Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Torntv V9.0 on windows 8.1, can't get it away


  • This topic is locked This topic is locked
8 replies to this topic

#1 malenabengtsson

malenabengtsson

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 10 June 2014 - 08:36 AM

Hi there, i realized that i have Torntv V9.0 on my computer and i want it away. I tried removing using Ccleaner, shouldiremoveit and the normal removing from the control panel. I tried following one of the guides here i found while googling but unfortunately the programs mentioned is not compatible for windows 8.1. 

 

I tried downloading the dds program from this site to post a log, but that is not working either. I need help! 

 

Thanks in advance.



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:54 AM

Posted 10 June 2014 - 08:59 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Regards,

Georgi


cXfZ4wS.png


#3 malenabengtsson

malenabengtsson
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 10 June 2014 - 09:16 AM

Hello and thank you so much for your fast answer. I got the logs here: 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by malena (administrator) on MALENA on 10-06-2014 16:12:36
Running from C:\Users\malena\Desktop
Platform: Windows 8.1 (X64) OS Language: Swedish
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-06-10] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Atheros Communications))
HKU\S-1-5-21-2292154835-344325852-1662418859-1001\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-2292154835-344325852-1662418859-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2292154835-344325852-1662418859-1002\...\Run: [Spotify] => C:\Users\malena\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-06-06] (Spotify Ltd)
HKU\S-1-5-21-2292154835-344325852-1662418859-1002\...\Run: [Spotify Web Helper] => C:\Users\malena\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-06] (Spotify Ltd)
HKU\S-1-5-21-2292154835-344325852-1662418859-1002\...\Run: [uTorrent] => C:\Users\malena\AppData\Roaming\uTorrent\uTorrent.exe [1268560 2014-05-20] (BitTorrent Inc.)
HKU\S-1-5-21-2292154835-344325852-1662418859-1002\...\MountPoints2: {888e34cd-b57e-11e3-be78-240a64d2c1dc} - "F:\Autorun.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.4.3 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
Chrome: 
=======
CHR HomePage: 
CHR Extension: (Google Dokument) - C:\Users\malena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-10]
CHR Extension: (Google Drive) - C:\Users\malena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-10]
CHR Extension: (YouTube) - C:\Users\malena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-10]
CHR Extension: (Sök på Google) - C:\Users\malena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-10]
CHR Extension: (Google Wallet) - C:\Users\malena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-10]
CHR Extension: (Gmail) - C:\Users\malena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-10]
 
==================== Services (Whitelisted) =================
 
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-10] (AVAST Software)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-10] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-10] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-10] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-27] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-04-08] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-04-08] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-10 16:12 - 2014-06-10 16:13 - 00017059 _____ () C:\Users\malena\Desktop\FRST.txt
2014-06-10 16:11 - 2014-06-10 16:12 - 00000000 ____D () C:\FRST
2014-06-10 16:11 - 2014-06-10 16:11 - 02080768 _____ (Farbar) C:\Users\malena\Desktop\FRST64.exe
2014-06-10 16:10 - 2014-06-10 16:10 - 01177600 _____ (Farbar) C:\Users\malena\Desktop\FRST.exe
2014-06-10 15:43 - 2014-06-10 15:43 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-10 15:43 - 2014-06-10 15:43 - 00000000 ____D () C:\Users\malena\AppData\Roaming\AVAST Software
2014-06-10 15:43 - 2014-06-10 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-10 15:42 - 2014-06-10 15:43 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-06-10 15:42 - 2014-06-10 15:42 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1402407775718
2014-06-10 15:42 - 2014-06-10 15:42 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1402407775718
2014-06-10 15:42 - 2014-06-10 15:42 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-06-10 15:42 - 2014-06-10 15:42 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.1402407775718
2014-06-10 15:42 - 2014-06-10 15:42 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-10 15:42 - 2014-06-10 15:42 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-06-10 15:41 - 2014-06-10 15:41 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-10 15:41 - 2014-06-10 15:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-10 15:38 - 2014-06-10 15:39 - 94714880 _____ (AVAST Software) C:\Users\malena\Downloads\avast_free_antivirus_setup.exe
2014-06-10 15:35 - 2014-06-10 15:35 - 00688992 _____ (Swearware) C:\Users\malena\Downloads\dds.com
2014-06-10 15:26 - 2014-06-10 15:27 - 05205915 _____ (Swearware) C:\Users\malena\Downloads\ComboFix.exe
2014-06-10 15:25 - 2014-06-10 15:25 - 00001850 _____ () C:\Users\malena\Desktop\RKreport_DEL_06102014_152505.log
2014-06-10 15:17 - 2014-06-10 15:17 - 04686336 _____ () C:\Users\malena\Downloads\RogueKiller.exe
2014-06-10 15:17 - 2014-06-10 15:17 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-10 15:14 - 2014-06-10 15:14 - 00008298 _____ () C:\WINDOWS\PFRO.log
2014-06-10 15:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-06-10 15:11 - 2014-06-10 15:13 - 00000000 ____D () C:\AdwCleaner
2014-06-10 15:11 - 2014-06-10 15:11 - 01333465 _____ () C:\Users\malena\Downloads\adwcleaner_3.212.exe
2014-06-10 15:09 - 2014-06-10 15:09 - 00854378 _____ () C:\Users\malena\Downloads\SecurityCheck.exe
2014-06-10 15:01 - 2014-06-10 15:01 - 02195256 _____ (Reason Software Company Inc.) C:\Users\malena\Downloads\ShouldIRemoveIt_Setup.exe
2014-06-10 15:01 - 2014-06-10 15:01 - 00000000 ____D () C:\Program Files (x86)\Reason
2014-06-10 14:54 - 2014-06-10 14:54 - 00003112 _____ () C:\WINDOWS\System32\Tasks\{C6290D72-24CD-4ECD-A759-3386C814F080}
2014-06-10 14:49 - 2014-06-10 15:54 - 00001008 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 14:49 - 2014-06-10 15:17 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 14:49 - 2014-06-10 15:15 - 00001004 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 14:49 - 2014-06-10 14:49 - 00003980 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 14:49 - 2014-06-10 14:49 - 00003744 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-10 14:49 - 2014-06-10 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-10 14:46 - 2014-06-10 14:46 - 00918672 _____ (Google Inc.) C:\Users\malena\Downloads\ChromeSetup.exe
2014-06-10 14:39 - 2014-06-10 14:39 - 00434040 _____ () C:\Users\malena\Downloads\The_Sims_3-_Island_Paradise_[FULL]_-_Games4theworld_-.exe
2014-06-10 14:37 - 2014-06-10 14:37 - 00000000 ____D () C:\Users\malena\Downloads\Supernatural
2014-06-10 14:02 - 2014-06-10 14:02 - 00000000 ____D () C:\Users\malena\Documents\Electronic Arts
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-06-10 13:53 - 2014-06-10 15:14 - 00063710 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-10 13:49 - 2014-06-10 13:49 - 00000000 ____D () C:\Users\malena\Desktop\PACKAGES
2014-06-10 13:17 - 2014-06-10 14:07 - 00000000 ____D () C:\Users\malena\Desktop\The Sims 3 In i framtiden
2014-06-07 13:29 - 2014-06-07 13:29 - 10466176 _____ () C:\Users\malena\Downloads\1157204.zip
2014-06-07 13:16 - 2014-06-07 13:16 - 00538685 _____ () C:\Users\malena\Downloads\MurfeeL_EA Arboretum Walls.sims3pack
2014-06-07 13:11 - 2014-06-07 13:11 - 02535564 _____ () C:\Users\malena\Downloads\1114605.zip
2014-06-07 13:07 - 2014-06-07 13:07 - 06772449 _____ () C:\Users\malena\Downloads\1241790.zip
2014-06-07 13:04 - 2014-06-07 13:04 - 01429465 _____ () C:\Users\malena\Downloads\1090382.zip
2014-06-07 12:26 - 2014-06-07 12:26 - 00000454 _____ () C:\Users\malena\Downloads\collection bathroom NITRIUM.zip
2014-06-07 00:57 - 2014-06-07 01:01 - 139290316 _____ () C:\Users\malena\Downloads\eel-slapper.rar
2014-06-06 23:51 - 2014-06-06 23:51 - 00000000 ____D () C:\Users\malena\Downloads\simsi
2014-06-06 21:16 - 2014-06-06 21:37 - 00000000 ____D () C:\Users\malena\Downloads\The Sims 3 World Adventures [MULTI5][Expansion][PCDVD][WwW.GamesTorrents.CoM]
2014-06-06 20:45 - 2014-06-10 16:11 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-06 20:45 - 2014-06-06 20:45 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-03 16:17 - 2014-06-10 15:16 - 00000000 __RDO () C:\Users\malena\OneDrive
2014-05-23 21:52 - 2014-05-23 21:36 - 04012479 ____N () C:\Users\malena\Desktop\VID_20140523_213643.mp4
2014-05-20 22:51 - 2014-05-20 22:53 - 00000000 ____D () C:\Users\malena\Downloads\The Sims 3 - Supernatural
2014-05-20 20:56 - 2014-06-06 21:51 - 00001858 _____ () C:\Users\malena\Desktop\Spotify.lnk
2014-05-20 20:56 - 2014-06-06 21:51 - 00001844 _____ () C:\Users\malena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-20 20:56 - 2014-06-06 21:51 - 00000000 ____D () C:\Users\malena\AppData\Local\Spotify
2014-05-20 20:55 - 2014-06-09 22:45 - 00000000 ____D () C:\Users\malena\AppData\Roaming\Spotify
2014-05-17 15:19 - 2014-05-17 15:19 - 00003422 _____ () C:\Users\malena\AppData\Local\recently-used.xbel
2014-05-16 14:38 - 2014-06-09 21:31 - 00000000 ____D () C:\Users\malena\Desktop\PLUGG
2014-05-16 14:38 - 2014-05-16 14:38 - 00000912 _____ () C:\Users\malena\Desktop\GIMP 2.lnk
2014-05-16 14:36 - 2014-05-17 15:19 - 00000000 ____D () C:\Users\malena\AppData\Local\gtk-2.0
2014-05-16 14:35 - 2014-05-16 14:35 - 00000000 ____D () C:\Users\malena\.thumbnails
2014-05-16 14:34 - 2014-05-17 15:22 - 00000000 ____D () C:\Users\malena\.gimp-2.8
2014-05-16 14:34 - 2014-05-16 14:34 - 00000000 ____D () C:\Users\malena\AppData\Local\gegl-0.2
2014-05-16 14:32 - 2014-05-16 14:32 - 00000912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-05-16 14:31 - 2014-05-16 14:32 - 00000000 ____D () C:\Program Files\GIMP 2
2014-05-16 14:08 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-05-16 14:08 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-05-16 14:08 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-05-16 14:08 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-05-16 14:08 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-16 14:08 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-16 14:08 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-05-16 14:08 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-05-16 14:08 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-05-16 14:08 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-05-16 14:08 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-05-16 14:08 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-05-16 14:08 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-05-16 14:08 - 2014-04-11 08:13 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-05-16 14:08 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-05-16 14:08 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-05-16 14:08 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-05-16 14:08 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-05-16 14:08 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-05-16 14:08 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-05-16 14:08 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-05-16 14:08 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-05-16 14:08 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-05-16 14:08 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-05-16 14:08 - 2014-04-06 18:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-05-16 14:08 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-05-16 14:08 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-16 14:08 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-05-16 14:08 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-05-16 14:08 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-05-16 14:08 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-05-16 14:08 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-05-16 14:08 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-05-16 14:08 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-16 14:08 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-05-16 14:08 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-05-16 14:08 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-05-16 14:08 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-05-16 14:08 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-05-16 14:08 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-05-16 14:08 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-05-16 14:08 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-05-16 14:08 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-05-16 14:08 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-05-16 14:08 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-05-16 14:08 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-05-16 14:08 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-05-16 14:08 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-05-16 14:08 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-05-16 14:08 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-05-16 14:08 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-05-16 14:08 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-05-16 14:08 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-05-16 14:08 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-05-16 14:08 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-05-16 14:08 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-05-16 14:08 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-05-16 14:08 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-05-16 14:08 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-05-16 14:08 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-05-16 14:08 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-05-16 14:08 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-05-16 14:08 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-05-16 14:08 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-05-16 14:08 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-05-16 14:08 - 2014-04-03 04:22 - 03359744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-05-16 14:08 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-05-16 14:08 - 2014-04-01 08:23 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-05-16 14:08 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-05-16 14:08 - 2014-03-31 07:35 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-05-16 14:08 - 2014-03-31 07:35 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-05-16 14:08 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-05-16 14:08 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-05-16 14:08 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-05-16 14:08 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-05-16 14:08 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-05-16 14:08 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-05-16 14:08 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-05-16 14:08 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-05-16 14:08 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-05-16 14:08 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-05-16 14:08 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-05-16 14:08 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-05-16 14:08 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-05-16 14:08 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-05-16 14:08 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-05-16 14:08 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-05-16 14:08 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-05-16 14:08 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-05-16 14:08 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-05-16 14:08 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-05-16 14:08 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-05-16 14:08 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-05-16 14:08 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-05-16 14:08 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-05-16 14:08 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-05-16 14:08 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-05-16 14:08 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-05-16 14:08 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-05-16 14:08 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-05-16 14:08 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-05-16 14:08 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-05-16 14:08 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-05-16 14:08 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-05-16 14:08 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-05-16 14:08 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-05-16 14:08 - 2014-03-18 10:19 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-05-16 14:08 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-05-16 14:08 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-05-16 14:08 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-05-16 14:08 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-05-16 14:08 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-05-16 14:08 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-05-16 14:08 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-05-16 14:08 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-05-16 14:08 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-05-16 14:08 - 2014-03-06 14:42 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-05-16 14:07 - 2014-05-16 14:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-14 11:18 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 11:18 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 11:18 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 11:18 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 11:18 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 11:18 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 11:18 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 11:18 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 11:17 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 11:17 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 11:17 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 11:17 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 11:17 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 11:17 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 11:17 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 11:17 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 11:17 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 11:17 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 11:17 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 11:17 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 11:17 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 11:17 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 11:17 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 11:17 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 11:17 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 11:17 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 11:17 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 11:17 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 11:17 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 11:17 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 11:17 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 11:17 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 11:17 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 11:17 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 11:16 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 11:16 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 11:16 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 11:16 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
 
==================== One Month Modified Files and Folders =======
 
2014-06-10 16:13 - 2014-06-10 16:12 - 00017059 _____ () C:\Users\malena\Desktop\FRST.txt
2014-06-10 16:13 - 2014-04-08 11:35 - 00000000 ____D () C:\Users\malena\AppData\Local\Temp
2014-06-10 16:12 - 2014-06-10 16:11 - 00000000 ____D () C:\FRST
2014-06-10 16:11 - 2014-06-10 16:11 - 02080768 _____ (Farbar) C:\Users\malena\Desktop\FRST64.exe
2014-06-10 16:11 - 2014-06-06 20:45 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-10 16:10 - 2014-06-10 16:10 - 01177600 _____ (Farbar) C:\Users\malena\Desktop\FRST.exe
2014-06-10 16:04 - 2014-03-26 20:32 - 00000000 ____D () C:\Users\malena\AppData\Roaming\Skype
2014-06-10 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-10 15:54 - 2014-06-10 14:49 - 00001008 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 15:43 - 2014-06-10 15:43 - 00001984 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-10 15:43 - 2014-06-10 15:43 - 00000000 ____D () C:\Users\malena\AppData\Roaming\AVAST Software
2014-06-10 15:43 - 2014-06-10 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-10 15:43 - 2014-06-10 15:42 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-06-10 15:42 - 2014-06-10 15:42 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1402407775718
2014-06-10 15:42 - 2014-06-10 15:42 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1402407775718
2014-06-10 15:42 - 2014-06-10 15:42 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-06-10 15:42 - 2014-06-10 15:42 - 00208416 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.1402407775718
2014-06-10 15:42 - 2014-06-10 15:42 - 00085328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-06-10 15:42 - 2014-06-10 15:42 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-06-10 15:42 - 2014-06-10 15:42 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-06-10 15:41 - 2014-06-10 15:41 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-10 15:41 - 2014-06-10 15:41 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-10 15:39 - 2014-06-10 15:38 - 94714880 _____ (AVAST Software) C:\Users\malena\Downloads\avast_free_antivirus_setup.exe
2014-06-10 15:35 - 2014-06-10 15:35 - 00688992 _____ (Swearware) C:\Users\malena\Downloads\dds.com
2014-06-10 15:27 - 2014-06-10 15:26 - 05205915 _____ (Swearware) C:\Users\malena\Downloads\ComboFix.exe
2014-06-10 15:25 - 2014-06-10 15:25 - 00001850 _____ () C:\Users\malena\Desktop\RKreport_DEL_06102014_152505.log
2014-06-10 15:21 - 2013-11-14 09:31 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-10 15:21 - 2013-11-14 09:15 - 00733830 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-06-10 15:21 - 2013-11-14 09:15 - 00152166 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-06-10 15:20 - 2014-04-01 19:10 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2292154835-344325852-1662418859-1002
2014-06-10 15:17 - 2014-06-10 15:17 - 04686336 _____ () C:\Users\malena\Downloads\RogueKiller.exe
2014-06-10 15:17 - 2014-06-10 15:17 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-10 15:17 - 2014-06-10 14:49 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 15:17 - 2014-03-26 20:19 - 00000074 _____ () C:\Users\malena\AppData\Roaming\sp_data.sys
2014-06-10 15:16 - 2014-06-03 16:17 - 00000000 __RDO () C:\Users\malena\OneDrive
2014-06-10 15:15 - 2014-06-10 14:49 - 00001004 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 15:14 - 2014-06-10 15:14 - 00008298 _____ () C:\WINDOWS\PFRO.log
2014-06-10 15:14 - 2014-06-10 13:53 - 00063710 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-10 15:14 - 2013-10-21 11:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-10 15:14 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-10 15:14 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-10 15:13 - 2014-06-10 15:11 - 00000000 ____D () C:\AdwCleaner
2014-06-10 15:11 - 2014-06-10 15:11 - 01333465 _____ () C:\Users\malena\Downloads\adwcleaner_3.212.exe
2014-06-10 15:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-10 15:09 - 2014-06-10 15:09 - 00854378 _____ () C:\Users\malena\Downloads\SecurityCheck.exe
2014-06-10 15:06 - 2014-04-01 19:17 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
2014-06-10 15:01 - 2014-06-10 15:01 - 02195256 _____ (Reason Software Company Inc.) C:\Users\malena\Downloads\ShouldIRemoveIt_Setup.exe
2014-06-10 15:01 - 2014-06-10 15:01 - 00000000 ____D () C:\Program Files (x86)\Reason
2014-06-10 14:54 - 2014-06-10 14:54 - 00003112 _____ () C:\WINDOWS\System32\Tasks\{C6290D72-24CD-4ECD-A759-3386C814F080}
2014-06-10 14:49 - 2014-06-10 14:49 - 00003980 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 14:49 - 2014-06-10 14:49 - 00003744 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-10 14:49 - 2014-06-10 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-10 14:49 - 2014-03-26 20:27 - 00000000 ____D () C:\Users\malena\AppData\Local\Google
2014-06-10 14:49 - 2014-03-26 20:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-10 14:46 - 2014-06-10 14:46 - 00918672 _____ (Google Inc.) C:\Users\malena\Downloads\ChromeSetup.exe
2014-06-10 14:39 - 2014-06-10 14:39 - 00434040 _____ () C:\Users\malena\Downloads\The_Sims_3-_Island_Paradise_[FULL]_-_Games4theworld_-.exe
2014-06-10 14:37 - 2014-06-10 14:37 - 00000000 ____D () C:\Users\malena\Downloads\Supernatural
2014-06-10 14:35 - 2013-10-21 11:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-10 14:07 - 2014-06-10 13:17 - 00000000 ____D () C:\Users\malena\Desktop\The Sims 3 In i framtiden
2014-06-10 14:02 - 2014-06-10 14:02 - 00000000 ____D () C:\Users\malena\Documents\Electronic Arts
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-06-10 13:49 - 2014-06-10 13:49 - 00000000 ____D () C:\Users\malena\Desktop\PACKAGES
2014-06-10 13:32 - 2014-03-27 10:19 - 00000000 ____D () C:\Users\malena\AppData\Roaming\DAEMON Tools Lite
2014-06-10 13:10 - 2014-05-06 15:14 - 00003920 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6DFCC547-DB74-4FF2-BB18-BE5949FC47BF}
2014-06-10 13:10 - 2013-10-21 11:31 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-06-10 13:10 - 2013-10-21 11:31 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-06-10 00:02 - 2014-03-26 20:36 - 00000000 ____D () C:\Users\malena\AppData\Local\Battle.net
2014-06-09 23:13 - 2014-04-01 19:11 - 00000000 ____D () C:\Users\malena\AppData\Local\PMB Files
2014-06-09 23:13 - 2014-04-01 19:11 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-09 22:45 - 2014-05-20 20:55 - 00000000 ____D () C:\Users\malena\AppData\Roaming\Spotify
2014-06-09 21:31 - 2014-05-16 14:38 - 00000000 ____D () C:\Users\malena\Desktop\PLUGG
2014-06-09 21:25 - 2012-03-15 17:58 - 00000000 ___RD () C:\Users\malena\Desktop\♥
2014-06-09 21:23 - 2014-03-27 09:44 - 00000000 ____D () C:\Users\malena\AppData\Roaming\uTorrent
2014-06-09 17:55 - 2014-04-08 11:35 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Temp
2014-06-09 17:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-06-07 13:29 - 2014-06-07 13:29 - 10466176 _____ () C:\Users\malena\Downloads\1157204.zip
2014-06-07 13:16 - 2014-06-07 13:16 - 00538685 _____ () C:\Users\malena\Downloads\MurfeeL_EA Arboretum Walls.sims3pack
2014-06-07 13:11 - 2014-06-07 13:11 - 02535564 _____ () C:\Users\malena\Downloads\1114605.zip
2014-06-07 13:07 - 2014-06-07 13:07 - 06772449 _____ () C:\Users\malena\Downloads\1241790.zip
2014-06-07 13:04 - 2014-06-07 13:04 - 01429465 _____ () C:\Users\malena\Downloads\1090382.zip
2014-06-07 12:26 - 2014-06-07 12:26 - 00000454 _____ () C:\Users\malena\Downloads\collection bathroom NITRIUM.zip
2014-06-07 01:01 - 2014-06-07 00:57 - 139290316 _____ () C:\Users\malena\Downloads\eel-slapper.rar
2014-06-06 23:51 - 2014-06-06 23:51 - 00000000 ____D () C:\Users\malena\Downloads\simsi
2014-06-06 21:51 - 2014-05-20 20:56 - 00001858 _____ () C:\Users\malena\Desktop\Spotify.lnk
2014-06-06 21:51 - 2014-05-20 20:56 - 00001844 _____ () C:\Users\malena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-06-06 21:51 - 2014-05-20 20:56 - 00000000 ____D () C:\Users\malena\AppData\Local\Spotify
2014-06-06 21:37 - 2014-06-06 21:16 - 00000000 ____D () C:\Users\malena\Downloads\The Sims 3 World Adventures [MULTI5][Expansion][PCDVD][WwW.GamesTorrents.CoM]
2014-06-06 20:45 - 2014-06-06 20:45 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-06-03 16:19 - 2014-03-26 20:19 - 00000000 ____D () C:\Users\malena\AppData\Local\Packages
2014-06-03 16:17 - 2014-04-08 11:35 - 00000000 ____D () C:\Users\malena
2014-06-03 13:32 - 2014-03-26 20:37 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-06-02 23:11 - 2014-03-30 00:56 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-06-02 23:11 - 2014-03-26 20:36 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-30 11:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-05-23 21:36 - 2014-05-23 21:52 - 04012479 ____N () C:\Users\malena\Desktop\VID_20140523_213643.mp4
2014-05-23 20:11 - 2014-03-26 20:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-23 20:11 - 2014-03-26 20:32 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 22:53 - 2014-05-20 22:51 - 00000000 ____D () C:\Users\malena\Downloads\The Sims 3 - Supernatural
2014-05-20 22:19 - 2014-03-28 15:22 - 00000053 _____ () C:\Users\malena\Desktop\uppgifter.txt
2014-05-17 15:43 - 2014-05-09 23:19 - 00000000 ____D () C:\Users\malena\AppData\Local\NCSOFT
2014-05-17 15:22 - 2014-05-16 14:34 - 00000000 ____D () C:\Users\malena\.gimp-2.8
2014-05-17 15:19 - 2014-05-17 15:19 - 00003422 _____ () C:\Users\malena\AppData\Local\recently-used.xbel
2014-05-17 15:19 - 2014-05-16 14:36 - 00000000 ____D () C:\Users\malena\AppData\Local\gtk-2.0
2014-05-16 15:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-16 14:38 - 2014-05-16 14:38 - 00000912 _____ () C:\Users\malena\Desktop\GIMP 2.lnk
2014-05-16 14:35 - 2014-05-16 14:35 - 00000000 ____D () C:\Users\malena\.thumbnails
2014-05-16 14:34 - 2014-05-16 14:34 - 00000000 ____D () C:\Users\malena\AppData\Local\gegl-0.2
2014-05-16 14:32 - 2014-05-16 14:32 - 00000912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-05-16 14:32 - 2014-05-16 14:31 - 00000000 ____D () C:\Program Files\GIMP 2
2014-05-16 14:24 - 2014-03-26 20:21 - 00000000 ___RD () C:\Users\malena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 14:24 - 2014-03-26 20:21 - 00000000 ___RD () C:\Users\malena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 14:14 - 2013-08-22 16:44 - 00371912 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-16 14:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-16 14:12 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-05-16 14:12 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-05-16 14:09 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-05-16 14:07 - 2014-05-16 14:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-05-14 14:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 14:22 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-14 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-14 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-14 14:22 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 11:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-14 11:22 - 2014-03-28 11:40 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-14 11:22 - 2014-03-28 11:40 - 00000000 ____D () C:\WINDOWS\system32\MRT
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\malena\AppData\Local\Temp\dlLogic.exe
C:\Users\malena\AppData\Local\Temp\dltr.exe
C:\Users\malena\AppData\Local\Temp\GCVerifier.dll
C:\Users\malena\AppData\Local\Temp\nsf9BA4.exe
C:\Users\malena\AppData\Local\Temp\nsfCDD4.exe
C:\Users\malena\AppData\Local\Temp\nso3CC8.exe
C:\Users\malena\AppData\Local\Temp\nsoCAB6.exe
C:\Users\malena\AppData\Local\Temp\nsz9913.exe
C:\Users\malena\AppData\Local\Temp\Quarantine.exe
C:\Users\malena\AppData\Local\Temp\verifier.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-10 14:26
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by malena at 2014-06-10 16:13:53
Running from C:\Users\malena\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
ASUS FaceKey (HKLM-x32\...\{ACE24C70-743B-43B0-8045-817FF050800B}) (Version: 4.1.0.0 - )
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.4 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0010 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUS Video DSP (HKLM-x32\...\{B80DB514-46E5-43AA-B68C-1EBBF5CF7D34}) (Version: 1.0.000 - )
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.4.3 - Finansiell ID-Teknik BID AB)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Svenska (HKLM\...\{90150000-001F-041D-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA 3D Vision Driver 311.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.88 - NVIDIA Corporation)
NVIDIA Control Panel 311.88 (Version: 311.88 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA Optimus 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1188 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6966 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Should I Remove It (HKCU\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts)
The Sims™ 3 In i framtiden (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Årstider (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.5.29 - installdaddy) <==== ATTENTION
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
==================== Restore Points  =========================
 
20-05-2014 20:55:20 Installerad TheSims3EP7
30-05-2014 18:45:32 Schemalagd kontrollpunkt
06-06-2014 22:00:03 Installerad The Sims 3 World Adventures
10-06-2014 11:29:05 Borttagen The Sims 3
 
==================== Hosts content: ==========================
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D108F1D-7790-4FC3-B3E8-DC5E7F58A5DD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {103502A4-3078-4B63-B343-082E206FA73B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {12CE7F20-47D4-43B7-AC34-F00C12EBA7B3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-14] (Microsoft Corporation)
Task: {14411108-E99E-4B3E-A27A-CBB27E05A425} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {1559362F-716C-4762-86FE-5DEB2270A45F} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-2 No Task File <==== ATTENTION
Task: {1A620404-8142-47C3-825A-52C9CACD4AB7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {28323B99-F08B-40C5-8B0A-C3DC6AB9A7F3} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-7 No Task File <==== ATTENTION
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E134757-9473-457A-99F9-143AA5E2CF84} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-1 No Task File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {450D50FB-54AF-4BEF-B0CC-CAA0DFCC0084} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek)
Task: {45783D83-6537-4F67-8E77-EAF2E7C62EA5} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-5 No Task File <==== ATTENTION
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4CFA67A0-6F7C-4BC0-9B9A-60625E0619D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-10] (Google Inc.)
Task: {4F9CE359-6102-407C-9488-56A7981CD492} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {52BE5FFE-5E8A-4964-AFA5-1709974B9713} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
Task: {53A45F18-4ACA-4708-A919-708614FCB6B8} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {55BDC54E-0E10-432B-A413-A63503EED848} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {8080BFCF-7282-41E9-B4DF-DFE0273410AF} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AB3B87A-494E-4F41-8DC6-AF788FF5082B} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-06-03] (ASUSTeK Computer Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9C2412AD-3701-41E7-836B-345B628782E3} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A3C706A6-A872-4851-88DC-8D6BF02B565E} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-3 No Task File <==== ATTENTION
Task: {A5126681-E48D-44FC-8543-E8619A636FA6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {B47E7285-F818-4BF7-AD1B-82D8882C066E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
Task: {B8C61D6A-2FCC-402C-BEB4-7D9236A0B441} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-6 No Task File <==== ATTENTION
Task: {C4ACF95C-8107-4A7E-B02E-12CAEAF12F5E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-10] (AVAST Software)
Task: {C89279F5-6C24-4584-BC2C-344E829B70AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-10] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {CFFC2D80-AD78-4018-A1BB-6D9833CE498A} - \957451f1-e94b-45b5-a4de-f6b7bcfab902-4 No Task File <==== ATTENTION
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D995D39F-6329-4410-A143-9E4BAD3DED72} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-06] (Adobe Systems Incorporated)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EFD6E076-BF47-4FA2-A614-0784E651FB17} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {F9545FA2-94AA-4668-8F25-CC0C29A872A5} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2013-06-19 21:49 - 2013-06-19 21:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-03-27 12:36 - 2013-03-27 12:36 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-03-27 12:33 - 2013-03-27 12:33 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-03-27 12:39 - 2013-03-27 12:39 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-04-29 15:17 - 2013-04-29 15:17 - 00587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-06-10 14:49 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-06-10 14:49 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-21 11:07 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-10 14:49 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-06-10 14:49 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-06-10 14:49 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-06-10 15:42 - 2014-06-10 15:42 - 02253312 _____ () C:\Program Files\AVAST Software\Avast\defs\14051400\algo.dll
2014-06-10 15:44 - 2014-06-10 15:44 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14061001\algo.dll
2014-06-10 15:42 - 2014-06-10 15:42 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\malena\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/10/2014 03:06:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: ShouldIRemoveIt.exe, version 1.0.4.32815, tidsstämpel 0x533c99af
, felet uppstod i modulen med namn: LSASRV.dll, version 6.3.9600.17092, tidsstämpel 0x5344ce00
Undantagskod: 0xc0000005
Felförskjutning: 0x000000000005159a
Process-ID: 0x135c
Programmets starttid: 0xShouldIRemoveIt.exe0
Sökväg till program: ShouldIRemoveIt.exe1
Sökväg till modul: ShouldIRemoveIt.exe2
Rapport-ID: ShouldIRemoveIt.exe3
Fullständigt namn på felaktigt paket: ShouldIRemoveIt.exe4
Program-ID relativt till felaktigt paket: ShouldIRemoveIt.exe5
 
Error: (06/10/2014 03:02:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: ShouldIRemoveIt.exe, version 1.0.4.32815, tidsstämpel 0x533c99af
, felet uppstod i modulen med namn: LSASRV.dll, version 6.3.9600.17092, tidsstämpel 0x5344ce00
Undantagskod: 0xc0000005
Felförskjutning: 0x000000000005159a
Process-ID: 0x1788
Programmets starttid: 0xShouldIRemoveIt.exe0
Sökväg till program: ShouldIRemoveIt.exe1
Sökväg till modul: ShouldIRemoveIt.exe2
Rapport-ID: ShouldIRemoveIt.exe3
Fullständigt namn på felaktigt paket: ShouldIRemoveIt.exe4
Program-ID relativt till felaktigt paket: ShouldIRemoveIt.exe5
 
Error: (06/10/2014 03:01:41 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: Ett oväntat värde hittades eller ett värde (namn: PackageCode, värde: GUID) saknas i nyckeln HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219
 
Error: (06/10/2014 03:01:30 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: Ett oväntat värde hittades eller ett värde (namn: PackageCode, värde: GUID) saknas i nyckeln HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219
 
Error: (06/10/2014 02:54:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT instans)
Description: Ett oväntat värde hittades eller ett värde (namn: PackageCode, värde: GUID) saknas i nyckeln HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219
 
Error: (06/10/2014 02:42:06 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: Ett oväntat värde hittades eller ett värde (namn: PackageCode, värde: GUID) saknas i nyckeln HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219
 
Error: (06/10/2014 02:42:05 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: Ett oväntat värde hittades eller ett värde (namn: PackageCode, värde: GUID) saknas i nyckeln HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219
 
Error: (06/09/2014 05:53:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (06/06/2014 10:01:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT instans)
Description: There was an error with the Windows Location Provider database
 
Error: (06/03/2014 04:18:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MALENA)
Description: windows_ie_ac_0013
 
 
System errors:
=============
Error: (06/10/2014 03:44:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel: 
%%127
 
Error: (06/10/2014 03:43:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel: 
%%127
 
Error: (06/10/2014 03:43:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel: 
%%127
 
Error: (06/10/2014 03:42:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel: 
%%127
 
Error: (06/10/2014 03:42:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! EmHWID kunde inte startas på grund av följande fel: 
%%127
 
Error: (06/10/2014 03:14:00 PM) (Source: DCOM) (EventID: 10010) (User: MALENA)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
 
Error: (06/10/2014 03:04:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjänsten Update WebSpades avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 5000 millisekunder: Starta om tjänsten.
 
Error: (06/03/2014 04:20:34 PM) (Source: DCOM) (EventID: 10010) (User: MALENA)
Description: {31337EC7-5767-11CF-BEAB-00AA006C3606}
 
Error: (06/02/2014 05:25:24 PM) (Source: DCOM) (EventID: 10010) (User: MALENA)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (06/02/2014 05:24:54 PM) (Source: DCOM) (EventID: 10010) (User: MALENA)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office Sessions:
=========================
Error: (06/10/2014 03:06:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ShouldIRemoveIt.exe1.0.4.32815533c99afLSASRV.dll6.3.9600.170925344ce00c0000005000000000005159a135c01cf84accf5b69aaC:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exeC:\WINDOWS\SYSTEM32\LSASRV.dll0f203a3f-f0a0-11e3-be87-d850e6251f14
 
Error: (06/10/2014 03:02:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ShouldIRemoveIt.exe1.0.4.32815533c99afLSASRV.dll6.3.9600.170925344ce00c0000005000000000005159a178801cf84ac22048de8C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exeC:\WINDOWS\SYSTEM32\LSASRV.dll77401c0f-f09f-11e3-be87-d850e6251f14
 
Error: (06/10/2014 03:01:41 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (06/10/2014 03:01:30 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (06/10/2014 02:54:00 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT instans)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (06/10/2014 02:42:06 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (06/10/2014 02:42:05 PM) (Source: MsiInstaller) (EventID: 1002) (User: MALENA)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (06/09/2014 05:53:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (06/06/2014 10:01:40 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT instans)
Description: -2147024883
 
Error: (06/03/2014 04:18:21 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: MALENA)
Description: windows_ie_ac_0013
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-09 18:05:43.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-17 10:59:10.115
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-15 10:54:26.154
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 27%
Total physical RAM: 8077.69 MB
Available physical RAM: 5846.61 MB
Total Pagefile: 9357.69 MB
Available Pagefile: 7217.31 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:279.11 GB) (Free:148.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:357.5 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 108D73B5)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:54 AM

Posted 10 June 2014 - 11:43 AM

Hi,

 

Thank you for the logs. Will reply later today with a fix (since I am at work right now).

Thank you for your understanding and patience. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#5 malenabengtsson

malenabengtsson
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 10 June 2014 - 12:18 PM

No problem at all. I got a question though, my computer is only 2 months old so a system restore is an option since i dont have a lot of stuff on it. If this program takes a lot of work to remove maybe it's better to just do a system restore? 



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:54 AM

Posted 11 June 2014 - 12:39 PM

Hello,

 

I am sorry about the delay but some unpredictable tasks occurred and they took me more time than I hoped for.

I didn't notice any traces from Torntv in the logs above. Did you try to uninstall it using the following tool?

If no joy then go ahead and try to uninstall it with Revo Uninstaller 1.95.

Download and install Revo Uninstaller.

Double-click the Revo Uninstaller shortcut on your desktop to run it and select the program you want to uninstall. (Torntv V9.0)
Please click Uninstall icon to uninstall the selected program.
Please choose Advanced.
Then click Next and follow the prompts.
Please click Select All and Delete to delete all registry items, folders and files listed by Revo.
If asked to restart the computer, please do so.

Let me know about the results.

 

 

Regards,

Georgi


cXfZ4wS.png


#7 malenabengtsson

malenabengtsson
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 11 June 2014 - 02:43 PM

Hey Georgi, 

i decided to do a system restore since my laptop is new and the program is now gone.

I want to thank you for your help and I want to apologize for the inconvenience. 

I will remember the tools if i happen to come across other programs like Torntv v9.0. 

 

Once again, thank you for the time you put into this and i hope you have a nice day.



#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:54 AM

Posted 14 June 2014 - 04:12 PM

Hello,

 

Thank you for letting me know. I am glad that you managed to sort it out! :)

 

Take care!

 

 

Regards,

Georgi


cXfZ4wS.png


#9 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:11:54 AM

Posted 14 June 2014 - 04:12 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users