Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2/3 virus removed computer still running slooow


  • This topic is locked This topic is locked
21 replies to this topic

#1 wachumba

wachumba

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 18 June 2014 - 01:43 AM

avast found 3 virus. 2 were sent to chest 1 i couldnt do anything to. Scan comes up clean now but computer is still really really slow. help



BC AdBot (Login to Remove)

 


#2 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 18 June 2014 - 02:13 AM

posted following on another site below. somebody said norton touched my computer im screwed. true?

opened task manager when I open Mozilla CPU usage spikes from 10% to 70% must be virus still even though scan comes up clean? 

have hp pavilion i3 windows 7 computer starts slow then grinds to a halt and is unusable. if I wasn't away id just reformat. booted from bios ran memory test and everything was good. reformatted 4 y/o laptop before going away for 6 weeks. everything was fine for 2 weeks. started running slow after installing something so I did a system restore and everything was fine. 

fast forward another week, computer starts running slow. Norton didn't pick anything up so I tried to uninstall and try another virus scan. comp froze norton sorta still on laptop but wont open. c drive now full so I figure must be virus dl avast found 3 virus. 2 were moved to chest 1 wasn't. nothing could be done file name started svc I forget can maybe find if needed. c drive still full. there's literally 4 things on laptop could be full from partitions? laptop now is slow but usable when first booted up, then slows to a halt. any suggestions?

 



#3 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 18 June 2014 - 04:34 PM

got some advice on another site to restore advance settings and reset on ie then reboot dl/run reboot d/l run ms malicious software removal tool then malewarebytes

 

malewarebytes found 21 items posting log below. rebooted computer and it's still v slow. rebooted in safe mode trying to download avast again. first time I got some error couldn't start something and install failed. timer says 45 mins which is v slow for connection I have

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/18/2014
Scan Time: 11:02:48 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.18.07
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: jason

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316336
Time Elapsed: 6 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pfzhbwvvvj64, Quarantined, [737c66133348de584b2f94d4dc289c64],
PUP.Optional.Adpeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pfzhbwvvvj64, Quarantined, [1bd4a5d4c8b3e1555ac37b2c40c24bb5],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, Quarantined, [f2fda4d52556bb7b2c3a991e649e0bf5],
PUP.Optional.Yula.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Yula, Quarantined, [c62980f94b30df5744dffcb98c76eb15],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-3215466134-3141584443-1876715113-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [1ed197e2fb8043f315469620c33fd22e],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 16
Adware.Adpeak, C:\Program Files\003\pfzhbwvvvj64.exe, Quarantined, [737c66133348de584b2f94d4dc289c64],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Quarantined, [e906ec8d2f4c74c21c677ebf5fa111ef],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Quarantined, [3eb175046c0f201652dd571036ce6d93],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsb6495.exe, Quarantined, [915e94e53744f541f8b15b2a37ca8977],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsj1C7A.exe, Quarantined, [b738eb8e3a411c1a2e7b0c79936ed927],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsj40BF.exe, Quarantined, [a04fd7a2b3c844f29b0e285da061a957],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsl89C9.exe, Quarantined, [19d6b9c0f487fe3883263c497b863bc5],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nso18F0.exe, Quarantined, [559a95e43f3c290dcedbbec736cbd828],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsq4148.exe, Quarantined, [04eb2455e497ce68dacfb5d0847d3ec2],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsu4459.exe, Quarantined, [8b646b0e0675bc7a14955b2aac55f010],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsv44C2.exe, Quarantined, [5a9542373e3d5dd97b2e0e77926f619f],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsv6EED.exe, Quarantined, [7e71f0893645f145fbae790c3fc2847c],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsw686D.exe, Quarantined, [37b87dfc8bf0241278313a4ba75a5ca4],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsa2DC7\SpSetup.exe, Quarantined, [a847e79286f56fc7ddcc93f2857c47b9],
PUP.Optional.Conduit.A, C:\Users\jason\AppData\Local\Temp\nsx8B12\SpSetup.exe, Quarantined, [6d8276032754de585455e89d01006898],
PUP.Optional.Adpeak.A, C:\Program Files\003\pfzhbwvvvj64.exe, Quarantined, [1bd4a5d4c8b3e1555ac37b2c40c24bb5],

Physical Sectors: 0
(No malicious items detected)
 



#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:55 AM

Posted 20 June 2014 - 02:37 PM

Hi wachumba and welcome to BC.

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.

comp froze norton sorta still on laptop but wont open.

Ok, we'll deal with that as well.

Step 1
To remove Norton Products:
Go to: Norton Removal Tool

Download it to your 'Desktop'.
Then click on the desktop icon to run the removal tool.


Step 2
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Step 3
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
In your next reply, please submit:
JRT.txt
AdwCleaner report
Both reports from FRST


Thanks.

BBPP6nz.png


#5 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 20 June 2014 - 03:59 PM

http://arstechnica.com/civis/viewtopic.php?f=15&t=1247217&p=27078185#p27078185

 

i got a lot of help there. that's what i've done if it matters. downloaded hitmapro malewarebytes and few other programs. computer is up and running as it was, but everytime i run hitmanpro it still finds a few harmless tracking cookies.

 

ill follow the steps above anyway they can't hurt right?

 

is it better to run those programs in safe mode?



#6 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 20 June 2014 - 04:18 PM

okk heres all 4 logs.

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by jason on Fri 06/20/2014 at 14:01:54.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3215466134-3141584443-1876715113-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ustechsupport"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\jason\AppData\Roaming\mozilla\firefox\profiles\6kbfglf0.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 06/20/2014 at 14:07:44.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

# AdwCleaner v3.212 - Report created 17/06/2014 at 23:10:32
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : jason - JASON-PC
# Running from : C:\Users\jason\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Users\jason\Documents\Optimizer Pro
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\2\AppData\Roaming\Mozilla\Firefox\Profiles\uqo9t0jl.default\prefs.js ]


[ File : C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

[ File : C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321972&octid=EB_ORIGINAL_CTID&ISID=M3D85C5FA-37BF-41D3-8807-8E94FC454F46&SearchSource=58&CUI=&UM=5&UP=SP9E8817A7-DB75-4E29-A3C3-E5EA7C7B869C&q={searchTerms}&SSPV=
Deleted [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3321972&octid=EB_ORIGINAL_CTID&ISID=M3D85C5FA-37BF-41D3-8807-8E94FC454F46&SearchSource=55&CUI=&UM=5&UP=SP9E8817A7-DB75-4E29-A3C3-E5EA7C7B869C&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [5554 octets] - [17/06/2014 23:09:20]
AdwCleaner[S0].txt - [5375 octets] - [17/06/2014 23:10:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5435 octets] ##########
# AdwCleaner v3.212 - Report created 20/06/2014 at 14:10:46
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : jason - JASON-PC
# Running from : C:\Users\jason\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\003

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\2.jason-PC\AppData\Roaming\Mozilla\Firefox\Profiles\b8rka5gj.default\prefs.js ]


[ File : C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\2\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\2.jason-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}

[ File : C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8343 octets] - [17/06/2014 23:09:20]
AdwCleaner[R1].txt - [1196 octets] - [17/06/2014 23:50:40]
AdwCleaner[S0].txt - [8143 octets] - [17/06/2014 23:10:32]
AdwCleaner[S1].txt - [1258 octets] - [18/06/2014 00:15:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8263 octets] ##########
 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-06-2014
Ran by jason (administrator) on JASON-PC on 20-06-2014 14:14:18
Running from C:\Users\jason\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKU\S-1-5-21-3215466134-3141584443-1876715113-1000\...\Run: [MKLOL] => C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [1227976 2014-06-05] (MK)
HKU\S-1-5-21-3215466134-3141584443-1876715113-1000\...\Run: [Google Update] => C:\Users\jason\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-06-12] (Google Inc.)
HKU\S-1-5-21-3215466134-3141584443-1876715113-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-05-06] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5065B637478BCF01
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.59.1.1

FireFox:
========
FF ProfilePath: C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\jason\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\jason\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\jason\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\jason\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\jason\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\jason\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: WOT - C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-06-02]
FF Extension: ImageBlock - C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\Extensions\imageblock@hemantvats.com.xpi [2014-06-02]
FF Extension: Mark Ads Sites In Search - C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.xpi [2014-06-02]
FF Extension: Flash Control - C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\Extensions\jid1-sNL73VCI4UB0Fw@jetpack.xpi [2014-06-02]
FF Extension: NoScript - C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-02]
FF Extension: Public Fox - C:\Users\jason\AppData\Roaming\Mozilla\Firefox\Profiles\6kbfglf0.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-6665170634FE}.xpi [2014-06-02]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-06]
CHR Extension: (Google Drive) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-06]
CHR Extension: (Google Search) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-06]
CHR Extension: (No Name) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-05-31]
CHR Extension: (Google Wallet) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-06]
CHR Extension: (Gmail) - C:\Users\jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-06]

==================== Services (Whitelisted) =================

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-06-19] (SurfRight B.V.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-12] (Validity Sensors, Inc.)
S2 Util Yula; "C:\Program Files (x86)\Yula\bin\utilYulasee.exe" [X]
S2 vToolbarUpdater3.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-05-07] (AVG Technologies)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-20 14:14 - 2014-06-20 14:15 - 00010289 _____ () C:\Users\jason\Downloads\FRST.txt
2014-06-20 14:14 - 2014-06-20 14:14 - 00000000 ____D () C:\FRST
2014-06-20 14:13 - 2014-06-20 14:13 - 02083328 _____ (Farbar) C:\Users\jason\Downloads\FRST64.exe
2014-06-20 14:12 - 2014-06-20 14:12 - 00008367 _____ () C:\Users\jason\Desktop\AdwCleaner[S0].txt
2014-06-20 14:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-20 14:08 - 2014-06-20 14:08 - 01333465 _____ () C:\Users\jason\Downloads\AdwCleaner.exe
2014-06-20 14:07 - 2014-06-20 14:07 - 00003458 _____ () C:\Users\jason\Desktop\JRT.txt
2014-06-20 14:01 - 2014-06-20 14:01 - 01016261 _____ (Thisisu) C:\Users\jason\Downloads\JRT.exe
2014-06-20 14:01 - 2014-06-20 14:01 - 00000000 ____D () C:\Windows\ERUNT
2014-06-20 13:50 - 2014-06-20 13:50 - 00001035 _____ () C:\Users\UpdatusUser\Desktop\WinDirStat.lnk
2014-06-20 13:50 - 2014-06-20 13:50 - 00001035 _____ () C:\Users\jason\Desktop\WinDirStat.lnk
2014-06-20 13:50 - 2014-06-20 13:50 - 00001035 _____ () C:\Users\2.jason-PC\Desktop\WinDirStat.lnk
2014-06-20 13:50 - 2014-06-20 13:50 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-20 13:50 - 2014-06-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-20 13:50 - 2014-06-20 13:50 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-06-19 16:18 - 2014-06-19 16:18 - 00448512 _____ (OldTimer Tools) C:\Users\jason\Downloads\TFC.exe
2014-06-19 03:48 - 2014-06-19 03:48 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\Macromedia
2014-06-19 03:48 - 2014-06-19 03:48 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\LolClient
2014-06-19 01:46 - 2014-06-19 01:46 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\Mozilla
2014-06-19 01:46 - 2014-06-19 01:46 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Local\Mozilla
2014-06-19 01:45 - 2014-06-19 01:47 - 00002259 _____ () C:\Users\2.jason-PC\Desktop\Google Chrome.lnk
2014-06-19 01:45 - 2014-06-19 01:45 - 00058016 _____ () C:\Users\2.jason-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-19 01:45 - 2014-06-19 01:45 - 00001417 _____ () C:\Users\2.jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 01:45 - 2014-06-19 01:45 - 00000020 ___SH () C:\Users\2.jason-PC\ntuser.ini
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\Adobe
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Local\VirtualStore
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Local\Google
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC
2014-06-19 01:45 - 2014-05-20 09:31 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\TuneUp Software
2014-06-19 01:45 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\2.jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-19 01:45 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\2.jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-19 01:26 - 2014-06-19 01:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\jason\Downloads\tdsskiller.exe
2014-06-19 01:01 - 2014-06-19 01:01 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-19 01:00 - 2014-06-19 01:01 - 04707328 _____ () C:\Users\jason\Downloads\RogueKiller.exe
2014-06-19 00:46 - 2014-06-19 00:46 - 00001802 _____ () C:\Windows\system32\.crusader
2014-06-19 00:43 - 2014-06-19 00:43 - 00001897 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-06-19 00:43 - 2014-06-19 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-06-19 00:43 - 2014-06-19 00:43 - 00000000 ____D () C:\Program Files\HitmanPro
2014-06-19 00:34 - 2014-06-19 00:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-19 00:06 - 2014-06-19 00:41 - 10971424 _____ (SurfRight B.V.) C:\Users\jason\Downloads\HitmanPro_x64.exe
2014-06-18 23:55 - 2014-06-18 23:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-18 23:54 - 2014-06-18 23:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-18 23:52 - 2014-06-18 23:56 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-18 23:45 - 2014-06-18 23:56 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-18 23:42 - 2014-06-18 23:45 - 13829304 _____ (Microsoft Corporation) C:\Users\jason\Downloads\mseinstall.exe
2014-06-18 15:47 - 2014-06-18 15:59 - 29183200 _____ (Microsoft Corporation) C:\Users\jason\Downloads\Windows-KB890830-x64-V5.13.exe
2014-06-18 15:42 - 2014-06-18 15:43 - 00886288 _____ (Microsoft Corporation) C:\Users\jason\Downloads\mssstool64.exe
2014-06-18 15:39 - 2014-06-18 15:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\lvssxsit.sys
2014-06-18 15:37 - 2014-06-18 15:37 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\fvqujvbb.sys
2014-06-18 14:19 - 2014-06-18 15:39 - 94714880 _____ (AVAST Software) C:\Users\jason\Downloads\avast_free_antivirus_setup.exe
2014-06-18 11:32 - 2014-06-18 11:32 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\lggmsatn.sys
2014-06-18 11:01 - 2014-06-19 16:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 11:00 - 2014-06-18 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 11:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-18 11:00 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-18 11:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-18 02:33 - 2014-06-18 11:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 02:33 - 2014-06-18 02:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 23:12 - 2014-06-18 03:24 - 00000000 ____D () C:\Users\jason\Desktop\RK_Quarantine
2014-06-17 23:09 - 2014-06-20 14:11 - 00000000 ____D () C:\AdwCleaner
2014-06-17 22:43 - 2014-06-17 22:44 - 01333465 _____ () C:\Users\2\Downloads\AdwCleaner.exe
2014-06-17 22:32 - 2014-06-17 22:32 - 00000000 ____D () C:\Users\2\AppData\Roaming\Mozilla
2014-06-17 22:32 - 2014-06-17 22:32 - 00000000 ____D () C:\Users\2\AppData\Local\Mozilla
2014-06-17 17:02 - 2014-06-17 17:02 - 00000000 ____D () C:\Users\2\AppData\Roaming\LolClient
2014-06-17 17:01 - 2014-06-17 17:01 - 00000000 ____D () C:\Users\2\AppData\Roaming\Macromedia
2014-06-17 16:59 - 2014-06-17 16:59 - 00000000 ____D () C:\Users\2\AppData\Roaming\AVAST Software
2014-06-17 16:57 - 2014-06-17 16:57 - 00000000 ____D () C:\Users\2\AppData\Roaming\Adobe
2014-06-17 16:57 - 2014-06-17 16:57 - 00000000 ____D () C:\Users\2\AppData\Local\Google
2014-06-17 16:56 - 2014-06-17 16:56 - 00000000 ____D () C:\Users\2\AppData\Local\VirtualStore
2014-06-17 16:55 - 2014-06-18 03:27 - 00000000 ____D () C:\Users\2
2014-06-17 16:55 - 2014-05-20 09:31 - 00000000 ____D () C:\Users\2\AppData\Roaming\TuneUp Software
2014-06-17 15:24 - 2014-06-17 15:24 - 00000000 ____D () C:\Users\jason\AppData\Roaming\AVAST Software
2014-06-17 15:22 - 2014-06-17 15:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-17 14:55 - 2014-06-17 14:55 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-17 14:53 - 2014-06-17 14:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-17 05:46 - 2014-06-18 03:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-17 05:46 - 2014-06-18 03:24 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-12 22:46 - 2014-06-20 13:51 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000UA.job
2014-06-12 22:46 - 2014-06-15 22:51 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000Core.job
2014-06-12 22:46 - 2014-06-12 22:46 - 00918672 _____ (Google Inc.) C:\Users\jason\Downloads\GoogleVoiceAndVideoSetup.exe
2014-06-12 22:46 - 2014-06-12 22:46 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000UA
2014-06-12 22:46 - 2014-06-12 22:46 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000Core
2014-06-11 23:38 - 2014-06-15 15:01 - 00001227 _____ () C:\Windows\SecuniaPackage.log
2014-06-11 14:18 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 14:18 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 14:18 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 14:18 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 14:18 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 14:18 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 14:18 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 14:18 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 14:18 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 14:18 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 14:18 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 14:18 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 14:18 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 14:18 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 14:18 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 14:18 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 14:18 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 14:18 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 14:18 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 14:18 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 14:18 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 14:18 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 14:18 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 14:18 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 14:18 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 14:18 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 14:18 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 14:18 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 14:18 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 14:18 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 14:18 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 14:18 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 14:18 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 14:18 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 14:18 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 14:18 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 14:18 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 14:18 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 14:18 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 14:18 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 14:18 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 14:18 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 14:18 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 14:18 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 14:18 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 14:18 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 14:18 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 14:18 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 14:18 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 14:18 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 14:18 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 14:18 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 14:18 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 14:18 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 14:18 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 14:18 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 14:18 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 14:18 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 14:18 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 14:18 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 14:18 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 14:18 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 14:18 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 14:18 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 14:15 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 14:15 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 21:57 - 2014-06-07 21:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-06 00:52 - 2014-06-06 00:52 - 00000000 __SHD () C:\Users\jason\AppData\Local\EmieUserList
2014-06-06 00:52 - 2014-06-06 00:52 - 00000000 __SHD () C:\Users\jason\AppData\Local\EmieSiteList
2014-06-02 13:02 - 2014-06-02 13:02 - 00000000 ____D () C:\Users\jason\AppData\Local\Macromedia
2014-06-02 12:29 - 2014-06-18 03:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-02 12:29 - 2014-06-13 21:45 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Skype
2014-06-02 12:29 - 2014-06-02 12:29 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-02 12:29 - 2014-06-02 12:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-02 12:29 - 2014-06-02 12:29 - 00000000 ____D () C:\Users\jason\AppData\Local\Skype
2014-06-02 12:29 - 2014-06-02 12:29 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 12:25 - 2014-06-02 12:25 - 01677440 _____ (Skype Technologies S.A.) C:\Users\jason\Downloads\SkypeSetup.exe
2014-06-02 12:15 - 2014-06-18 11:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-02 12:15 - 2014-06-18 11:18 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-02 12:15 - 2014-06-18 11:18 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-02 12:15 - 2014-06-18 11:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-02 12:15 - 2014-06-12 22:48 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Mozilla
2014-06-02 12:15 - 2014-06-02 12:15 - 00000000 ____D () C:\Users\jason\AppData\Local\Mozilla
2014-06-02 12:15 - 2014-06-02 12:15 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-02 12:12 - 2014-06-02 12:12 - 00282928 _____ (Mozilla) C:\Users\jason\Downloads\Firefox Setup Stub 29.0.1.exe
2014-06-02 02:34 - 2014-06-18 15:44 - 00000000 ____D () C:\Users\jason\AppData\Local\CrashDumps
2014-05-31 19:41 - 2014-06-18 01:10 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-31 19:39 - 2014-06-18 03:25 - 00000000 ____D () C:\ProgramData\Norton
2014-05-31 19:39 - 2014-06-18 03:25 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-05-31 19:26 - 2014-06-02 12:10 - 00000000 ____D () C:\ProgramData\TEMP
2014-05-31 19:22 - 2014-06-18 11:09 - 00000000 ____D () C:\temp
2014-05-31 18:50 - 2014-06-05 13:30 - 00000000 ____D () C:\Program Files (x86)\Yula
2014-05-31 18:39 - 2014-05-31 18:39 - 79454680 _____ () C:\Users\jason\Downloads\nortoninternetsecurity2014-setup.exe
2014-05-31 18:36 - 2014-05-31 18:38 - 02863240 _____ (US Tech Support LLC) C:\Users\jason\Downloads\MyCleanPC.exe
2014-05-31 14:24 - 2014-05-31 14:25 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-31 11:40 - 2014-05-31 11:53 - 70431144 _____ (AVG) C:\Users\jason\Downloads\avg_tuh_stf_all_2014_423_24c4.exe
2014-05-30 17:27 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-05-30 17:27 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-05-30 17:27 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-05-30 17:27 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-05-30 17:27 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-05-30 17:27 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-05-30 17:27 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-05-30 17:27 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-05-30 17:27 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-05-30 17:27 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-05-30 17:27 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-05-30 17:27 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-05-30 17:27 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-05-30 17:27 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-05-30 17:27 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-05-30 17:27 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-05-30 17:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-05-30 17:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-05-30 17:27 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-05-30 17:27 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-05-30 17:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-05-30 17:27 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-05-30 17:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-05-30 17:27 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-05-30 17:27 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2014-05-30 17:27 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-05-30 17:27 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-05-30 17:27 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-05-30 17:27 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-05-30 17:27 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-05-30 17:27 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-05-30 17:27 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-05-30 17:27 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-05-30 17:27 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-05-30 17:27 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-05-30 17:27 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-05-30 17:27 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-05-30 17:27 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-05-30 17:27 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-05-30 17:27 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-05-30 17:27 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-05-30 17:27 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-05-30 17:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-05-30 17:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-05-30 17:27 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-05-30 17:27 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-05-30 17:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-05-30 17:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-05-30 17:27 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-05-30 17:27 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-05-30 17:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-05-30 17:27 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-05-30 17:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-05-30 17:27 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-05-30 17:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-05-30 17:26 - 2014-05-30 17:27 - 00010009 _____ () C:\Windows\DirectX.log
2014-05-30 17:26 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-05-30 17:26 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-05-30 17:26 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-05-30 17:26 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-05-30 17:26 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-05-30 17:26 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-05-30 17:26 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-05-30 17:26 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-05-30 17:26 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-05-30 17:26 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-05-30 17:26 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-05-30 17:26 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-05-30 17:26 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-05-30 17:26 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-05-30 17:26 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-05-30 17:26 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-05-30 17:26 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-05-30 17:26 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-05-30 17:26 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-05-30 17:26 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-05-30 17:26 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-05-30 17:26 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-05-30 17:26 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-05-30 17:26 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-05-30 17:26 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-05-30 17:26 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-05-30 17:26 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-05-30 17:26 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-05-30 17:26 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-05-30 17:26 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-05-30 17:26 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-05-30 17:26 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-05-30 17:26 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-05-30 17:26 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-05-30 17:26 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-05-30 17:26 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-05-30 17:26 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-05-30 17:26 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-05-30 17:26 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-05-30 17:26 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-05-30 17:26 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-05-30 17:26 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-05-30 17:26 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-05-30 17:26 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-05-30 17:26 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-05-30 17:26 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-05-30 17:26 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-05-30 17:26 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-05-30 17:26 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-05-30 17:26 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-05-30 17:26 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-05-30 17:26 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-05-30 17:26 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-05-30 17:26 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-05-30 17:26 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-05-30 17:26 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-05-30 17:26 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-05-30 17:26 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-05-30 17:26 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-05-30 17:26 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-05-30 17:26 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-05-30 17:26 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-05-30 17:26 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-05-30 17:26 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-05-30 17:26 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-05-30 17:26 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-05-30 17:26 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-05-30 17:26 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-05-30 17:26 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-05-30 17:26 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-05-30 17:26 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-05-30 17:26 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-05-30 17:26 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-05-30 17:26 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-05-30 17:26 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-05-30 17:26 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-05-30 17:26 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-05-30 17:26 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-05-30 17:26 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-05-30 17:26 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-05-30 17:26 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-05-30 17:26 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-05-30 17:26 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-05-30 17:26 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-05-30 17:26 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-05-30 17:26 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-05-30 17:26 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-05-30 17:26 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-05-30 17:26 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-05-30 17:26 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-05-30 17:20 - 2014-05-30 17:27 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-29 21:51 - 2014-05-29 21:52 - 01747008 _____ () C:\Users\jason\Downloads\9780316097529_epub.v6.epub
2014-05-29 21:20 - 2014-05-29 21:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-29 15:58 - 2014-05-29 15:58 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Curse
2014-05-29 15:55 - 2014-05-29 15:57 - 41232416 _____ (Curse) C:\Users\jason\Downloads\CurseClientSetup.exe
2014-05-25 20:01 - 2014-05-25 20:18 - 00000000 ____D () C:\Users\jason\Documents\MK-LOL
2014-05-25 20:01 - 2014-05-25 20:01 - 00000054 _____ () C:\Windows\JQHApp.dat
2014-05-25 20:00 - 2014-05-25 20:00 - 00058016 _____ () C:\Users\jason\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-25 20:00 - 2014-05-25 20:00 - 00001015 _____ () C:\Users\jason\Desktop\MK LOL.lnk
2014-05-25 20:00 - 2014-05-25 20:00 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-05-25 19:59 - 2014-05-25 19:59 - 00000000 ____D () C:\Program Files (x86)\MKJogo
2014-05-25 19:57 - 2014-05-25 19:58 - 07090888 _____ () C:\Users\jason\Downloads\MK_LOL_1.0.0.41.exe

==================== One Month Modified Files and Folders =======

2014-06-20 14:15 - 2014-06-20 14:14 - 00010289 _____ () C:\Users\jason\Downloads\FRST.txt
2014-06-20 14:14 - 2014-06-20 14:14 - 00000000 ____D () C:\FRST
2014-06-20 14:13 - 2014-06-20 14:13 - 02083328 _____ (Farbar) C:\Users\jason\Downloads\FRST64.exe
2014-06-20 14:13 - 2014-05-06 05:37 - 02090840 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 14:12 - 2014-06-20 14:12 - 00008367 _____ () C:\Users\jason\Desktop\AdwCleaner[S0].txt
2014-06-20 14:12 - 2014-05-06 12:03 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 14:11 - 2014-06-17 23:09 - 00000000 ____D () C:\AdwCleaner
2014-06-20 14:11 - 2010-11-20 20:47 - 00021850 _____ () C:\Windows\PFRO.log
2014-06-20 14:11 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 14:11 - 2009-07-13 21:51 - 00033140 _____ () C:\Windows\setupact.log
2014-06-20 14:09 - 2014-05-06 12:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 14:08 - 2014-06-20 14:08 - 01333465 _____ () C:\Users\jason\Downloads\AdwCleaner.exe
2014-06-20 14:07 - 2014-06-20 14:07 - 00003458 _____ () C:\Users\jason\Desktop\JRT.txt
2014-06-20 14:01 - 2014-06-20 14:01 - 01016261 _____ (Thisisu) C:\Users\jason\Downloads\JRT.exe
2014-06-20 14:01 - 2014-06-20 14:01 - 00000000 ____D () C:\Windows\ERUNT
2014-06-20 13:52 - 2009-07-13 21:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-20 13:52 - 2009-07-13 21:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-20 13:51 - 2014-06-12 22:46 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000UA.job
2014-06-20 13:50 - 2014-06-20 13:50 - 00001035 _____ () C:\Users\UpdatusUser\Desktop\WinDirStat.lnk
2014-06-20 13:50 - 2014-06-20 13:50 - 00001035 _____ () C:\Users\jason\Desktop\WinDirStat.lnk
2014-06-20 13:50 - 2014-06-20 13:50 - 00001035 _____ () C:\Users\2.jason-PC\Desktop\WinDirStat.lnk
2014-06-20 13:50 - 2014-06-20 13:50 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-20 13:50 - 2014-06-20 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-20 13:50 - 2014-06-20 13:50 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-06-20 04:18 - 2014-05-06 12:03 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 02:49 - 2014-05-09 19:01 - 00000000 ____D () C:\Users\jason\AppData\Local\PMB Files
2014-06-19 16:27 - 2014-06-18 11:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-19 16:18 - 2014-06-19 16:18 - 00448512 _____ (OldTimer Tools) C:\Users\jason\Downloads\TFC.exe
2014-06-19 03:48 - 2014-06-19 03:48 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\Macromedia
2014-06-19 03:48 - 2014-06-19 03:48 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\LolClient
2014-06-19 01:47 - 2014-06-19 01:45 - 00002259 _____ () C:\Users\2.jason-PC\Desktop\Google Chrome.lnk
2014-06-19 01:46 - 2014-06-19 01:46 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\Mozilla
2014-06-19 01:46 - 2014-06-19 01:46 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Local\Mozilla
2014-06-19 01:45 - 2014-06-19 01:45 - 00058016 _____ () C:\Users\2.jason-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-19 01:45 - 2014-06-19 01:45 - 00001417 _____ () C:\Users\2.jason-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-19 01:45 - 2014-06-19 01:45 - 00000020 ___SH () C:\Users\2.jason-PC\ntuser.ini
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Roaming\Adobe
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Local\VirtualStore
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC\AppData\Local\Google
2014-06-19 01:45 - 2014-06-19 01:45 - 00000000 ____D () C:\Users\2.jason-PC
2014-06-19 01:28 - 2014-06-19 01:26 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\jason\Downloads\tdsskiller.exe
2014-06-19 01:01 - 2014-06-19 01:01 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-19 01:01 - 2014-06-19 01:00 - 04707328 _____ () C:\Users\jason\Downloads\RogueKiller.exe
2014-06-19 00:47 - 2014-06-19 00:34 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-06-19 00:46 - 2014-06-19 00:46 - 00001802 _____ () C:\Windows\system32\.crusader
2014-06-19 00:43 - 2014-06-19 00:43 - 00001897 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-06-19 00:43 - 2014-06-19 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-06-19 00:43 - 2014-06-19 00:43 - 00000000 ____D () C:\Program Files\HitmanPro
2014-06-19 00:41 - 2014-06-19 00:06 - 10971424 _____ (SurfRight B.V.) C:\Users\jason\Downloads\HitmanPro_x64.exe
2014-06-18 23:56 - 2014-06-18 23:52 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-18 23:56 - 2014-06-18 23:45 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-06-18 23:55 - 2014-06-18 23:55 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-18 23:54 - 2014-06-18 23:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-18 23:45 - 2014-06-18 23:42 - 13829304 _____ (Microsoft Corporation) C:\Users\jason\Downloads\mseinstall.exe
2014-06-18 15:59 - 2014-06-18 15:47 - 29183200 _____ (Microsoft Corporation) C:\Users\jason\Downloads\Windows-KB890830-x64-V5.13.exe
2014-06-18 15:44 - 2014-06-02 02:34 - 00000000 ____D () C:\Users\jason\AppData\Local\CrashDumps
2014-06-18 15:43 - 2014-06-18 15:42 - 00886288 _____ (Microsoft Corporation) C:\Users\jason\Downloads\mssstool64.exe
2014-06-18 15:39 - 2014-06-18 15:39 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\lvssxsit.sys
2014-06-18 15:39 - 2014-06-18 14:19 - 94714880 _____ (AVAST Software) C:\Users\jason\Downloads\avast_free_antivirus_setup.exe
2014-06-18 15:37 - 2014-06-18 15:37 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\fvqujvbb.sys
2014-06-18 11:41 - 2014-06-02 12:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 11:32 - 2014-06-18 11:32 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\lggmsatn.sys
2014-06-18 11:18 - 2014-06-02 12:15 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 11:18 - 2014-06-02 12:15 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-18 11:18 - 2014-06-02 12:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 11:09 - 2014-05-31 19:22 - 00000000 ____D () C:\temp
2014-06-18 11:00 - 2014-06-18 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 11:00 - 2014-06-18 02:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-18 03:27 - 2014-06-17 16:55 - 00000000 ____D () C:\Users\2
2014-06-18 03:27 - 2014-05-06 02:48 - 00000000 ____D () C:\Users\jason
2014-06-18 03:26 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-18 03:26 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-18 03:26 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-18 03:25 - 2014-06-02 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-18 03:25 - 2014-05-31 19:39 - 00000000 ____D () C:\ProgramData\Norton
2014-06-18 03:25 - 2014-05-31 19:39 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2014-06-18 03:25 - 2014-05-09 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-18 03:25 - 2014-05-09 19:01 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-18 03:25 - 2014-05-06 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BovadaPoker
2014-06-18 03:25 - 2014-05-06 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-18 03:24 - 2014-06-17 23:12 - 00000000 ____D () C:\Users\jason\Desktop\RK_Quarantine
2014-06-18 03:24 - 2014-06-17 05:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-06-18 03:24 - 2014-06-17 05:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-18 03:24 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-06-18 02:33 - 2014-06-18 02:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-18 01:10 - 2014-05-31 19:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-17 22:44 - 2014-06-17 22:43 - 01333465 _____ () C:\Users\2\Downloads\AdwCleaner.exe
2014-06-17 22:32 - 2014-06-17 22:32 - 00000000 ____D () C:\Users\2\AppData\Roaming\Mozilla
2014-06-17 22:32 - 2014-06-17 22:32 - 00000000 ____D () C:\Users\2\AppData\Local\Mozilla
2014-06-17 17:02 - 2014-06-17 17:02 - 00000000 ____D () C:\Users\2\AppData\Roaming\LolClient
2014-06-17 17:01 - 2014-06-17 17:01 - 00000000 ____D () C:\Users\2\AppData\Roaming\Macromedia
2014-06-17 16:59 - 2014-06-17 16:59 - 00000000 ____D () C:\Users\2\AppData\Roaming\AVAST Software
2014-06-17 16:57 - 2014-06-17 16:57 - 00000000 ____D () C:\Users\2\AppData\Roaming\Adobe
2014-06-17 16:57 - 2014-06-17 16:57 - 00000000 ____D () C:\Users\2\AppData\Local\Google
2014-06-17 16:56 - 2014-06-17 16:56 - 00000000 ____D () C:\Users\2\AppData\Local\VirtualStore
2014-06-17 15:24 - 2014-06-17 15:24 - 00000000 ____D () C:\Users\jason\AppData\Roaming\AVAST Software
2014-06-17 15:24 - 2014-06-17 15:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-17 14:55 - 2014-06-17 14:55 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-17 14:53 - 2014-06-17 14:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-17 05:49 - 2014-05-06 06:31 - 00000000 ____D () C:\Windows\Panther
2014-06-15 22:51 - 2014-06-12 22:46 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000Core.job
2014-06-15 15:01 - 2014-06-11 23:38 - 00001227 _____ () C:\Windows\SecuniaPackage.log
2014-06-15 14:55 - 2014-05-06 21:17 - 00000000 ____D () C:\Bovada
2014-06-13 21:45 - 2014-06-02 12:29 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Skype
2014-06-13 01:47 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 22:48 - 2014-06-02 12:15 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Mozilla
2014-06-12 22:48 - 2014-05-06 12:03 - 00000000 ____D () C:\Users\jason\AppData\Local\Google
2014-06-12 22:46 - 2014-06-12 22:46 - 00918672 _____ (Google Inc.) C:\Users\jason\Downloads\GoogleVoiceAndVideoSetup.exe
2014-06-12 22:46 - 2014-06-12 22:46 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000UA
2014-06-12 22:46 - 2014-06-12 22:46 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000Core
2014-06-11 23:48 - 2014-05-06 12:03 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-11 23:48 - 2014-05-06 12:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 23:48 - 2014-05-06 12:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-11 17:12 - 2014-05-06 12:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 17:06 - 2014-05-06 19:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 02:13 - 2014-06-11 14:15 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 02:08 - 2014-06-11 14:15 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 21:57 - 2014-06-07 21:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-07 03:41 - 2009-07-13 22:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-06-07 01:34 - 2009-07-13 22:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 00:52 - 2014-06-06 00:52 - 00000000 __SHD () C:\Users\jason\AppData\Local\EmieUserList
2014-06-06 00:52 - 2014-06-06 00:52 - 00000000 __SHD () C:\Users\jason\AppData\Local\EmieSiteList
2014-06-05 13:30 - 2014-05-31 18:50 - 00000000 ____D () C:\Program Files (x86)\Yula
2014-06-02 13:02 - 2014-06-02 13:02 - 00000000 ____D () C:\Users\jason\AppData\Local\Macromedia
2014-06-02 12:29 - 2014-06-02 12:29 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-02 12:29 - 2014-06-02 12:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-02 12:29 - 2014-06-02 12:29 - 00000000 ____D () C:\Users\jason\AppData\Local\Skype
2014-06-02 12:29 - 2014-06-02 12:29 - 00000000 ____D () C:\ProgramData\Skype
2014-06-02 12:25 - 2014-06-02 12:25 - 01677440 _____ (Skype Technologies S.A.) C:\Users\jason\Downloads\SkypeSetup.exe
2014-06-02 12:15 - 2014-06-02 12:15 - 00000000 ____D () C:\Users\jason\AppData\Local\Mozilla
2014-06-02 12:15 - 2014-06-02 12:15 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-02 12:12 - 2014-06-02 12:12 - 00282928 _____ (Mozilla) C:\Users\jason\Downloads\Firefox Setup Stub 29.0.1.exe
2014-06-02 12:10 - 2014-05-31 19:26 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-02 00:32 - 2009-07-13 19:34 - 00000505 _____ () C:\Windows\win.ini
2014-06-01 17:17 - 2014-05-06 12:44 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-31 18:40 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Resources
2014-05-31 18:39 - 2014-05-31 18:39 - 79454680 _____ () C:\Users\jason\Downloads\nortoninternetsecurity2014-setup.exe
2014-05-31 18:38 - 2014-05-31 18:36 - 02863240 _____ (US Tech Support LLC) C:\Users\jason\Downloads\MyCleanPC.exe
2014-05-31 18:10 - 2014-05-07 12:47 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-05-31 18:10 - 2014-05-06 12:18 - 00000000 ____D () C:\Users\jason\AppData\Roaming\AVG2014
2014-05-31 18:10 - 2014-05-06 12:17 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-31 18:10 - 2014-05-06 12:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-31 14:25 - 2014-05-31 14:24 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-31 14:05 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-31 11:53 - 2014-05-31 11:40 - 70431144 _____ (AVG) C:\Users\jason\Downloads\avg_tuh_stf_all_2014_423_24c4.exe
2014-05-30 17:27 - 2014-05-30 17:26 - 00010009 _____ () C:\Windows\DirectX.log
2014-05-30 17:27 - 2014-05-30 17:20 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-30 03:21 - 2014-06-11 14:18 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 03:02 - 2014-06-11 14:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 03:02 - 2014-06-11 14:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 02:45 - 2014-06-11 14:18 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 02:39 - 2014-06-11 14:18 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 02:39 - 2014-06-11 14:18 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 02:38 - 2014-06-11 14:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 02:28 - 2014-06-11 14:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 02:27 - 2014-06-11 14:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 02:24 - 2014-06-11 14:18 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 02:21 - 2014-06-11 14:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 02:21 - 2014-06-11 14:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 02:20 - 2014-06-11 14:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 02:18 - 2014-06-11 14:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 02:11 - 2014-06-11 14:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 02:08 - 2014-06-11 14:18 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 02:06 - 2014-06-11 14:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 02:02 - 2014-06-11 14:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 01:55 - 2014-06-11 14:18 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 01:49 - 2014-06-11 14:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 01:46 - 2014-06-11 14:18 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 01:44 - 2014-06-11 14:18 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 01:44 - 2014-06-11 14:18 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 01:43 - 2014-06-11 14:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 01:42 - 2014-06-11 14:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 01:38 - 2014-06-11 14:18 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 01:35 - 2014-06-11 14:18 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 01:34 - 2014-06-11 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 01:33 - 2014-06-11 14:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 01:30 - 2014-06-11 14:18 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 01:29 - 2014-06-11 14:18 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 01:28 - 2014-06-11 14:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 01:27 - 2014-06-11 14:18 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 01:24 - 2014-06-11 14:18 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 01:23 - 2014-06-11 14:18 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 01:16 - 2014-06-11 14:18 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 01:10 - 2014-06-11 14:18 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 01:06 - 2014-06-11 14:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 01:04 - 2014-06-11 14:18 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 01:02 - 2014-06-11 14:18 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 00:56 - 2014-06-11 14:18 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 00:56 - 2014-06-11 14:18 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 00:54 - 2014-06-11 14:18 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 00:50 - 2014-06-11 14:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 00:49 - 2014-06-11 14:18 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 00:43 - 2014-06-11 14:18 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 00:40 - 2014-06-11 14:18 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 00:30 - 2014-06-11 14:18 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 00:21 - 2014-06-11 14:18 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 00:15 - 2014-06-11 14:18 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 00:13 - 2014-06-11 14:18 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 00:13 - 2014-06-11 14:18 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 21:52 - 2014-05-29 21:51 - 01747008 _____ () C:\Users\jason\Downloads\9780316097529_epub.v6.epub
2014-05-29 21:20 - 2014-05-29 21:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-05-29 15:58 - 2014-05-29 15:58 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Curse
2014-05-29 15:57 - 2014-05-29 15:55 - 41232416 _____ (Curse) C:\Users\jason\Downloads\CurseClientSetup.exe
2014-05-25 20:18 - 2014-05-25 20:01 - 00000000 ____D () C:\Users\jason\Documents\MK-LOL
2014-05-25 20:01 - 2014-05-25 20:01 - 00000054 _____ () C:\Windows\JQHApp.dat
2014-05-25 20:00 - 2014-05-25 20:00 - 00058016 _____ () C:\Users\jason\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-25 20:00 - 2014-05-25 20:00 - 00001015 _____ () C:\Users\jason\Desktop\MK LOL.lnk
2014-05-25 20:00 - 2014-05-25 20:00 - 00000000 ____D () C:\Users\jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-05-25 19:59 - 2014-05-25 19:59 - 00000000 ____D () C:\Program Files (x86)\MKJogo
2014-05-25 19:58 - 2014-05-25 19:57 - 07090888 _____ () C:\Users\jason\Downloads\MK_LOL_1.0.0.41.exe

Some content of TEMP:
====================
C:\Users\jason\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-20 03:16

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2014
Ran by jason at 2014-06-20 14:16:20
Running from C:\Users\jason\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\{C4B32291-F7B2-4BEC-BA4D-4195676A08CC}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.0.0.2 - AVG Technologies)
BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version:   - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0AA225EF-46AA-4E8A-8062-C19939D79434} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000UA => C:\Users\jason\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {2A410FBD-2965-4473-98C8-1EC3CEE1027E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-06] (Google Inc.)
Task: {70199F0E-6AB4-44EC-BEB4-5F1BA86925A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-06] (Google Inc.)
Task: {8B064306-6209-4014-8506-E45CF9B68E29} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11] (Adobe Systems Incorporated)
Task: {9A582103-982E-4998-A921-883610B6DAD7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000Core => C:\Users\jason\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000Core.job => C:\Users\jason\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3215466134-3141584443-1876715113-1000UA.job => C:\Users\jason\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-06 13:06 - 2013-10-23 01:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/20/2014 02:13:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/20/2014 02:11:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater3.0.0 service failed to start due to the following error:
%%2

Error: (06/20/2014 02:11:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util Yula service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (06/20/2014 02:13:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 4022.87 MB
Available physical RAM: 2358.42 MB
Total Pagefile: 8043.91 MB
Available Pagefile: 6337.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68 GB) (Free:3.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 55C3A80D)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================



#7 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:55 AM

Posted 20 June 2014 - 06:45 PM

Hi wachumba
 

i got a lot of help there. that's what i've done if it matters.

With all due respect, all they did was to suggest running programs without actually looking to see what the problem may have been.
 

is it better to run those programs in safe mode?

Always try and run any programs in normal mode unless otherwise stated.
 

reformatted 4 y/o laptop before going away for 6 weeks

Did this laptop originally come with Win7 installed?

Drive c: () (Fixed) (Total:68 GB) (Free:3.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]

That hard drive is very small for Win7.
I only install the bare essentials on my Win7 system (no games etc)
of a 245Gb partition i have 179Gb left..... so my Win7 system is using 66GB of my hard drive space.
When you reinstalled the OS, did you run a complete reformat of the hard drive.
If not.... The reinstall might have made a copy of all the old files etc on your hard drive.
Go to Start >> Computer >> C Drive >> is there a folder named Windows.old there?
If so, this will be a copy of the old system.
This can be quite a huge folder on some systems.


Step 1
Please uninstall the following programs:
AVG 2014
AVG Web TuneUp
Pando Media Booster
HitmanPro 3.7


If AVG won't uninstall for any reason, download and run the AVG removal tool.

You can download the 64bit AVG removal tool from:
Here

download to your desktop.
then double click to start the uninstaller.


Step 2
Please download the attached fixlist.txt file (bottom of this post) and save it to C:\Users\jason\Downloads.
NOTE.
It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

frstfix_zps7db0c905.png

The tool will make a log in the Download folder (Fixlog.txt). Please post this in your next reply.


Step 3
This error message is quite common in the error logs:

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

This link will explain what the problem is and how to rectify it:
http://pcsupport.about.com/od/findbyerrormessage/a/code-28-error.htm?rd=1


In your next reply, please submit:
Fixlog.txt
let me know how the uninstalls went .... any problems?
also let me know about the Windows.old folder


Thanks.

Attached Files


BBPP6nz.png


#8 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 21 June 2014 - 03:25 AM

windows 7 didnt come with this pc. i couldnt find the old cds so i installed windows7 and the drivers that came with the computer i recently bought. which would explain why drivers are missing. the fingerprint driver isnt installed along with some other unimportant stuff but it cant hurt to install everything.

 

 

windows.old file takes up almost 20 gigs! can i just delete it? i didnt touch it yet btw. downloading avg removal tool couldn't find avg 2014 from the list of progs to uninstall and the web tune up just ignored me when i clicked to uninstall so downloading the removal tool. will move on to steps 2 and 3

 

 

i thought the fixlog what what i downloaded at the bottom of your post? anyway here it is

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-06-2014
Ran by jason at 2014-06-21 01:45:22 Run:1
Running from C:\Users\jason\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM-x32 - DefaultScope value is missing.
S2 Util Yula; "C:\Program Files (x86)\Yula\bin\utilYulasee.exe" [X]
S2 vToolbarUpdater3.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.0.0\ToolbarUpdater.exe [X]
2014-05-31 18:50 - 2014-06-05 13:30 - 00000000 ____D () C:\Program Files (x86)\Yula
C:\Program Files (x86)\Common Files\AVG Secure Search
C:\Users\jason\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
Hosts:
Reboot:

*****************

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
Util Yula => Service deleted successfully.
vToolbarUpdater3.0.0 => Service deleted successfully.
C:\Program Files (x86)\Yula => Moved successfully.
"C:\Program Files (x86)\Common Files\AVG Secure Search" => File/Directory not found.
C:\Users\jason\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====


Edited by wachumba, 21 June 2014 - 03:48 AM.


#9 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 21 June 2014 - 03:52 AM

a little lost on step 3 i started clicking on links and they took me to more links. i usually install secunia psi to keep things updated could i just install that?



#10 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:55 AM

Posted 21 June 2014 - 04:28 AM

Hi wachumba

windows 7 didnt come with this pc. i couldnt find the old cds so i installed windows7 and the drivers that came with the computer i recently bought. which would explain why drivers are missing.

That does explain a lot.
I had a feeling there would be a Windows.old folder.

windows.old file takes up almost 20 gigs! can i just delete it?

As long as there are no files/documents in there that you may need, then yes it can be deleted.
You may have to boot into Safe Mode to remove everything.
At least that will give you back some hard drive space.

a little lost on step 3 i started clicking on links and they took me to more links.

The main link in step 3 was to show you the reasons for that error message.
Yes there are a lot of links within the page.... but you don't need to click them all.

i usually install secunia psi to keep things updated could i just install that?

With so little hard drive space, i'd try and keep any unnecessary programs to a minimum.
A portion of your problem may be that the drivers installed with Win7 may not be compatible with the motherboard.

See if things improve after removing the Windows.old folder ( there is nothing in there that will effect your installed operating system )

BBPP6nz.png


#11 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 21 June 2014 - 04:34 AM

deleting now. got a couple of messages saying these are windows files windows may not work if deleted so i skipped. just wanna double check here u did say that noting will effect installed operating system so i guess its safe to delete?



#12 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 21 June 2014 - 04:42 AM

and its gone! thank you very much 18 gigs now free. which doesnt seem like much but as long as pc runs smooth and i can play my moba im happy.



#13 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:55 AM

Posted 21 June 2014 - 05:12 AM

got a couple of messages saying these are windows files windows may not work if deleted so i skipped. just wanna double check here u did say that noting will effect installed operating system so i guess its safe to delete?

An install of Win7 creates that folder to back up your old settings, files, documents etc.
As you are now using a fresh OS..... a backup is all that those files are.

What was the original Operating System?
Was it 64bit? .... if not, installing the Win7 64bit may cause problems.
Also are you sure that the motherboard can handle that amount of Ram.

Total physical RAM: 4022.87 MB

Did you install this Ram or was it already fitted?

BBPP6nz.png


#14 wachumba

wachumba
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:02:55 AM

Posted 21 June 2014 - 03:37 PM

I'm not sure if win7 was orig installed. I did not install the anything on this laptop myself.
any hardware*

#15 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:11:55 AM

Posted 22 June 2014 - 03:15 AM

Let's see what motherboard you have installed:

Download Speccy and save it to your desktop.
  • Double click the downloaded icon to run the installer
  • Vista and Win7 users right click and select 'run as Administrator'.
  • Follow the onscreen prompts...but do NOT allow it to add Google Chrome as your default browser.
  • Make sure that 'Run Speccy' is ticked at the end and click Finish.
Your system will now be analyzed and the information will appear in the Speccy window once complete.

To view all the Motherboard details, click on the Motherboard heading on the left hand side.
Please copy/paste that info in your next reply.

Thanks

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users