FRST log Normal mode

1. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2013 01
2. Ran by Rebecca (administrator) on ANDREAS-PC on 27-10-2013 17:05:07
3. Running from C:\Users\Rebecca\Desktop
4. Windows Vista (TM) Home Premium Service Pack 2 (X86) OS Language: English(US)
5. Internet Explorer Version 9
6. Boot Mode: Normal
7.  
8. ==================== Could not list processes ===============
9.  
10. ==================== Registry (Whitelisted) ==================
11.  
12. HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-08-09] (Realtek Semiconductor)
13. HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-08-15] (Synaptics, Inc.)
14. HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
15. HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdSync.exe [215552 2006-11-02] (Microsoft Corporation)
16. HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
17. HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
18. HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
19. HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)
20. HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
21. HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
22. HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
23. HKCU\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2007-05-18] ()
24. HKCU\...\Run: [Google Update] - C:\Users\Rebecca\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-03] (Google Inc.)
25. HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5706480 2013-10-02] (SUPERAntiSpyware)
26. HKCU\...\Policies\system: [LogonHoursAction] 2
27. HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
28. HKU\Andreas\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-19] (Microsoft Corporation)
29. HKU\Andreas\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe
30. HKU\Andreas\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2008-06-07] (Google Inc.)
31. HKU\Andreas\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-19] (Microsoft Corporation)
32. HKU\Andreas\...\Run: [Google Update] - C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [ 2011-10-17] (Google Inc.)
33. HKU\Andreas\...\Policies\system: [LogonHoursAction] 2
34. HKU\Andreas\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
35. HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
36. HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-05-18] ()
37. HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
38. HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-05-18] ()
39. HKU\Mcx1\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
40. HKU\Mcx1\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2007-05-18] ()
41. HKU\Mcx1\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-19] (Microsoft Corporation)
42. HKU\Mcx1\...\Policies\system: [LogonHoursAction] 2
43. HKU\Mcx1\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
44. HKU\Mcx1\...\Winlogon: [Shell] EXPLORER.EXE <==== ATTENTION
45. BootExecute:
46.  
47. ==================== Internet (Whitelisted) ====================
48.  
49. HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
50. HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
51. SearchScopes: HKLM - DefaultScope value is missing.
52. BHO: ERBHOMasterObject Class - {5A15CA85-DAB9-456c-95ED-06C6E3885C2A} - C:\Program Files\ExitReality\Webspace\System\ExitRealityHelper.dll ()
53. BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
54. BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
55. BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
56. BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
57. BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
58. Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
59. Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
60. DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
61. DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
62. Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
63. Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
64. Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
65. ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
66. Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
67. Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
68. Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
69. Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
70. Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
71. Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
72. Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
73. Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
74. Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
75. Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
76. Tcpip\Parameters: [DhcpNameServer] 68.237.161.12 71.250.0.12 192.168.1.1
77.  
78. Chrome:
79. =======
80. CHR HomePage: hxxp://www.google.com
81. CHR RestoreOnStartup: "hxxp://www.google.com/"
82. CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
83. CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
84. CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
85. CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
86. CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
87. CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
88. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
89. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
90. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
91. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
92. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
93. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
94. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
95. CHR Plugin: (ExitReality Online) - C:\Program Files\ExitReality\WebSpace\System\Mozilla\nperonline.dll (ExitReality)
96. CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
97. CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
98. CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
99. CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
100. CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
101. CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
102. CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
103. CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
104. CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
105. CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
106. CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
107. CHR Extension: (Skype Click to Call) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
108. CHR Extension: (Chrome In-App Payments service) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
109. CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
110.  
111. ========================== Services (Whitelisted) =================
112.  
113. R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com)
114. S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
115. R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
116. R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
117. R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
118. R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
119. R2 pinger; C:\Toshiba\IVP\ISM\pinger.exe [136816 2007-01-25] ()
120. R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
121. R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
122. R2 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [63096 2007-01-25] ()
123. R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
124. S4 RoxLiveShare9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
125.  
126. ==================== Drivers (Whitelisted) ====================
127.  
128. S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
129. R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
130. R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
131. R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
132. R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
133. R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
134. S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
135. R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
136. R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
137. R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
138. R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
139. R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-05] (AVG Technologies)
140. R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
141. R1 MpKslea30a991; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3770750F-A56E-4265-B8B5-320B967A0CF1}\MpKslea30a991.sys [40392 2013-10-27] (Microsoft Corporation)
142. R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-07-03] (Secunia)
143. S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
144. S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
145. S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
146. S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
147. S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
148. S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
149. S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
150. R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
151. R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
152. R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-02-21] ()
153. R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
154. R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
155. S3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
156. U3 afepgmqc; C:\Windows\System32\Drivers\afepgmqc.sys [0 ] (Microsoft Corporation)
157. S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
158. S4 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [x]
159. S4 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
160. S4 IpInIp; system32\DRIVERS\ipinip.sys [x]
161. S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
162. S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
163. S3 ONDAusbmdm6k; system32\DRIVERS\ONDAusbmdm6k.sys [x]
164. S3 ONDAusbnet; system32\DRIVERS\ONDAusbnet.sys [x]
165. S3 ONDAusbnmea; system32\DRIVERS\ONDAusbnmea.sys [x]
166. S3 ONDAusbser6k; system32\DRIVERS\ONDAusbser6k.sys [x]
167. S3 RimUsb; System32\Drivers\RimUsb.sys [x]
168. S3 Tosrfcom; No ImagePath
169. U3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [x]
170. S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [x]
171.  
172. ==================== NetSvcs (Whitelisted) ===================
173.  
174.  
175. ==================== One Month Created Files and Folders ========
176.  
177. 2013-10-27 17:01 - 2013-10-26 18:58 - 01089001 _____ (Farbar) C:\Users\Rebecca\Desktop\frst.exe
178. 2013-10-27 14:24 - 2013-10-27 14:24 - 00003765 _____ C:\Users\Rebecca\Downloads\FSS.txt
179. 2013-10-27 13:47 - 2013-10-27 13:47 - 00000877 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
180. 2013-10-27 13:47 - 2013-10-27 13:47 - 00000877 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
181. 2013-10-27 13:47 - 2013-10-27 13:47 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
182. 2013-10-27 13:47 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
183. 2013-10-27 13:45 - 2013-10-27 13:45 - 00359085 _____ (Farbar) C:\Users\Rebecca\Downloads\FSS.exe
184. 2013-10-27 13:44 - 2013-10-27 13:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe
185. 2013-10-27 13:33 - 2013-10-27 13:33 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rebecca\Downloads\tdsskiller.exe
186. 2013-10-27 13:33 - 2013-10-27 13:33 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rebecca\Desktop\tdsskiller.exe
187. 2013-10-27 13:27 - 2013-10-27 13:27 - 00001922 _____ C:\Users\Rebecca\Desktop\RKreport[0]_S_10272013_132727.txt
188. 2013-10-27 13:25 - 2013-10-27 13:34 - 00000000 ____D C:\Users\Rebecca\Desktop\RK_Quarantine
189. 2013-10-27 13:25 - 2013-10-27 13:19 - 00955392 _____ C:\Users\Rebecca\Desktop\RogueKiller.exe
190. 2013-10-27 13:19 - 2013-10-27 13:19 - 00955392 _____ C:\Users\Rebecca\Downloads\RogueKiller.exe
191. 2013-10-27 13:10 - 2013-10-27 16:27 - 00002750 _____ C:\Users\Rebecca\Desktop\Rkill.txt
192. 2013-10-27 13:09 - 2013-10-27 12:53 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Rebecca\Desktop\rkill.exe
193. 2013-10-27 12:53 - 2013-10-27 12:53 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Rebecca\Downloads\rkill.exe
194. 2013-10-27 12:48 - 2013-10-27 12:48 - 00000000 ___DC C:\MGADiagToolOutput
195. 2013-10-27 12:46 - 2013-10-27 12:47 - 02031992 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\MGADiag.exe
196. 2013-10-27 12:32 - 2013-10-27 12:32 - 00362899 _____ C:\Users\Rebecca\Desktop\sfcdetails.txt
197. 2013-10-26 19:01 - 2013-10-26 19:01 - 00026729 _____ C:\Users\Rebecca\Desktop\Addition.txt
198. 2013-10-26 18:59 - 2013-10-26 18:59 - 00000000 ___DC C:\FRST
199. 2013-10-26 18:58 - 2013-10-26 18:58 - 01089001 _____ (Farbar) C:\Users\Rebecca\Downloads\FRST.exe
200. 2013-10-25 19:43 - 2013-10-25 19:43 - 00008908 _____ C:\Users\Rebecca\Desktop\Attach10252013prefinishboot.txt
201. 2013-10-25 19:42 - 2013-10-25 19:42 - 00014844 _____ C:\Users\Rebecca\Desktop\DDS10252013prefinishboot.txt
202. 2013-10-25 19:36 - 2013-10-25 19:47 - 00014805 _____ C:\Users\Rebecca\Desktop\dds.txt
203. 2013-10-25 19:36 - 2013-10-25 19:47 - 00008908 _____ C:\Users\Rebecca\Desktop\attach.txt
204. 2013-10-24 18:57 - 2013-10-24 18:57 - 00015498 _____ C:\Users\Rebecca\Desktop\dds10242013.txt
205. 2013-10-24 18:57 - 2013-10-24 18:57 - 00010052 _____ C:\Users\Rebecca\Desktop\attach10242013.txt
206. 2013-10-24 18:55 - 2013-10-24 18:54 - 00688992 ____R (Swearware) C:\Users\Rebecca\Desktop\dds.com
207. 2013-10-24 18:54 - 2013-10-24 18:54 - 00688992 _____ (Swearware) C:\Users\Rebecca\Downloads\dds.com
208. 2013-10-24 01:07 - 2013-10-24 01:08 - 524288000 ____C C:\REMOVE_THIS_FILE.livecd.swap
209. 2013-10-21 20:42 - 2013-10-27 16:06 - 00000736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
210. 2013-10-21 20:42 - 2013-10-27 16:06 - 00000736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
211. 2013-10-21 20:42 - 2013-10-21 20:43 - 00000552 _____ C:\Windows\system32\spsys.log
212. 2013-10-21 18:24 - 2013-10-27 16:06 - 00334720 _____ C:\Windows\system32\FNTCACHE.DAT
213. 2013-10-21 18:24 - 2013-10-22 18:45 - 00000974 _____ C:\Windows\PFRO.log
214. 2013-10-21 01:02 - 2013-10-21 01:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300 (2).exe
215. 2013-10-21 00:33 - 2013-10-27 11:30 - 00014549 _____ C:\Windows\WindowsUpdate.log
216. 2013-10-20 23:58 - 2013-10-20 23:59 - 00224174 _____ C:\Users\Rebecca\Documents\cc_20131020_235833.reg.bkup.reg
217. 2013-10-20 23:25 - 2013-10-20 23:25 - 00000775 _____ C:\Users\Public\Desktop\CCleaner.lnk
218. 2013-10-20 23:25 - 2013-10-20 23:25 - 00000775 _____ C:\ProgramData\Desktop\CCleaner.lnk
219. 2013-10-20 23:25 - 2013-10-20 23:25 - 00000000 ____D C:\Program Files\CCleaner
220. 2013-10-20 23:09 - 2013-10-20 23:10 - 04369632 _____ (Piriform Ltd) C:\Users\Rebecca\Downloads\ccsetup406.exe
221. 2013-10-20 05:01 - 2013-10-20 05:28 - 00000000 ___DC C:\AdwCleaner
222. 2013-10-20 04:55 - 2013-10-20 04:55 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rebecca\Downloads\tdsskiller (2).exe
223. 2013-10-18 13:26 - 2013-10-18 13:26 - 00000000 ____D C:\Program Files\Common Files\Java
224. 2013-10-18 13:25 - 2013-10-18 13:25 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
225. 2013-10-18 13:25 - 2013-10-18 13:25 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
226. 2013-10-18 13:25 - 2013-10-18 13:25 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
227. 2013-10-18 13:25 - 2013-10-18 13:25 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
228. 2013-10-18 13:22 - 2013-10-18 13:22 - 00915368 _____ (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u45.exe
229. 2013-10-17 08:07 - 2013-10-17 08:07 - 00000000 ____D C:\Program Files\ProcessExplorer
230. 2013-10-17 08:06 - 2013-07-31 13:08 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rebecca\Downloads\procexp.exe
231. 2013-10-17 07:29 - 2013-10-17 07:29 - 00000000 ___HD C:\Windows\PIF
232. 2013-10-17 06:40 - 2013-10-17 06:42 - 86845712 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\msert (1).exe
233. 2013-10-17 06:28 - 2013-10-17 06:28 - 21414024 _____ (Microsoft Corporation) C:\Users\Andreas\Downloads\Windows-KB890830-V5.5.exe
234. 2013-10-17 06:25 - 2013-10-17 06:26 - 00000000 ___DC C:\myupdates
235. 2013-10-17 02:04 - 2013-10-17 02:04 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Malwarebytes
236. 2013-10-17 01:45 - 2013-10-17 01:45 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\SUPERAntiSpyware.com
237. 2013-10-17 01:03 - 2013-10-17 01:03 - 00000000 ____D C:\Users\Andreas\AppData\Local\Avg2014
238. 2013-10-14 21:55 - 2013-10-14 23:48 - 424005844 _____ C:\Users\Rebecca\Downloads\bases (1).cav
239. 2013-10-14 18:46 - 2013-10-14 19:18 - 00000000 _____ C:\Users\Rebecca\Downloads\bases.cav
240. 2013-10-14 18:44 - 2013-10-14 18:48 - 00000000 _____ C:\Users\Rebecca\Downloads\cce_2.5.242177.201_x32.zip
241. 2013-10-14 14:15 - 2013-10-14 17:24 - 00000000 ____D C:\cce_linux
242. 2013-10-07 18:53 - 2013-10-07 18:53 - 02347384 _____ (ESET) C:\Users\Rebecca\Downloads\esetsmartinstaller_enu (1).exe
243. 2013-10-07 18:24 - 2013-10-07 18:24 - 00661184 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rebecca\Downloads\autoruns.exe
244. 2013-10-07 18:19 - 2013-10-07 18:23 - 00002866 _____ C:\Users\Rebecca\Desktop\Rkill_old.txt
245. 2013-10-07 18:17 - 2013-10-07 18:19 - 00004253 _____ C:\Users\Rebecca\Documents\aswMBR.txt
246. 2013-10-07 18:17 - 2013-10-07 18:19 - 00000512 _____ C:\Users\Rebecca\Documents\MBR.dat
247. 2013-10-07 10:43 - 2013-10-07 10:43 - 00000000 _RSHC C:\MSDOS.SYS
248. 2013-10-07 10:43 - 2013-10-07 10:43 - 00000000 _RSHC C:\IO.SYS
249. 2013-10-07 10:23 - 2013-10-07 10:23 - 02053704 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\msxml4-KB2721691-enu.exe
250. 2013-10-07 09:10 - 2013-10-07 13:14 - 00000083 _____ C:\AOSS.log
251. 2013-10-07 02:02 - 2013-10-07 02:02 - 00000000 ____D C:\Program Files\ESET
252. 2013-10-07 02:00 - 2013-10-07 02:00 - 00275181 _____ C:\Users\Rebecca\Downloads\WindowsUpdateDiagnostic (1).diagcab
253. 2013-10-07 01:34 - 2013-10-07 01:34 - 00347424 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\MicrosoftFixit.wu.RNP.50304554889194055.1.1.Run.exe
254. 2013-10-07 01:33 - 2013-10-07 01:33 - 00275181 _____ C:\Users\Rebecca\Downloads\WindowsUpdateDiagnostic.diagcab
255. 2013-10-06 20:53 - 2013-10-09 19:12 - 00000000 ____D C:\Users\Rebecca\AppData\Local\AVG SafeGuard toolbar
256. 2013-10-06 11:04 - 2013-10-06 11:04 - 01191834 _____ C:\Users\Rebecca\Downloads\ProcessExplorer.zip
257. 2013-10-06 10:01 - 2013-10-06 10:01 - 00000177 _____ C:\Windows\system32\avgrep.txt
258. 2013-10-06 00:16 - 2013-10-16 20:25 - 00000180 _____ C:\Users\Rebecca\Desktop\avgrep.txt
259. 2013-10-05 23:54 - 2013-10-05 23:54 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\AVG2014
260. 2013-10-05 23:53 - 2013-10-10 10:07 - 00000853 _____ C:\Users\Public\Desktop\AVG 2014.lnk
261. 2013-10-05 23:53 - 2013-10-10 10:07 - 00000853 _____ C:\ProgramData\Desktop\AVG 2014.lnk
262. 2013-10-05 23:53 - 2013-10-05 23:52 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
263. 2013-10-05 23:52 - 2013-10-09 18:58 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
264. 2013-10-05 23:52 - 2013-10-05 23:53 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
265. 2013-10-05 23:51 - 2013-10-05 23:54 - 00000000 ____D C:\ProgramData\AVG2014
266. 2013-10-05 23:51 - 2013-10-05 23:51 - 00000000 __HDC C:\$AVG
267. 2013-10-05 23:50 - 2013-10-05 23:50 - 00000000 ____D C:\Program Files\AVG
268. 2013-10-05 23:48 - 2013-10-06 00:16 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Avg2014
269. 2013-10-05 23:48 - 2013-10-05 23:48 - 04433128 _____ (AVG Technologies) C:\Users\Rebecca\Downloads\avg_free_stb_all_2014_4142.exe
270. 2013-10-05 23:27 - 2013-10-05 23:27 - 27878304 _____ (SUPERAntiSpyware) C:\Users\Rebecca\Downloads\SUPERAntiSpyware.exe
271. 2013-10-05 23:27 - 2013-10-05 23:27 - 00001811 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
272. 2013-10-05 23:27 - 2013-10-05 23:27 - 00001811 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
273. 2013-10-05 22:47 - 2013-10-05 22:47 - 00000000 ____D C:\Windows\Sun
274. 2013-10-05 22:44 - 2013-10-05 22:44 - 00913832 _____ (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u40.exe
275. 2013-10-05 21:49 - 2013-10-05 21:49 - 00803303 _____ C:\Users\Rebecca\AppData\Local\census.cache
276. 2013-10-05 21:48 - 2013-10-05 21:48 - 00205299 _____ C:\Users\Rebecca\AppData\Local\ars.cache
277. 2013-10-05 21:16 - 2013-10-05 21:16 - 02049128 _____ (Trend Micro Inc.) C:\Users\Rebecca\Downloads\HousecallLauncher.exe
278. 2013-10-05 21:16 - 2013-10-05 21:16 - 00000036 _____ C:\Users\Rebecca\AppData\Local\housecall.guid.cache
279. 2013-10-05 21:16 - 2012-07-26 22:02 - 00257928 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
280. 2013-10-05 21:09 - 2013-10-05 21:11 - 03272136 _____ (Secunia) C:\Users\Rebecca\Downloads\PSISetup.exe
281. 2013-10-05 20:38 - 2013-10-05 20:39 - 20894344 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\Windows-KB890830-V5.4.exe
282.  
283. ==================== One Month Modified Files and Folders =======
284.  
285. 2013-10-27 16:31 - 2012-01-08 16:20 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Google
286. 2013-10-27 16:27 - 2013-10-27 13:10 - 00002750 _____ C:\Users\Rebecca\Desktop\Rkill.txt
287. 2013-10-27 16:20 - 2008-02-28 10:19 - 00000414 ____H C:\Windows\Tasks\User_Feed_Synchronization-{F34B144A-D3EA-4A07-BFEE-48337FCC6BB2}.job
288. 2013-10-27 16:08 - 2009-12-25 14:40 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
289. 2013-10-27 16:06 - 2013-10-21 20:42 - 00000736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
290. 2013-10-27 16:06 - 2013-10-21 20:42 - 00000736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
291. 2013-10-27 16:06 - 2013-10-21 18:24 - 00334720 _____ C:\Windows\system32\FNTCACHE.DAT
292. 2013-10-27 16:06 - 2009-12-25 14:40 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
293. 2013-10-27 16:06 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
294. 2013-10-27 16:02 - 2011-10-30 10:39 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3222351459-3557411957-99243863-1000UA.job
295. 2013-10-27 14:24 - 2013-10-27 14:24 - 00003765 _____ C:\Users\Rebecca\Downloads\FSS.txt
296. 2013-10-27 13:47 - 2013-10-27 13:47 - 00000877 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
297. 2013-10-27 13:47 - 2013-10-27 13:47 - 00000877 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
298. 2013-10-27 13:47 - 2013-10-27 13:47 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
299. 2013-10-27 13:45 - 2013-10-27 13:45 - 00359085 _____ (Farbar) C:\Users\Rebecca\Downloads\FSS.exe
300. 2013-10-27 13:44 - 2013-10-27 13:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe
301. 2013-10-27 13:34 - 2013-10-27 13:25 - 00000000 ____D C:\Users\Rebecca\Desktop\RK_Quarantine
302. 2013-10-27 13:33 - 2013-10-27 13:33 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rebecca\Downloads\tdsskiller.exe
303. 2013-10-27 13:33 - 2013-10-27 13:33 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rebecca\Desktop\tdsskiller.exe
304. 2013-10-27 13:27 - 2013-10-27 13:27 - 00001922 _____ C:\Users\Rebecca\Desktop\RKreport[0]_S_10272013_132727.txt
305. 2013-10-27 13:19 - 2013-10-27 13:25 - 00955392 _____ C:\Users\Rebecca\Desktop\RogueKiller.exe
306. 2013-10-27 13:19 - 2013-10-27 13:19 - 00955392 _____ C:\Users\Rebecca\Downloads\RogueKiller.exe
307. 2013-10-27 12:53 - 2013-10-27 13:09 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Rebecca\Desktop\rkill.exe
308. 2013-10-27 12:53 - 2013-10-27 12:53 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Rebecca\Downloads\rkill.exe
309. 2013-10-27 12:48 - 2013-10-27 12:48 - 00000000 ___DC C:\MGADiagToolOutput
310. 2013-10-27 12:47 - 2013-10-27 12:46 - 02031992 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\MGADiag.exe
311. 2013-10-27 12:32 - 2013-10-27 12:32 - 00362899 _____ C:\Users\Rebecca\Desktop\sfcdetails.txt
312. 2013-10-27 11:30 - 2013-10-21 00:33 - 00014549 _____ C:\Windows\WindowsUpdate.log
313. 2013-10-26 19:01 - 2013-10-26 19:01 - 00026729 _____ C:\Users\Rebecca\Desktop\Addition.txt
314. 2013-10-26 18:59 - 2013-10-26 18:59 - 00000000 ___DC C:\FRST
315. 2013-10-26 18:58 - 2013-10-27 17:01 - 01089001 _____ (Farbar) C:\Users\Rebecca\Desktop\frst.exe
316. 2013-10-26 18:58 - 2013-10-26 18:58 - 01089001 _____ (Farbar) C:\Users\Rebecca\Downloads\FRST.exe
317. 2013-10-25 23:06 - 2012-10-10 22:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
318. 2013-10-25 19:47 - 2013-10-25 19:36 - 00014805 _____ C:\Users\Rebecca\Desktop\dds.txt
319. 2013-10-25 19:47 - 2013-10-25 19:36 - 00008908 _____ C:\Users\Rebecca\Desktop\attach.txt
320. 2013-10-25 19:43 - 2013-10-25 19:43 - 00008908 _____ C:\Users\Rebecca\Desktop\Attach10252013prefinishboot.txt
321. 2013-10-25 19:42 - 2013-10-25 19:42 - 00014844 _____ C:\Users\Rebecca\Desktop\DDS10252013prefinishboot.txt
322. 2013-10-24 18:57 - 2013-10-24 18:57 - 00015498 _____ C:\Users\Rebecca\Desktop\dds10242013.txt
323. 2013-10-24 18:57 - 2013-10-24 18:57 - 00010052 _____ C:\Users\Rebecca\Desktop\attach10242013.txt
324. 2013-10-24 18:54 - 2013-10-24 18:55 - 00688992 ____R (Swearware) C:\Users\Rebecca\Desktop\dds.com
325. 2013-10-24 18:54 - 2013-10-24 18:54 - 00688992 _____ (Swearware) C:\Users\Rebecca\Downloads\dds.com
326. 2013-10-24 01:08 - 2013-10-24 01:07 - 524288000 ____C C:\REMOVE_THIS_FILE.livecd.swap
327. 2013-10-22 18:45 - 2013-10-21 18:24 - 00000974 _____ C:\Windows\PFRO.log
328. 2013-10-21 21:18 - 2013-07-04 22:30 - 00001942 _____ C:\Users\Public\Desktop\Google Chrome.lnk
329. 2013-10-21 21:18 - 2013-07-04 22:30 - 00001942 _____ C:\ProgramData\Desktop\Google Chrome.lnk
330. 2013-10-21 21:03 - 2012-10-10 22:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
331. 2013-10-21 21:03 - 2011-05-19 00:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
332. 2013-10-21 20:43 - 2013-10-21 20:42 - 00000552 _____ C:\Windows\system32\spsys.log
333. 2013-10-21 20:10 - 2012-05-26 22:31 - 00000680 _____ C:\Users\Rebecca\AppData\Local\d3d9caps.dat
334. 2013-10-21 13:54 - 2008-02-27 20:14 - 00000000 ____D C:\Users\Andreas
335. 2013-10-21 01:02 - 2013-10-21 01:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300 (2).exe
336. 2013-10-20 23:59 - 2013-10-20 23:58 - 00224174 _____ C:\Users\Rebecca\Documents\cc_20131020_235833.reg.bkup.reg
337. 2013-10-20 23:30 - 2007-08-22 16:26 - 00000000 ____D C:\Program Files\Java
338. 2013-10-20 23:27 - 2012-03-30 17:55 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Skype
339. 2013-10-20 23:26 - 2007-08-22 15:24 - 00000000 ____D C:\Windows\Panther
340. 2013-10-20 23:25 - 2013-10-20 23:25 - 00000775 _____ C:\Users\Public\Desktop\CCleaner.lnk
341. 2013-10-20 23:25 - 2013-10-20 23:25 - 00000775 _____ C:\ProgramData\Desktop\CCleaner.lnk
342. 2013-10-20 23:25 - 2013-10-20 23:25 - 00000000 ____D C:\Program Files\CCleaner
343. 2013-10-20 23:10 - 2013-10-20 23:09 - 04369632 _____ (Piriform Ltd) C:\Users\Rebecca\Downloads\ccsetup406.exe
344. 2013-10-20 05:38 - 2009-10-07 16:20 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3222351459-3557411957-99243863-1002UA.job
345. 2013-10-20 05:28 - 2013-10-20 05:01 - 00000000 ___DC C:\AdwCleaner
346. 2013-10-20 04:55 - 2013-10-20 04:55 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Rebecca\Downloads\tdsskiller (2).exe
347. 2013-10-19 21:37 - 2006-11-02 09:01 - 00032626 _____ C:\Windows\Tasks\SCHEDLGU.TXT
348. 2013-10-18 13:26 - 2013-10-18 13:26 - 00000000 ____D C:\Program Files\Common Files\Java
349. 2013-10-18 13:26 - 2013-09-25 23:51 - 00000000 ____D C:\ProgramData\Oracle
350. 2013-10-18 13:25 - 2013-10-18 13:25 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
351. 2013-10-18 13:25 - 2013-10-18 13:25 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
352. 2013-10-18 13:25 - 2013-10-18 13:25 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
353. 2013-10-18 13:25 - 2013-10-18 13:25 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
354. 2013-10-18 13:22 - 2013-10-18 13:22 - 00915368 _____ (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u45.exe
355. 2013-10-18 13:05 - 2012-01-08 16:17 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Western Digital
356. 2013-10-18 13:03 - 2007-08-22 16:00 - 00000000 ____D C:\ProgramData\WildTangent
357. 2013-10-18 13:03 - 2007-08-22 16:00 - 00000000 ____D C:\Program Files\TOSHIBA Games
358. 2013-10-18 12:55 - 2006-11-02 08:37 - 00000000 ____D C:\Windows\twain_32
359. 2013-10-18 12:54 - 2008-04-20 15:12 - 00000000 ____D C:\Program Files\epson
360. 2013-10-18 12:53 - 2007-08-22 15:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
361. 2013-10-17 22:58 - 2012-11-04 11:31 - 00000000 ____D C:\ProgramData\MFAData
362. 2013-10-17 08:07 - 2013-10-17 08:07 - 00000000 ____D C:\Program Files\ProcessExplorer
363. 2013-10-17 07:29 - 2013-10-17 07:29 - 00000000 ___HD C:\Windows\PIF
364. 2013-10-17 06:42 - 2013-10-17 06:40 - 86845712 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\msert (1).exe
365. 2013-10-17 06:28 - 2013-10-17 06:28 - 21414024 _____ (Microsoft Corporation) C:\Users\Andreas\Downloads\Windows-KB890830-V5.5.exe
366. 2013-10-17 06:26 - 2013-10-17 06:25 - 00000000 ___DC C:\myupdates
367. 2013-10-17 06:23 - 2006-11-02 06:33 - 00703388 _____ C:\Windows\system32\PerfStringBackup.INI
368. 2013-10-17 02:04 - 2013-10-17 02:04 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Malwarebytes
369. 2013-10-17 01:45 - 2013-10-17 01:45 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\SUPERAntiSpyware.com
370. 2013-10-17 01:03 - 2013-10-17 01:03 - 00000000 ____D C:\Users\Andreas\AppData\Local\Avg2014
371. 2013-10-16 20:25 - 2013-10-06 00:16 - 00000180 _____ C:\Users\Rebecca\Desktop\avgrep.txt
372. 2013-10-16 13:47 - 2006-11-02 08:37 - 00262144 _____ C:\Windows\system32\config\BCD-Template
373. 2013-10-14 23:48 - 2013-10-14 21:55 - 424005844 _____ C:\Users\Rebecca\Downloads\bases (1).cav
374. 2013-10-14 19:18 - 2013-10-14 18:46 - 00000000 _____ C:\Users\Rebecca\Downloads\bases.cav
375. 2013-10-14 18:48 - 2013-10-14 18:44 - 00000000 _____ C:\Users\Rebecca\Downloads\cce_2.5.242177.201_x32.zip
376. 2013-10-14 18:21 - 2013-04-13 19:25 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3222351459-3557411957-99243863-1008UA.job
377. 2013-10-14 18:21 - 2013-04-13 19:25 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3222351459-3557411957-99243863-1008Core.job
378. 2013-10-14 17:24 - 2013-10-14 14:15 - 00000000 ____D C:\cce_linux
379. 2013-10-10 10:07 - 2013-10-05 23:53 - 00000853 _____ C:\Users\Public\Desktop\AVG 2014.lnk
380. 2013-10-10 10:07 - 2013-10-05 23:53 - 00000853 _____ C:\ProgramData\Desktop\AVG 2014.lnk
381. 2013-10-09 19:12 - 2013-10-06 20:53 - 00000000 ____D C:\Users\Rebecca\AppData\Local\AVG SafeGuard toolbar
382. 2013-10-09 18:58 - 2013-10-05 23:52 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
383. 2013-10-07 18:53 - 2013-10-07 18:53 - 02347384 _____ (ESET) C:\Users\Rebecca\Downloads\esetsmartinstaller_enu (1).exe
384. 2013-10-07 18:24 - 2013-10-07 18:24 - 00661184 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rebecca\Downloads\autoruns.exe
385. 2013-10-07 18:23 - 2013-10-07 18:19 - 00002866 _____ C:\Users\Rebecca\Desktop\Rkill_old.txt
386. 2013-10-07 18:19 - 2013-10-07 18:17 - 00004253 _____ C:\Users\Rebecca\Documents\aswMBR.txt
387. 2013-10-07 18:19 - 2013-10-07 18:17 - 00000512 _____ C:\Users\Rebecca\Documents\MBR.dat
388. 2013-10-07 13:14 - 2013-10-07 09:10 - 00000083 _____ C:\AOSS.log
389. 2013-10-07 10:43 - 2013-10-07 10:43 - 00000000 _RSHC C:\MSDOS.SYS
390. 2013-10-07 10:43 - 2013-10-07 10:43 - 00000000 _RSHC C:\IO.SYS
391. 2013-10-07 10:40 - 2007-08-22 14:57 - 00000000 ____D C:\Program Files\MSXML 4.0
392. 2013-10-07 10:23 - 2013-10-07 10:23 - 02053704 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\msxml4-KB2721691-enu.exe
393. 2013-10-07 02:02 - 2013-10-07 02:02 - 00000000 ____D C:\Program Files\ESET
394. 2013-10-07 02:00 - 2013-10-07 02:00 - 00275181 _____ C:\Users\Rebecca\Downloads\WindowsUpdateDiagnostic (1).diagcab
395. 2013-10-07 01:42 - 2009-01-20 20:30 - 00000000 ____D C:\Program Files\Trend Micro
396. 2013-10-07 01:34 - 2013-10-07 01:34 - 00347424 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\MicrosoftFixit.wu.RNP.50304554889194055.1.1.Run.exe
397. 2013-10-07 01:33 - 2013-10-07 01:33 - 00275181 _____ C:\Users\Rebecca\Downloads\WindowsUpdateDiagnostic.diagcab
398. 2013-10-07 00:48 - 2007-08-22 16:18 - 00000000 ____D C:\Windows\system32\Macromed
399. 2013-10-06 11:04 - 2013-10-06 11:04 - 01191834 _____ C:\Users\Rebecca\Downloads\ProcessExplorer.zip
400. 2013-10-06 10:01 - 2013-10-06 10:01 - 00000177 _____ C:\Windows\system32\avgrep.txt
401. 2013-10-06 00:16 - 2013-10-05 23:48 - 00000000 ____D C:\Users\Rebecca\AppData\Local\Avg2014
402. 2013-10-05 23:54 - 2013-10-05 23:54 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\AVG2014
403. 2013-10-05 23:54 - 2013-10-05 23:51 - 00000000 ____D C:\ProgramData\AVG2014
404. 2013-10-05 23:53 - 2013-10-05 23:52 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
405. 2013-10-05 23:52 - 2013-10-05 23:53 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
406. 2013-10-05 23:51 - 2013-10-05 23:51 - 00000000 __HDC C:\$AVG
407. 2013-10-05 23:51 - 2006-11-02 08:37 - 00000000 ____D C:\Program Files\Windows Sidebar
408. 2013-10-05 23:50 - 2013-10-05 23:50 - 00000000 ____D C:\Program Files\AVG
409. 2013-10-05 23:48 - 2013-10-05 23:48 - 04433128 _____ (AVG Technologies) C:\Users\Rebecca\Downloads\avg_free_stb_all_2014_4142.exe
410. 2013-10-05 23:28 - 2013-09-25 20:16 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
411. 2013-10-05 23:27 - 2013-10-05 23:27 - 27878304 _____ (SUPERAntiSpyware) C:\Users\Rebecca\Downloads\SUPERAntiSpyware.exe
412. 2013-10-05 23:27 - 2013-10-05 23:27 - 00001811 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
413. 2013-10-05 23:27 - 2013-10-05 23:27 - 00001811 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
414. 2013-10-05 22:47 - 2013-10-05 22:47 - 00000000 ____D C:\Windows\Sun
415. 2013-10-05 22:44 - 2013-10-05 22:44 - 00913832 _____ (Oracle Corporation) C:\Users\Rebecca\Downloads\chromeinstall-7u40.exe
416. 2013-10-05 21:49 - 2013-10-05 21:49 - 00803303 _____ C:\Users\Rebecca\AppData\Local\census.cache
417. 2013-10-05 21:48 - 2013-10-05 21:48 - 00205299 _____ C:\Users\Rebecca\AppData\Local\ars.cache
418. 2013-10-05 21:16 - 2013-10-05 21:16 - 02049128 _____ (Trend Micro Inc.) C:\Users\Rebecca\Downloads\HousecallLauncher.exe
419. 2013-10-05 21:16 - 2013-10-05 21:16 - 00000036 _____ C:\Users\Rebecca\AppData\Local\housecall.guid.cache
420. 2013-10-05 21:11 - 2013-10-05 21:09 - 03272136 _____ (Secunia) C:\Users\Rebecca\Downloads\PSISetup.exe
421. 2013-10-05 20:39 - 2013-10-05 20:38 - 20894344 _____ (Microsoft Corporation) C:\Users\Rebecca\Downloads\Windows-KB890830-V5.4.exe
422. 2013-09-29 20:55 - 2010-01-23 23:07 - 00000000 ____D C:\Users\Andreas\AppData\Local\PMB Files
423. 2013-09-28 15:46 - 2012-01-08 16:14 - 00000000 ____D C:\Users\Rebecca
424. 2013-09-28 15:46 - 2011-02-12 19:38 - 00000000 ____D C:\Users\Mcx1
425. 2013-09-28 15:46 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\spool
426. 2013-09-28 15:46 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\Msdtc
427. 2013-09-28 15:46 - 2006-11-02 06:22 - 51118080 _____ C:\Windows\system32\config\software_previous
428. 2013-09-28 15:46 - 2006-11-02 06:22 - 41680896 _____ C:\Windows\system32\config\components_previous
429. 2013-09-28 15:46 - 2006-11-02 06:22 - 30408704 _____ C:\Windows\system32\config\system_previous
430. 2013-09-28 15:46 - 2006-11-02 06:22 - 00786432 _____ C:\Windows\system32\config\default_previous
431. 2013-09-28 15:46 - 2006-11-02 06:22 - 00122880 _____ C:\Windows\system32\config\sam_previous
432. 2013-09-28 15:46 - 2006-11-02 06:22 - 00028672 _____ C:\Windows\system32\config\security_previous
433. 2013-09-28 15:45 - 2012-01-08 18:03 - 00000000 ____D C:\Program Files\World of Warcraft
434. 2013-09-28 15:45 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\registration
435. 2013-09-28 14:12 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\Microsoft.NET
436.  
437. Files to move or delete:
438. ====================
439. C:\Users\Andreas\AppData\Roaming\desktop.ini
440. C:\ProgramData\ezsid.dat
441.  
442.  
443. Some content of TEMP:
444. ====================
445. C:\Users\Rebecca\AppData\Local\Temp\ntdll_dump.dll
446. C:\Users\Rebecca\AppData\Local\Temp\{AA4EC307-D645-4CB8-A871-8F1C20F8F78C}.exe
447.  
448.  
449. ==================== Bamital & volsnap Check =================
450.  
451. C:\Windows\explorer.exe => MD5 is legit
452. C:\Windows\System32\winlogon.exe => MD5 is legit
453. C:\Windows\System32\wininit.exe => MD5 is legit
454. C:\Windows\System32\svchost.exe => MD5 is legit
455. C:\Windows\System32\services.exe => MD5 is legit
456. C:\Windows\System32\User32.dll => MD5 is legit
457. C:\Windows\System32\userinit.exe => MD5 is legit
458. C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
459.  
460.  
461. LastRegBack: 2013-10-27 16:21
462.  
463. ==================== End Of Log ============================