19 - 2013-08-31 21:42 - 00510464 _____ () C:\Program Files\pia_manager\openvpn.exe
2013-08-31 11:57 - 2014-02-03 22:27 - 01125592 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2013-11-14 21:30 - 2013-11-14 21:30 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-11-14 21:33 - 2013-11-14 21:33 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-11-14 21:34 - 2013-11-14 21:34 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2012-06-27 14:09 - 2012-06-27 14:09 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2012-11-02 14:15 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-02-26 19:39 - 2014-02-26 19:39 - 00012800 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-02-26 19:39 - 2014-02-26 19:39 - 00009728 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-02-26 19:39 - 2014-02-26 19:39 - 00014848 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-02-26 19:39 - 2014-02-26 19:39 - 00094208 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\src\rgloader\rgloader193.mswin.so
2014-02-26 19:40 - 2014-02-26 19:40 - 00009216 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-02-26 19:39 - 2014-02-26 19:39 - 00094208 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-02-26 19:40 - 2014-02-26 19:40 - 00126976 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-02-26 19:40 - 2014-02-26 19:40 - 00087552 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-02-26 19:40 - 2014-02-26 19:40 - 00029184 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-02-26 19:40 - 2014-02-26 19:41 - 00027648 _____ () C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.4.8-x86-mingw32\lib\win32\ruby19\win32\api.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00012800 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00009728 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00014848 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00094208 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\src\rgloader\rgloader193.mswin.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00094208 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00118784 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00120832 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00026624 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00274944 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2014-02-26 19:42 - 2014-02-26 19:42 - 02163940 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\bin\libeay32-1.0.0-msvcrt.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00459458 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\bin\ssleay32-1.0.0-msvcrt.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00104448 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\bin\ZLIB1.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00015360 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00008192 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00009216 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00023552 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00008704 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00008704 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00008704 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00008704 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00036352 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00126976 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00087552 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00029184 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2014-02-26 19:42 - 2014-02-26 19:42 - 00027648 _____ () C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.4.8-x86-mingw32\lib\win32\ruby19\win32\api.so
2013-08-12 14:19 - 2013-08-31 21:42 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00376832 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2013-08-12 14:19 - 2013-08-31 21:42 - 00090112 _____ () C:\Program Files\pia_manager\lzo2.dll
2013-12-05 13:44 - 2013-12-04 02:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 13:44 - 2013-12-04 02:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 13:44 - 2013-12-04 02:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 13:44 - 2013-12-04 02:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 13:44 - 2013-12-04 02:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2014-02-13 00:35 - 2014-02-13 00:35 - 00181760 _____ () C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.206.433.3_0\plugin\ace.dll
2013-12-05 13:44 - 2013-12-04 02:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Niki\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Niki\SkyDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/26/2014 07:41:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.13.1003, time stamp: 0x50c7baa0
Faulting module name: IAStorUtil.ni.dll, version: 11.5.13.1003, time stamp: 0x50c7ba9d
Exception code: 0xc0000005
Fault offset: 0x0002f40d
Faulting process ID: 0x4b0
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report ID: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5
 
Error: (02/26/2014 07:41:16 PM) (Source: .NET Runtime) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (02/26/2014 07:21:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.13.1003, time stamp: 0x50c7baa0
Faulting module name: IAStorUtil.ni.dll, version: 11.5.13.1003, time stamp: 0x50c7ba9d
Exception code: 0xc0000005
Fault offset: 0x0002f40d
Faulting process ID: 0x13a8
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report ID: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5
 
Error: (02/26/2014 07:21:55 PM) (Source: .NET Runtime) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (02/26/2014 07:16:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: NIKI)
Description: Activation of application microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/26/2014 06:48:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
 
Error: (02/26/2014 06:48:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
 
Error: (02/26/2014 06:48:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
 
Error: (02/26/2014 06:48:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
 
Error: (02/26/2014 06:42:36 PM) (Source: Application Hang) (User: )
Description: The program LiveComm.exe version 17.5.9600.20315 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e60
 
Start Time: 01cf3321825b835a
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 7a22f2b9-9f15-11e3-bed0-38eaa7eb8f85
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
 
System errors:
=============
Error: (02/26/2014 07:41:30 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/26/2014 07:38:42 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error: 
%%1053
 
Error: (02/26/2014 07:38:42 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
 
Error: (02/26/2014 07:22:04 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/26/2014 07:18:11 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error: 
%%1053
 
Error: (02/26/2014 07:18:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
 
Error: (02/26/2014 07:16:34 PM) (Source: DCOM) (User: NIKI)
Description: Microsoft.WindowsLive.Mail.AppXchpnq3xrg3grbgjnhp88jn3v9r1xskxr.mca
 
Error: (02/26/2014 06:38:40 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
 
Error: (02/26/2014 06:35:03 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%2
 
Error: (02/26/2014 06:35:03 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (02/26/2014 07:41:18 PM) (Source: Application Error)(User: )
Description: IAStorDataMgrSvc.exe11.5.13.100350c7baa0IAStorUtil.ni.dll11.5.13.100350c7ba9dc00000050002f40d4b001cf332ab0819bd7C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\494bba74a01ab3dfa5cd9204620d8728\IAStorUtil.ni.dllf5a0652e-9f1d-11e3-bed2-38eaa7eb8f85
 
Error: (02/26/2014 07:41:16 PM) (Source: .NET Runtime)(User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (02/26/2014 07:21:56 PM) (Source: Application Error)(User: )
Description: IAStorDataMgrSvc.exe11.5.13.100350c7baa0IAStorUtil.ni.dll11.5.13.100350c7ba9dc00000050002f40d13a801cf3327ece8411dC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\494bba74a01ab3dfa5cd9204620d8728\IAStorUtil.ni.dll40ff0d68-9f1b-11e3-bed1-38eaa7eb8f85
 
Error: (02/26/2014 07:21:55 PM) (Source: .NET Runtime)(User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (02/26/2014 07:16:39 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: NIKI)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
 
Error: (02/26/2014 06:48:51 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/26/2014 06:48:49 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/26/2014 06:48:34 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/26/2014 06:48:34 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/26/2014 06:42:36 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20315e6001cf3321825b835a4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe7a22f2b9-9f15-11e3-bed0-38eaa7eb8f85microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-26 20:08:45.027
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-26 19:54:53.357
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\hmpalert.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-26 19:43:40.311
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\hmpalert.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-02-16 20:13:17.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-16 20:12:12.627
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-16 20:12:12.566
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-16 20:12:12.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-16 20:12:12.280
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-16 20:11:24.683
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-02-16 20:11:24.625
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 42%
Total physical RAM: 6034.27 MB
Available physical RAM: 3474.26 MB
Total Pagefile: 6994.27 MB
Available Pagefile: 4170.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:443.42 GB) (Free:298.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.23 GB) (Free:2.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 37A9A33F)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014 01
Ran by Niki (administrator) on NIKI on 26-02-2014 20:16:11
Running from C:\Users\Niki\Downloads
Windows 8.1 (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(http://www.ruby-lang.org/) C:\Users\Niki\AppData\Local\Temp\ocrD987.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(http://www.ruby-lang.org/) C:\Users\Niki\AppData\Local\Temp\ocrA067.tmp\bin\rubyw.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Niki\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ADAiO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\ADAiO2MUI.exe [2779136 2010-12-08] (DSGi)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-06-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [FlashGet 3] - C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe [3090056 2012-03-15] (Trend Media Corporation Limited)
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [Viber] - C:\Users\Niki\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [AVG-Secure-Search-Update_0214c] - C:\Users\Niki\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=19ba6e0992b847d29d75e9a3e10f6676-43f4372a9079de500ac1e8e86da482920ce946a7 /CMPID=0214c
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\MountPoints2: {ac0bac33-72ec-11e3-bebf-38eaa7eb8f85} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\MountPoints2: {fc6e6182-1d17-11e3-be9c-38eaa7eb8f85} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-359620597-1969577201-256310000-501\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
Startup: C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Niki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/2
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Niki\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.yahoo.co.uk/
CHR RestoreOnStartup: "", "hxxp://www.yahoo.co.uk/"
CHR DefaultSearchKeyword: uk.yahoo.com
CHR DefaultSearchProvider: Yahoo! UK & Ireland
CHR DefaultNewTabURL: 
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2013-10-29]
CHR Extension: (Google Docs) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (YouTube) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-29]
CHR Extension: (Google Search) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Google Calendar) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-10-29]
CHR Extension: (AdBlock) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-21]
CHR Extension: (FlashBlock) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-29]
CHR Extension: (Disconnect) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2013-10-29]
CHR Extension: (TXTfilesConnvert) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjphlpieajlhbgnjacdnpbkcjinggdi [2014-02-20]
CHR Extension: (We Are Tennis) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmdeepeooimedpakfaiahicgilkifef [2013-10-29]
CHR Extension: (Hangouts) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-11-19]
CHR Extension: (Google Wallet) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2014-02-26] (SurfRight B.V.)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-02-10] (Trusteer Ltd.)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-18] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R2 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [17416 2014-02-26] ()
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-16] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-10-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282712 2014-02-10] (Trusteer Ltd.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [273592 2014-02-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-02-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-02-10] (Trusteer Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-15] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-26 20:16 - 2014-02-26 20:17 - 00021239 _____ () C:\Users\Niki\Downloads\FRST.txt
2014-02-26 20:15 - 2014-02-26 20:16 - 00000000 ____D () C:\FRST
2014-02-26 20:12 - 2014-02-26 20:12 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64 (1).exe
2014-02-26 20:11 - 2014-02-26 20:11 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64.exe
2014-02-26 19:55 - 2014-02-26 19:55 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-26 19:55 - 2014-02-26 19:55 - 00000348 _____ () C:\WINDOWS\system32\bootdelete.lst
2014-02-26 19:46 - 2014-02-26 19:46 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-26 19:46 - 2014-02-26 19:46 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-26 19:45 - 2014-02-26 19:45 - 10820032 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro_x64.exe
2014-02-26 19:44 - 2014-02-26 19:55 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-26 19:43 - 2014-02-26 19:44 - 09988304 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro.exe
2014-02-26 19:42 - 2014-02-26 19:42 - 00564312 _____ (SurfRight) C:\WINDOWS\SysWOW64\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00518480 _____ (SurfRight) C:\WINDOWS\system32\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00017416 _____ () C:\WINDOWS\system32\Drivers\hmpalert.sys
2014-02-26 19:42 - 2014-02-26 19:42 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-26 19:41 - 2014-02-26 19:41 - 01830768 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\hmpalert.exe
2014-02-26 19:23 - 2014-02-26 19:23 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\Malwarebytes
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 19:22 - 2014-02-26 19:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-26 19:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-26 19:14 - 2014-02-26 19:16 - 00000000 ____D () C:\AdwCleaner
2014-02-26 19:13 - 2014-02-26 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-26 19:12 - 2014-02-26 19:13 - 01241834 _____ () C:\Users\Niki\Downloads\adwcleaner.exe
2014-02-26 18:47 - 2014-02-26 18:48 - 02347384 _____ (ESET) C:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
2014-02-26 18:34 - 2014-02-26 19:38 - 00013664 _____ () C:\WINDOWS\PFRO.log
2014-02-26 17:01 - 2014-02-26 17:26 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-26 16:56 - 2014-02-26 16:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Niki\Downloads\SpyHunter-Installer (4).exe
2014-02-23 16:50 - 2014-02-23 16:50 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\TuneUp Software
2014-02-23 16:48 - 2014-02-26 18:34 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-23 16:44 - 2014-02-26 18:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-23 16:44 - 2014-02-23 16:44 - 04462384 _____ (AVG Technologies) C:\Users\Niki\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Users\Niki\AppData\Local\MFAData
2014-02-20 13:21 - 2014-02-23 17:21 - 00000000 ____D () C:\ProgramData\TXTfilesConnvert
2014-02-20 13:21 - 2014-02-20 13:21 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 13:21 - 2014-02-20 13:21 - 00000000 ____D () C:\ProgramData\ldjphlpieajlhbgnjacdnpbkcjinggdi
2014-02-18 18:53 - 2014-02-18 18:53 - 00002233 _____ () C:\Users\Niki\Desktop\HP Support Assistant.lnk
2014-02-18 18:49 - 2014-02-18 18:49 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-16 13:02 - 2013-11-27 15:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 13:02 - 2013-11-27 15:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 13:02 - 2013-11-27 14:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 13:02 - 2013-11-27 13:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 13:02 - 2013-11-27 12:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 13:02 - 2013-11-27 10:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 13:02 - 2013-11-27 09:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 13:02 - 2013-11-27 09:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 13:02 - 2013-11-27 09:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 13:02 - 2013-11-27 08:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 13:02 - 2013-11-27 08:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 13:02 - 2013-11-26 13:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 13:02 - 2013-11-26 13:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 13:02 - 2013-11-26 13:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 13:02 - 2013-11-26 13:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 13:02 - 2013-11-26 11:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 13:02 - 2013-11-26 11:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 13:02 - 2013-11-26 11:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 13:02 - 2013-11-26 10:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 13:02 - 2013-11-26 09:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 13:02 - 2013-11-26 08:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 13:02 - 2013-11-25 01:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 13:02 - 2013-11-25 01:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 13:02 - 2013-11-24 23:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 13:02 - 2013-11-23 12:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 13:02 - 2013-11-23 11:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 13:02 - 2013-11-23 08:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 13:02 - 2013-11-23 07:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 13:02 - 2013-11-23 04:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 13:02 - 2013-11-23 03:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 13:02 - 2013-11-23 03:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 13:02 - 2013-11-23 03:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 13:02 - 2013-11-23 03:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 13:02 - 2013-11-23 03:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 13:02 - 2013-11-23 03:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 13:02 - 2013-11-21 06:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 13:02 - 2013-11-16 05:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 13:02 - 2013-11-15 18:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 13:02 - 2013-11-15 14:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 13:02 - 2013-11-15 14:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 13:02 - 2013-11-15 14:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 13:02 - 2013-11-15 13:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 13:02 - 2013-11-05 20:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 13:02 - 2013-10-31 00:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 13:01 - 2013-12-09 00:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 13:01 - 2013-12-09 00:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 13:01 - 2013-11-27 10:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 13:01 - 2013-11-27 10:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 13:01 - 2013-11-27 09:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 13:01 - 2013-11-27 04:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 13:01 - 2013-11-24 23:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 13:01 - 2013-11-23 07:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 13:01 - 2013-11-23 07:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 13:01 - 2013-11-21 06:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 13:01 - 2013-10-30 23:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-13 00:31 - 2013-12-09 00:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 00:31 - 2013-12-08 23:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 00:29 - 2014-01-07 07:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 00:29 - 2014-01-07 05:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 00:29 - 2014-01-04 20:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 00:29 - 2014-01-04 19:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 00:29 - 2014-01-04 14:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 00:29 - 2014-01-04 14:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 00:29 - 2014-01-04 13:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 00:29 - 2014-01-04 13:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 00:29 - 2014-01-04 13:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 00:29 - 2014-01-04 13:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 00:29 - 2013-12-21 02:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 00:29 - 2013-12-21 02:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 00:29 - 2013-12-20 10:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 00:29 - 2013-12-20 06:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 00:01 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 00:01 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 00:01 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 00:01 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 00:01 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 00:01 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 00:01 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 00:01 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 00:01 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 00:01 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 00:01 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 00:01 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 00:01 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 00:01 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 00:01 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 00:01 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 00:01 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 00:01 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 00:01 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 00:01 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 00:01 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 00:01 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 00:01 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 00:01 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 00:01 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 00:01 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 00:01 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 00:01 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 00:01 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 00:01 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 00:01 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 00:01 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 00:01 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 00:01 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 00:01 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 00:01 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 00:01 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 00:01 - 2014-01-07 05:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 00:01 - 2014-01-07 04:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 00:01 - 2013-12-09 00:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 00:01 - 2013-12-08 23:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 00:01 - 2013-11-21 06:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 00:01 - 2013-11-21 05:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 00:00 - 2013-12-09 02:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 00:00 - 2013-12-09 01:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 23:59 - 2014-01-09 08:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 23:59 - 2014-01-09 07:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 23:59 - 2014-01-09 07:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 23:59 - 2014-01-09 07:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 23:59 - 2014-01-09 07:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 23:59 - 2014-01-09 07:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 23:59 - 2014-01-09 07:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 23:59 - 2014-01-09 07:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 23:59 - 2014-01-09 07:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 23:59 - 2014-01-09 07:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-05 08:56 - 2014-02-05 09:00 - 00013312 _____ () C:\Users\Niki\Downloads\tenant reps.xls
2014-02-03 00:36 - 2014-02-26 19:36 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-02-03 00:36 - 2014-02-03 00:36 - 00002636 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
2014-02-02 11:02 - 2014-02-02 11:02 - 03156398 _____ () C:\Users\Niki\Downloads\2b181007c7efda076bf8ef7f2a0dedce.mp4
2014-01-30 19:32 - 2014-01-30 19:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 11176448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\WINDOWS\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-01-29 18:30 - 2014-01-29 18:30 - 00014183 _____ () C:\Users\Niki\Desktop\admins.odt
2014-01-28 22:24 - 2014-02-11 09:30 - 00000000 ____D () C:\Users\Niki\Desktop\New folder (3)
2014-01-28 10:11 - 2014-01-28 10:11 - 05163008 _____ () C:\Users\Niki\Downloads\from_the_World.pps
 
==================== One Month Modified Files and Folders =======
 
2014-02-26 20:17 - 2014-02-26 20:16 - 00021239 _____ () C:\Users\Niki\Downloads\FRST.txt
2014-02-26 20:16 - 2014-02-26 20:15 - 00000000 ____D () C:\FRST
2014-02-26 20:12 - 2014-02-26 20:12 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64 (1).exe
2014-02-26 20:11 - 2014-02-26 20:11 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64.exe
2014-02-26 20:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-26 20:00 - 2013-03-24 12:36 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-359620597-1969577201-256310000-1001
2014-02-26 19:58 - 2013-10-18 00:33 - 01100358 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-26 19:55 - 2014-02-26 19:55 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-26 19:55 - 2014-02-26 19:55 - 00000348 _____ () C:\WINDOWS\system32\bootdelete.lst
2014-02-26 19:55 - 2014-02-26 19:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-26 19:55 - 2013-08-14 20:59 - 00000000 ____D () C:\Users\Guest\Desktop\New folder
2014-02-26 19:46 - 2014-02-26 19:46 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-26 19:46 - 2014-02-26 19:46 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-26 19:45 - 2014-02-26 19:45 - 10820032 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro_x64.exe
2014-02-26 19:44 - 2014-02-26 19:43 - 09988304 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro.exe
2014-02-26 19:42 - 2014-02-26 19:42 - 00564312 _____ (SurfRight) C:\WINDOWS\SysWOW64\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00518480 _____ (SurfRight) C:\WINDOWS\system32\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00017416 _____ () C:\WINDOWS\system32\Drivers\hmpalert.sys
2014-02-26 19:42 - 2014-02-26 19:42 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-26 19:42 - 2013-10-29 10:26 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 19:41 - 2014-02-26 19:41 - 01830768 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\hmpalert.exe
2014-02-26 19:39 - 2014-01-01 19:13 - 00000000 ____D () C:\Users\Niki\AppData\Local\HTC MediaHub
2014-02-26 19:39 - 2013-11-23 17:17 - 00000000 __RDO () C:\Users\Niki\SkyDrive
2014-02-26 19:39 - 2013-10-29 10:26 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-26 19:39 - 2013-10-29 10:26 - 00000900 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 19:38 - 2014-02-26 18:34 - 00013664 _____ () C:\WINDOWS\PFRO.log
2014-02-26 19:38 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-26 19:36 - 2014-02-03 00:36 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-02-26 19:23 - 2014-02-26 19:23 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\Malwarebytes
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 19:23 - 2014-02-26 19:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-26 19:17 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-26 19:16 - 2014-02-26 19:14 - 00000000 ____D () C:\AdwCleaner
2014-02-26 19:13 - 2014-02-26 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-26 19:13 - 2014-02-26 19:12 - 01241834 _____ () C:\Users\Niki\Downloads\adwcleaner.exe
2014-02-26 18:48 - 2014-02-26 18:47 - 02347384 _____ (ESET) C:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
2014-02-26 18:36 - 2013-07-27 17:36 - 00000191 _____ () C:\Users\Niki\AppData\Roaming\WB.CFG
2014-02-26 18:34 - 2014-02-23 16:48 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-26 18:34 - 2014-02-23 16:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-26 18:28 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-26 18:28 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-26 17:26 - 2014-02-26 17:01 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-26 16:56 - 2014-02-26 16:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Niki\Downloads\SpyHunter-Installer (4).exe
2014-02-26 16:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-26 09:46 - 2013-09-09 18:38 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\ViberPC
2014-02-26 09:46 - 2013-09-09 18:38 - 00000000 ____D () C:\Users\Niki\AppData\Local\Viber
2014-02-26 02:17 - 2013-03-24 15:31 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\vlc
2014-02-25 23:00 - 2013-03-30 20:25 - 01017344 ___SH () C:\Users\Niki\Desktop\Thumbs.db
2014-02-23 17:21 - 2014-02-20 13:21 - 00000000 ____D () C:\ProgramData\TXTfilesConnvert
2014-02-23 16:50 - 2014-02-23 16:50 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\TuneUp Software
2014-02-23 16:44 - 2014-02-23 16:44 - 04462384 _____ (AVG Technologies) C:\Users\Niki\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Users\Niki\AppData\Local\MFAData
2014-02-20 18:02 - 2013-09-30 04:11 - 00958356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-20 13:22 - 2013-12-22 23:58 - 00000000 ____D () C:\ProgramData\6580816f9461f728
2014-02-20 13:21 - 2014-02-20 13:21 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 13:21 - 2014-02-20 13:21 - 00000000 ____D () C:\ProgramData\ldjphlpieajlhbgnjacdnpbkcjinggdi
2014-02-20 13:21 - 2013-08-22 15:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-02-20 13:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-02-19 19:06 - 2013-08-17 15:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-19 19:03 - 2013-03-24 13:55 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-18 18:54 - 2013-10-18 00:13 - 00000000 ____D () C:\Users\Niki
2014-02-18 18:54 - 2013-04-01 11:13 - 00000338 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForNiki.job
2014-02-18 18:53 - 2014-02-18 18:53 - 00002233 _____ () C:\Users\Niki\Desktop\HP Support Assistant.lnk
2014-02-18 18:53 - 2012-10-27 16:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-18 18:51 - 2012-10-27 16:22 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-18 18:49 - 2014-02-18 18:49 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-18 18:47 - 2012-10-27 16:36 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-18 18:46 - 2012-08-04 00:02 - 00000000 ____D () C:\SWSetup
2014-02-17 21:00 - 2013-08-22 15:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 21:00 - 2013-08-22 15:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 16:43 - 2013-04-15 10:21 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-02-16 21:25 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-16 18:00 - 2013-03-24 12:29 - 00000000 ___RD () C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 18:00 - 2013-03-24 12:29 - 00000000 ___RD () C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 17:59 - 2013-08-22 14:44 - 00405576 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-16 17:55 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 17:55 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-16 17:55 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-15 22:19 - 2013-08-12 14:28 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\transmission
2014-02-13 07:58 - 2013-04-15 10:21 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-11 09:30 - 2014-01-28 22:24 - 00000000 ____D () C:\Users\Niki\Desktop\New folder (3)
2014-02-10 11:35 - 2013-08-31 11:57 - 00273592 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2014-02-10 11:35 - 2013-08-31 11:56 - 00316312 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2014-02-06 12:16 - 2014-02-13 00:01 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-13 00:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-13 00:01 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-13 00:01 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-13 00:01 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-13 00:01 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 00:01 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-13 00:01 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-13 00:01 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-13 00:01 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-13 00:01 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-13 00:01 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-13 00:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-13 00:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-13 00:01 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 10:11 - 2014-02-13 00:01 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-13 00:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-13 00:01 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-13 00:01 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-13 00:01 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-13 00:01 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-13 00:01 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 09:50 - 2014-02-13 00:01 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 09:47 - 2014-02-13 00:01 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-13 00:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-13 00:01 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-13 00:01 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-13 00:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 09:22 - 2014-02-13 00:01 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-13 00:01 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-13 00:01 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-13 00:01 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-13 00:01 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-13 00:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-13 00:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-13 00:01 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-13 00:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 09:05 - 2012-09-11 09:08 - 00000000 ____D () C:\Users\Niki\Desktop\Tenants Association
2014-02-05 09:00 - 2014-02-05 08:56 - 00013312 _____ () C:\Users\Niki\Downloads\tenant reps.xls
2014-02-03 00:36 - 2014-02-03 00:36 - 00002636 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
2014-02-02 11:02 - 2014-02-02 11:02 - 03156398 _____ () C:\Users\Niki\Downloads\2b181007c7efda076bf8ef7f2a0dedce.mp4
2014-02-02 01:56 - 2013-06-13 14:37 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\Skype
2014-02-01 11:36 - 2013-06-15 13:37 - 00000005 _____ () C:\Users\Niki\AppData\Roaming\WBPU-TTL.DAT
2014-01-30 19:52 - 2013-12-24 11:03 - 00000000 ____D () C:\ProgramData\DealsFinderPro
2014-01-30 19:32 - 2014-01-30 19:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 11176448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\WINDOWS\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 12859392 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 11049472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 09007616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00384512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00110592 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00064000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2014-01-29 18:30 - 2014-01-29 18:30 - 00014183 _____ () C:\Users\Niki\Desktop\admins.odt
2014-01-28 10:11 - 2014-01-28 10:11 - 05163008 _____ () C:\Users\Niki\Downloads\from_the_World.pps
 
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1612.dll
 
 
Some content of TEMP:
====================
C:\Users\Niki\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-26 08:54
 
==================== End Of Log ============================

As requested, I have already used all sorts of removal tools, but it is still there x



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 03:37 PM

Ok. How is the situation after the following fix? Which problems still persist?


Please download this attached Attached File  fixlist.txt   940bytes   5 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to same location the tool was run from.
    Please copy and paste its contents in your next reply.


#5 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 03:45 PM

Does not download anything, just gives me the following

 

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
CHR Extension: (TXTfilesConnvert) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjphlpieajlhbgnjacdnpbkcjinggdi [2014-02-20]
2014-02-20 13:21 - 2014-02-23 17:21 - 00000000 ____D () C:\ProgramData\TXTfilesConnvert
2014-02-20 13:21 - 2014-02-20 13:21 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 13:21 - 2014-02-20 13:21 - 00000000 ____D () C:\ProgramData\ldjphlpieajlhbgnjacdnpbkcjinggdi
2014-01-30 19:52 - 2013-12-24 11:03 - 00000000 ____D () C:\ProgramData\DealsFinderPro
2014-02-03 00:36 - 2014-02-26 19:36 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-02-03 00:36 - 2014-02-03 00:36 - 00002636 _____ () C:\WINDOWS\System32\Tasks\Digital Sites


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 03:53 PM

Then right-click on it and choose save as (or something similar) to download the file.

#7 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 03:58 PM

it wont lol, no save when I right click, just wants to open the link and when I do I get the above report



#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 04:05 PM

Ok, then we do it this way:


Press the [Windows] + R keys on your keyboard together, write "notepad" into the opening text field and click OK.
  • Copy and Paste the following code and paste it into the Notepad-windows:
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
    CHR Extension: (TXTfilesConnvert) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjphlpieajlhbgnjacdnpbkcjinggdi [2014-02-20]
    2014-02-20 13:21 - 2014-02-23 17:21 - 00000000 ____D () C:\ProgramData\TXTfilesConnvert
    2014-02-20 13:21 - 2014-02-20 13:21 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-02-20 13:21 - 2014-02-20 13:21 - 00000000 ____D () C:\ProgramData\ldjphlpieajlhbgnjacdnpbkcjinggdi
    2014-01-30 19:52 - 2013-12-24 11:03 - 00000000 ____D () C:\ProgramData\DealsFinderPro
    2014-02-03 00:36 - 2014-02-26 19:36 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
    2014-02-03 00:36 - 2014-02-03 00:36 - 00002636 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
  • Save the file under the name fixlist.txt in your Download-directory (C:\Users\Niki\Downloads).
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to same location the tool was run from.
    Please copy and paste its contents in your next reply.


#9 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 04:13 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-02-2014 01
Ran by Niki at 2014-02-26 21:12:08 Run:1
Running from C:\Users\Niki\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
CHR Extension: (TXTfilesConnvert) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjphlpieajlhbgnjacdnpbkcjinggdi [2014-02-20]
2014-02-20 13:21 - 2014-02-23 17:21 - 00000000 ____D () C:\ProgramData\TXTfilesConnvert
2014-02-20 13:21 - 2014-02-20 13:21 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-20 13:21 - 2014-02-20 13:21 - 00000000 ____D () C:\ProgramData\ldjphlpieajlhbgnjacdnpbkcjinggdi
2014-01-30 19:52 - 2013-12-24 11:03 - 00000000 ____D () C:\ProgramData\DealsFinderPro
2014-02-03 00:36 - 2014-02-26 19:36 - 00000298 _____ () C:\WINDOWS\Tasks\Digital Sites.job
2014-02-03 00:36 - 2014-02-03 00:36 - 00002636 _____ () C:\WINDOWS\System32\Tasks\Digital Sites
*****************
 
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24] directory not found.
C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjphlpieajlhbgnjacdnpbkcjinggdi => Moved successfully.
C:\ProgramData\TXTfilesConnvert => Moved successfully.
C:\ProgramData\ntuser.pol => Moved successfully.
C:\ProgramData\ldjphlpieajlhbgnjacdnpbkcjinggdi => Moved successfully.
C:\ProgramData\DealsFinderPro => Moved successfully.
C:\WINDOWS\Tasks\Digital Sites.job => Moved successfully.
C:\WINDOWS\System32\Tasks\Digital Sites => Moved successfully.
 
 
 
Is this what you wanted? not sure I did it right lol


#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 04:19 PM

Yes you did it right! :thumbup2:


Please restart your computer now and run a FRST scan again:


Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#11 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 04:32 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014 01
Ran by Niki (administrator) on NIKI on 26-02-2014 21:28:54
Running from C:\Users\Niki\Downloads
Windows 8.1 (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(http://www.ruby-lang.org/) C:\Users\Niki\AppData\Local\Temp\ocrC488.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\Niki\AppData\Local\Temp\ocr24E3.tmp\bin\rubyw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.16470_none_fa2491fd9b3cfcb2\TiWorker.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Farbar) C:\Users\Niki\Downloads\FRST64 (2).exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ADAiO2StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\ADAiO2MUI.exe [2779136 2010-12-08] (DSGi)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-06-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [FlashGet 3] - C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe [3090056 2012-03-15] (Trend Media Corporation Limited)
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [Viber] - C:\Users\Niki\AppData\Local\Viber\Viber.exe [912904 2013-07-31] ()
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\Run: [AVG-Secure-Search-Update_0214c] - C:\Users\Niki\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=19ba6e0992b847d29d75e9a3e10f6676-43f4372a9079de500ac1e8e86da482920ce946a7 /CMPID=0214c
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\MountPoints2: {ac0bac33-72ec-11e3-bebf-38eaa7eb8f85} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-359620597-1969577201-256310000-1001\...\MountPoints2: {fc6e6182-1d17-11e3-be9c-38eaa7eb8f85} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Niki\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT13/2
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT13/2
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-29550-11896-25/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Niki\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.yahoo.co.uk/
CHR RestoreOnStartup: "", "hxxp://www.yahoo.co.uk/"
CHR DefaultSearchKeyword: uk.yahoo.com
CHR DefaultSearchProvider: Yahoo! UK & Ireland
CHR DefaultNewTabURL: 
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2013-10-29]
CHR Extension: (Google Docs) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (YouTube) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-29]
CHR Extension: (Google Search) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Google Calendar) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-10-29]
CHR Extension: (AdBlock) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-21]
CHR Extension: (FlashBlock) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2013-10-29]
CHR Extension: (Disconnect) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2013-10-29]
CHR Extension: (We Are Tennis) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkmdeepeooimedpakfaiahicgilkifef [2013-10-29]
CHR Extension: (Hangouts) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2013-11-19]
CHR Extension: (Google Wallet) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Niki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
 
==================== Services (Whitelisted) =================
 
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2014-02-26] (SurfRight B.V.)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-02-10] (Trusteer Ltd.)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-10-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R2 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [17416 2014-02-26] ()
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-16] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-10-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282712 2014-02-10] (Trusteer Ltd.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [273592 2014-02-10] (Trusteer Ltd.)
R3 RapportIaso; c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [233336 2014-02-03] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-02-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-02-10] (Trusteer Ltd.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-16] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-15] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-26 21:28 - 2014-02-26 21:28 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64 (2).exe
2014-02-26 21:25 - 2014-02-26 21:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-02-26 20:18 - 2014-02-26 20:19 - 00050049 _____ () C:\Users\Niki\Downloads\Addition.txt
2014-02-26 20:16 - 2014-02-26 21:28 - 00020814 _____ () C:\Users\Niki\Downloads\FRST.txt
2014-02-26 20:15 - 2014-02-26 21:28 - 00000000 ____D () C:\FRST
2014-02-26 20:12 - 2014-02-26 20:12 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64 (1).exe
2014-02-26 20:11 - 2014-02-26 20:11 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64.exe
2014-02-26 19:55 - 2014-02-26 19:55 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-26 19:46 - 2014-02-26 19:46 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-26 19:46 - 2014-02-26 19:46 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-26 19:45 - 2014-02-26 19:45 - 10820032 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro_x64.exe
2014-02-26 19:44 - 2014-02-26 19:55 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-26 19:43 - 2014-02-26 19:44 - 09988304 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro.exe
2014-02-26 19:42 - 2014-02-26 19:42 - 00564312 _____ (SurfRight) C:\WINDOWS\SysWOW64\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00518480 _____ (SurfRight) C:\WINDOWS\system32\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00017416 _____ () C:\WINDOWS\system32\Drivers\hmpalert.sys
2014-02-26 19:42 - 2014-02-26 19:42 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-26 19:41 - 2014-02-26 19:41 - 01830768 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\hmpalert.exe
2014-02-26 19:23 - 2014-02-26 19:23 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\Malwarebytes
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 19:22 - 2014-02-26 19:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-26 19:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-26 19:14 - 2014-02-26 19:16 - 00000000 ____D () C:\AdwCleaner
2014-02-26 19:13 - 2014-02-26 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-26 19:12 - 2014-02-26 19:13 - 01241834 _____ () C:\Users\Niki\Downloads\adwcleaner.exe
2014-02-26 18:47 - 2014-02-26 18:48 - 02347384 _____ (ESET) C:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
2014-02-26 18:34 - 2014-02-26 19:38 - 00013664 _____ () C:\WINDOWS\PFRO.log
2014-02-26 17:01 - 2014-02-26 17:26 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-26 16:56 - 2014-02-26 16:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Niki\Downloads\SpyHunter-Installer (4).exe
2014-02-23 16:50 - 2014-02-23 16:50 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\TuneUp Software
2014-02-23 16:48 - 2014-02-26 18:34 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-23 16:44 - 2014-02-26 18:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-23 16:44 - 2014-02-23 16:44 - 04462384 _____ (AVG Technologies) C:\Users\Niki\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Users\Niki\AppData\Local\MFAData
2014-02-18 18:53 - 2014-02-18 18:53 - 00002233 _____ () C:\Users\Niki\Desktop\HP Support Assistant.lnk
2014-02-18 18:49 - 2014-02-18 18:49 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-16 13:02 - 2013-11-27 15:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 13:02 - 2013-11-27 15:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 13:02 - 2013-11-27 14:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 13:02 - 2013-11-27 13:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 13:02 - 2013-11-27 12:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 13:02 - 2013-11-27 10:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 13:02 - 2013-11-27 09:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 13:02 - 2013-11-27 09:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 13:02 - 2013-11-27 09:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 13:02 - 2013-11-27 08:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 13:02 - 2013-11-27 08:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 13:02 - 2013-11-26 13:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 13:02 - 2013-11-26 13:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 13:02 - 2013-11-26 13:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 13:02 - 2013-11-26 13:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 13:02 - 2013-11-26 11:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 13:02 - 2013-11-26 11:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 13:02 - 2013-11-26 11:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 13:02 - 2013-11-26 10:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 13:02 - 2013-11-26 09:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 13:02 - 2013-11-26 08:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 13:02 - 2013-11-25 01:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 13:02 - 2013-11-25 01:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 13:02 - 2013-11-24 23:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 13:02 - 2013-11-23 12:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 13:02 - 2013-11-23 11:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 13:02 - 2013-11-23 08:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 13:02 - 2013-11-23 07:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 13:02 - 2013-11-23 04:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 13:02 - 2013-11-23 03:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 13:02 - 2013-11-23 03:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 13:02 - 2013-11-23 03:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 13:02 - 2013-11-23 03:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 13:02 - 2013-11-23 03:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 13:02 - 2013-11-23 03:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 13:02 - 2013-11-21 06:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 13:02 - 2013-11-16 05:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 13:02 - 2013-11-15 18:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 13:02 - 2013-11-15 14:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 13:02 - 2013-11-15 14:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 13:02 - 2013-11-15 14:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 13:02 - 2013-11-15 13:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 13:02 - 2013-11-05 20:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 13:02 - 2013-10-31 00:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 13:01 - 2013-12-09 00:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 13:01 - 2013-12-09 00:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 13:01 - 2013-11-27 10:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 13:01 - 2013-11-27 10:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 13:01 - 2013-11-27 09:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 13:01 - 2013-11-27 04:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 13:01 - 2013-11-24 23:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 13:01 - 2013-11-23 07:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 13:01 - 2013-11-23 07:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 13:01 - 2013-11-21 06:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 13:01 - 2013-10-30 23:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-13 00:31 - 2013-12-09 00:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 00:31 - 2013-12-08 23:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 00:29 - 2014-01-07 07:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 00:29 - 2014-01-07 05:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 00:29 - 2014-01-04 20:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 00:29 - 2014-01-04 19:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 00:29 - 2014-01-04 14:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 00:29 - 2014-01-04 14:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 00:29 - 2014-01-04 13:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 00:29 - 2014-01-04 13:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 00:29 - 2014-01-04 13:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 00:29 - 2014-01-04 13:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 00:29 - 2013-12-21 02:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 00:29 - 2013-12-21 02:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 00:29 - 2013-12-20 10:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 00:29 - 2013-12-20 06:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 00:01 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 00:01 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 00:01 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 00:01 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 00:01 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 00:01 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 00:01 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 00:01 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 00:01 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 00:01 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 00:01 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 00:01 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 00:01 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 00:01 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 00:01 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 00:01 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 00:01 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 00:01 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 00:01 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 00:01 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 00:01 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 00:01 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 00:01 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 00:01 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 00:01 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 00:01 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 00:01 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 00:01 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 00:01 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 00:01 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 00:01 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 00:01 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 00:01 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 00:01 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 00:01 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 00:01 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 00:01 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 00:01 - 2014-01-07 05:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 00:01 - 2014-01-07 04:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 00:01 - 2013-12-09 00:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 00:01 - 2013-12-08 23:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 00:01 - 2013-11-21 06:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 00:01 - 2013-11-21 05:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 00:00 - 2013-12-09 02:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 00:00 - 2013-12-09 01:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 23:59 - 2014-01-09 08:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 23:59 - 2014-01-09 07:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 23:59 - 2014-01-09 07:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 23:59 - 2014-01-09 07:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 23:59 - 2014-01-09 07:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 23:59 - 2014-01-09 07:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 23:59 - 2014-01-09 07:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 23:59 - 2014-01-09 07:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 23:59 - 2014-01-09 07:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 23:59 - 2014-01-09 07:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-05 08:56 - 2014-02-05 09:00 - 00013312 _____ () C:\Users\Niki\Downloads\tenant reps.xls
2014-02-02 11:02 - 2014-02-02 11:02 - 03156398 _____ () C:\Users\Niki\Downloads\2b181007c7efda076bf8ef7f2a0dedce.mp4
2014-01-30 19:32 - 2014-01-30 19:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 11176448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\WINDOWS\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-01-29 18:30 - 2014-01-29 18:30 - 00014183 _____ () C:\Users\Niki\Desktop\admins.odt
2014-01-28 22:24 - 2014-02-11 09:30 - 00000000 ____D () C:\Users\Niki\Desktop\New folder (3)
2014-01-28 10:11 - 2014-01-28 10:11 - 05163008 _____ () C:\Users\Niki\Downloads\from_the_World.pps
 
==================== One Month Modified Files and Folders =======
 
2014-02-26 21:30 - 2014-02-26 20:16 - 00020814 _____ () C:\Users\Niki\Downloads\FRST.txt
2014-02-26 21:29 - 2013-03-24 12:36 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-359620597-1969577201-256310000-1001
2014-02-26 21:28 - 2014-02-26 21:28 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64 (2).exe
2014-02-26 21:28 - 2014-02-26 20:15 - 00000000 ____D () C:\FRST
2014-02-26 21:27 - 2013-10-29 10:26 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-26 21:26 - 2013-11-23 17:17 - 00000000 __RDO () C:\Users\Niki\SkyDrive
2014-02-26 21:26 - 2013-10-29 10:26 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-26 21:26 - 2013-10-29 10:26 - 00003640 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-26 21:26 - 2013-10-29 10:26 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-26 21:26 - 2013-10-29 10:26 - 00000900 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 21:26 - 2013-10-18 00:33 - 01118748 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-26 21:25 - 2014-02-26 21:25 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-02-26 21:25 - 2014-01-01 19:13 - 00000000 ____D () C:\Users\Niki\AppData\Local\HTC MediaHub
2014-02-26 21:24 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-26 21:12 - 2013-08-22 15:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-02-26 21:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-26 20:19 - 2014-02-26 20:18 - 00050049 _____ () C:\Users\Niki\Downloads\Addition.txt
2014-02-26 20:12 - 2014-02-26 20:12 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64 (1).exe
2014-02-26 20:11 - 2014-02-26 20:11 - 02155008 _____ (Farbar) C:\Users\Niki\Downloads\FRST64.exe
2014-02-26 19:55 - 2014-02-26 19:55 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2014-02-26 19:55 - 2014-02-26 19:44 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-26 19:55 - 2013-08-14 20:59 - 00000000 ____D () C:\Users\Guest\Desktop\New folder
2014-02-26 19:46 - 2014-02-26 19:46 - 00001905 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-02-26 19:46 - 2014-02-26 19:46 - 00000000 ____D () C:\Program Files\HitmanPro
2014-02-26 19:45 - 2014-02-26 19:45 - 10820032 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro_x64.exe
2014-02-26 19:44 - 2014-02-26 19:43 - 09988304 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\HitmanPro.exe
2014-02-26 19:42 - 2014-02-26 19:42 - 00564312 _____ (SurfRight) C:\WINDOWS\SysWOW64\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00518480 _____ (SurfRight) C:\WINDOWS\system32\hmpalert.dll
2014-02-26 19:42 - 2014-02-26 19:42 - 00017416 _____ () C:\WINDOWS\system32\Drivers\hmpalert.sys
2014-02-26 19:42 - 2014-02-26 19:42 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-02-26 19:41 - 2014-02-26 19:41 - 01830768 _____ (SurfRight B.V.) C:\Users\Niki\Downloads\hmpalert.exe
2014-02-26 19:38 - 2014-02-26 18:34 - 00013664 _____ () C:\WINDOWS\PFRO.log
2014-02-26 19:23 - 2014-02-26 19:23 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\Malwarebytes
2014-02-26 19:23 - 2014-02-26 19:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-26 19:23 - 2014-02-26 19:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (2).exe
2014-02-26 19:22 - 2014-02-26 19:22 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-02-26 19:17 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-26 19:16 - 2014-02-26 19:14 - 00000000 ____D () C:\AdwCleaner
2014-02-26 19:13 - 2014-02-26 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Niki\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-26 19:13 - 2014-02-26 19:12 - 01241834 _____ () C:\Users\Niki\Downloads\adwcleaner.exe
2014-02-26 18:48 - 2014-02-26 18:47 - 02347384 _____ (ESET) C:\Users\Niki\Downloads\esetsmartinstaller_enu.exe
2014-02-26 18:36 - 2013-07-27 17:36 - 00000191 _____ () C:\Users\Niki\AppData\Roaming\WB.CFG
2014-02-26 18:34 - 2014-02-23 16:48 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-26 18:34 - 2014-02-23 16:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-26 18:28 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-26 18:28 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-26 17:26 - 2014-02-26 17:01 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-02-26 16:56 - 2014-02-26 16:56 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Niki\Downloads\SpyHunter-Installer (4).exe
2014-02-26 16:43 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-26 09:46 - 2013-09-09 18:38 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\ViberPC
2014-02-26 09:46 - 2013-09-09 18:38 - 00000000 ____D () C:\Users\Niki\AppData\Local\Viber
2014-02-26 02:17 - 2013-03-24 15:31 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\vlc
2014-02-25 23:00 - 2013-03-30 20:25 - 01017344 ___SH () C:\Users\Niki\Desktop\Thumbs.db
2014-02-23 16:50 - 2014-02-23 16:50 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\TuneUp Software
2014-02-23 16:44 - 2014-02-23 16:44 - 04462384 _____ (AVG Technologies) C:\Users\Niki\Downloads\avg_free_stb_all_2014_4335_cnet.exe
2014-02-23 16:44 - 2014-02-23 16:44 - 00000000 ____D () C:\Users\Niki\AppData\Local\MFAData
2014-02-20 18:02 - 2013-09-30 04:11 - 00958356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-20 13:22 - 2013-12-22 23:58 - 00000000 ____D () C:\ProgramData\6580816f9461f728
2014-02-20 13:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2014-02-19 19:06 - 2013-08-17 15:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-19 19:03 - 2013-03-24 13:55 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-18 18:54 - 2013-10-18 00:13 - 00000000 ____D () C:\Users\Niki
2014-02-18 18:54 - 2013-04-01 11:13 - 00000338 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForNiki.job
2014-02-18 18:53 - 2014-02-18 18:53 - 00002233 _____ () C:\Users\Niki\Desktop\HP Support Assistant.lnk
2014-02-18 18:53 - 2012-10-27 16:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-18 18:51 - 2012-10-27 16:22 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-18 18:49 - 2014-02-18 18:49 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-18 18:47 - 2012-10-27 16:36 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-18 18:46 - 2012-08-04 00:02 - 00000000 ____D () C:\SWSetup
2014-02-17 21:00 - 2013-08-22 15:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 21:00 - 2013-08-22 15:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 16:43 - 2013-04-15 10:21 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-02-16 21:25 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-16 18:00 - 2013-03-24 12:29 - 00000000 ___RD () C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-16 18:00 - 2013-03-24 12:29 - 00000000 ___RD () C:\Users\Niki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-16 17:59 - 2013-08-22 14:44 - 00405576 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-16 17:55 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-16 17:55 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-16 17:55 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-15 22:19 - 2013-08-12 14:28 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\transmission
2014-02-13 07:58 - 2013-04-15 10:21 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 01:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-11 09:30 - 2014-01-28 22:24 - 00000000 ____D () C:\Users\Niki\Desktop\New folder (3)
2014-02-10 11:35 - 2013-08-31 11:57 - 00273592 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2014-02-10 11:35 - 2013-08-31 11:56 - 00316312 _____ (Trusteer Ltd.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2014-02-06 12:16 - 2014-02-13 00:01 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-13 00:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-13 00:01 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-13 00:01 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-13 00:01 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-13 00:01 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 00:01 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-13 00:01 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-13 00:01 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-13 00:01 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-13 00:01 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-13 00:01 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-13 00:01 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-13 00:01 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-13 00:01 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 10:11 - 2014-02-13 00:01 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-13 00:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-13 00:01 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-13 00:01 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-13 00:01 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-13 00:01 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-13 00:01 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 09:50 - 2014-02-13 00:01 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 09:47 - 2014-02-13 00:01 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-13 00:01 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-13 00:01 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-13 00:01 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-13 00:01 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 09:22 - 2014-02-13 00:01 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-13 00:01 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-13 00:01 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-13 00:01 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-13 00:01 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-13 00:01 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-13 00:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-13 00:01 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-13 00:01 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 09:05 - 2012-09-11 09:08 - 00000000 ____D () C:\Users\Niki\Desktop\Tenants Association
2014-02-05 09:00 - 2014-02-05 08:56 - 00013312 _____ () C:\Users\Niki\Downloads\tenant reps.xls
2014-02-02 11:02 - 2014-02-02 11:02 - 03156398 _____ () C:\Users\Niki\Downloads\2b181007c7efda076bf8ef7f2a0dedce.mp4
2014-02-02 01:56 - 2013-06-13 14:37 - 00000000 ____D () C:\Users\Niki\AppData\Roaming\Skype
2014-02-01 11:36 - 2013-06-15 13:37 - 00000005 _____ () C:\Users\Niki\AppData\Roaming\WBPU-TTL.DAT
2014-01-30 19:32 - 2014-01-30 19:32 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-01-29 23:02 - 2014-01-29 23:02 - 13031424 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 12617216 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 11176448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 10812928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 05904856 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 05363200 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2014-01-29 23:02 - 2014-01-29 23:02 - 03511296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 03121152 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 01040384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00931840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00575488 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00542720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00515544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00442328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00440320 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00439296 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00438272 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00437248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00435712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00432128 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00431104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00429056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00428544 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00410624 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00399832 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00330752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc
2014-01-29 23:02 - 2014-01-29 23:02 - 00279000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00254936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00223664 _____ () C:\WINDOWS\system32\Gfxres.th-TH.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00210106 _____ () C:\WINDOWS\system32\Gfxres.el-GR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00194245 _____ () C:\WINDOWS\system32\Gfxres.ru-RU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00185816 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00175104 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00171992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00166170 _____ () C:\WINDOWS\system32\Gfxres.ar-SA.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00163421 _____ () C:\WINDOWS\system32\Gfxres.ja-JP.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00159008 _____ () C:\WINDOWS\system32\Gfxres.he-IL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00149682 _____ () C:\WINDOWS\system32\Gfxres.it-IT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00148042 _____ () C:\WINDOWS\system32\Gfxres.ko-KR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147393 _____ () C:\WINDOWS\system32\Gfxres.de-DE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00147288 _____ () C:\WINDOWS\system32\Gfxres.es-ES.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00146004 _____ () C:\WINDOWS\system32\Gfxres.ro-RO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00145491 _____ () C:\WINDOWS\system32\Gfxres.fr-FR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144645 _____ () C:\WINDOWS\system32\Gfxres.tr-TR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144260 _____ () C:\WINDOWS\system32\Gfxres.pt-BR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00144020 _____ () C:\WINDOWS\system32\Gfxres.nl-NL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00143932 _____ () C:\WINDOWS\system32\Gfxres.hu-HU.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142882 _____ () C:\WINDOWS\system32\Gfxres.sv-SE.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142877 _____ () C:\WINDOWS\system32\Gfxres.pt-PT.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142717 _____ () C:\WINDOWS\system32\Gfxres.pl-PL.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142336 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00142289 _____ () C:\WINDOWS\system32\Gfxres.cs-CZ.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00142008 _____ () C:\WINDOWS\system32\Gfxres.fi-FI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141838 _____ () C:\WINDOWS\system32\Gfxres.sk-SK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00141049 _____ () C:\WINDOWS\system32\Gfxres.hr-HR.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137889 _____ () C:\WINDOWS\system32\Gfxres.sl-SI.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137784 _____ () C:\WINDOWS\system32\Gfxres.nb-NO.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00137141 _____ () C:\WINDOWS\system32\Gfxres.da-DK.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00126976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl
2014-01-29 23:02 - 2014-01-29 23:02 - 00126300 _____ () C:\WINDOWS\system32\Gfxres.zh-TW.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00124650 _____ () C:\WINDOWS\system32\Gfxres.zh-CN.resources
2014-01-29 23:02 - 2014-01-29 23:02 - 00116224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v3347.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00098304 _____ () C:\WINDOWS\system32\igdde64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00077312 _____ () C:\WINDOWS\SysWOW64\igdde32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00028672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00025088 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00017058 _____ () C:\WINDOWS\system32\iglhxs64.vp
2014-01-29 23:02 - 2014-01-29 23:02 - 00009728 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 12859392 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 11049472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 09007616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00442880 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00384512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00110592 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll
2014-01-29 23:02 - 2012-12-14 01:42 - 00064000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll
2014-01-29 18:30 - 2014-01-29 18:30 - 00014183 _____ () C:\Users\Niki\Desktop\admins.odt
2014-01-28 10:11 - 2014-01-28 10:11 - 05163008 _____ () C:\Users\Niki\Downloads\from_the_World.pps
 
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.1612.dll
 
 
Some content of TEMP:
====================
C:\Users\Niki\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-26 08:54
 
==================== End Of Log ============================
 
 
 
Please tell me it has gone

scared to look at the extensions on chrome lol



#12 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 04:36 PM

just looked it is still in extensions, deleted it again........



#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 04:42 PM

Ok, one more:


Press the [Windows] + R keys on your keyboard together, write "notepad" into the opening text field and click OK.
  • Copy and Paste the following code and paste it into the Notepad-windows:
    CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
    C:\ProgramData\jdndakcglboocmeakechekciigppbagi
  • Save the file under the name fixlist.txt in your Download-directory (C:\Users\Niki\Downloads).
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to same location the tool was run from.
    Please copy and paste its contents in your next reply.


#14 uniquewoman

uniquewoman
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:01 PM

Posted 26 February 2014 - 04:46 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-02-2014 01
Ran by Niki at 2014-02-26 21:45:47 Run:2
Running from C:\Users\Niki\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24]
C:\ProgramData\jdndakcglboocmeakechekciigppbagi
*****************
 
CHR Extension: (DealsFinderPro) - C:\ProgramData\jdndakcglboocmeakechekciigppbagi [2013-12-24] directory not found.
C:\ProgramData\jdndakcglboocmeakechekciigppbagi => Moved successfully.
 
==== End of Fixlog ====

Ha I can see it on the list, yippee we must be getting closer lol



#15 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 PM

Posted 26 February 2014 - 04:49 PM

Restart your computer again. Is DealsFinderPro still active in your Chrome or has it gone?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users