Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer running slow and popups [Closed]


  • This topic is locked This topic is locked

#61
tdjones813

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

FRST fix log

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-06-2014 01
Ran by Tracy at 2014-06-02 07:44:40 Run:1
Running from C:\Users\Tracy\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [fastclean] => "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe"
Startup: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
SearchScopes: HKLM - DefaultScope value is missing.
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177648 2014-03-28] (Coupons.com Inc.)
S2 Maps4PC_0cService; C:\PROGRA~2\MAPS4P~2\bar\1.bin\0cbarsvc.exe [X]
2014-05-11 03:00 - 2014-05-11 08:34 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Systweak
2014-05-11 02:59 - 2014-05-11 08:35 - 00000000 __HDC () C:\ProgramData\~0
2014-05-11 02:59 - 2014-05-11 08:27 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\1H1Q
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\ProgramData\systemk
2014-05-11 02:59 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-05-09 09:14 - 2014-05-09 09:14 - 02026616 _____ (Coupons.com Incorporated) C:\Users\Tracy\Downloads\CouponPrinter (23).exe
2014-05-09 09:14 - 2014-05-09 09:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-05-09 09:14 - 2014-05-09 09:14 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-05-09 09:13 - 2014-05-09 09:13 - 02026616 _____ (Coupons.com Incorporated) C:\Users\Tracy\Downloads\CouponPrinter (22).exe
C:\Users\Tracy\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tracy\AppData\Local\Temp\installer.exe
Task: {371AE621-05DD-4E95-A477-70F626519660} - \DSite No Task File <==== ATTENTION
Task: {401ADB7D-6937-4751-A6AE-1911156F6EBA} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe <==== ATTENTION
Task: {CF303765-EE69-469F-B53D-ECAE98E9AD74} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
 
*****************
 
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fastclean => Value deleted successfully.
C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk not found.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
BackupStack => Service not found.
CouponPrinterService => Service stopped successfully.
CouponPrinterService => Service deleted successfully.
Maps4PC_0cService => Service deleted successfully.
C:\Users\Tracy\AppData\Roaming\Systweak => Moved successfully.
"C:\ProgramData\~0" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
C:\Users\Tracy\AppData\Roaming\1H1Q => Moved successfully.
C:\ProgramData\systemk => Moved successfully.
C:\Windows\system32\roboot64.exe => Moved successfully.
C:\Users\Tracy\Downloads\CouponPrinter (23).exe => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons => Moved successfully.
C:\Program Files (x86)\Coupons => Moved successfully.
C:\Users\Tracy\Downloads\CouponPrinter (22).exe => Moved successfully.
"C:\Users\Tracy\AppData\Local\Temp\BackupSetup.exe" => File/Directory not found.
"C:\Users\Tracy\AppData\Local\Temp\installer.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{371AE621-05DD-4E95-A477-70F626519660} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{371AE621-05DD-4E95-A477-70F626519660} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{401ADB7D-6937-4751-A6AE-1911156F6EBA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{401ADB7D-6937-4751-A6AE-1911156F6EBA} => Key deleted successfully.
C:\Windows\System32\Tasks\RunAsStdUser Task => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RunAsStdUser Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF303765-EE69-469F-B53D-ECAE98E9AD74} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF303765-EE69-469F-B53D-ECAE98E9AD74} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key deleted successfully.
 
==== End of Fixlog ====

  • 0

Advertisements


#62
tdjones813

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

 adw cleaner log

 

 

# AdwCleaner v3.211 - Report created 02/06/2014 at 09:46:51
# Updated 26/05/2014 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Tracy - HOME-PC
# Running from : C:\Users\Tracy\Downloads\adwcleaner_3.211.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16545
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.114
 
[ File : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [12185 octets] - [04/05/2014 19:16:16]
AdwCleaner[R1].txt - [5831 octets] - [02/06/2014 07:47:27]
AdwCleaner[R2].txt - [1154 octets] - [02/06/2014 09:45:45]
AdwCleaner[S0].txt - [11328 octets] - [04/05/2014 19:20:06]
AdwCleaner[S1].txt - [5709 octets] - [02/06/2014 07:49:33]
AdwCleaner[S2].txt - [1076 octets] - [02/06/2014 09:46:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1136 octets] ##########

  • 0

#63
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Step 4, 5 & 6 are still missing. I'm waiting for the other logs, well done so far! :)
  • 0

#64
tdjones813

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

JRT report

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by Tracy on Mon 06/02/2014 at  9:54:10.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 06/02/2014 at 10:02:55.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#65
tdjones813

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Tracy (administrator) on HOME-PC on 02-06-2014 18:04:29
Running from C:\Users\Tracy\Downloads\FRST-OlderVersion
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\CSHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\ccsvchst.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\ccsvchst.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google Inc.) C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1612880 2010-01-27] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [225792 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-08-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [cdloader] => C:\Users\Tracy\AppData\Roaming\mjusbsp\cdloader2.exe [50520 2010-02-26] (magicJack L.P.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [Google Update] => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-30] (Google Inc.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-05-23] (Samsung)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-05-23] (Samsung)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [MusicManager] => C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
Startup: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKCU - {083368C3-5B72-4F1A-BE01-5F70570FD6E9} URL = http://www.bing.com/...ms}&form=OSDSRC
SearchScopes: HKCU - {1F9F832A-605A-41F5-86AE-6BB407025F1A} URL = http://www.bing.com/...ms}&form=OSDSRC
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-s...p={searchTerms}
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default
FF SearchEngineOrder.3: Bing 
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tracy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-26]
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-17]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-23]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultNewTabURL: 
CHR Extension: (Google Drive) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (RealDownloader) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-17]
CHR Extension: (Google Wallet) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-15]
CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2014-05-15]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
 
==================== Services (Whitelisted) =================
 
R2 CSHelper; C:\Windows\SysWOW64\CSHelper.exe [266240 2009-07-25] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-01-17] (Puran Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
S1 Beep; No ImagePath
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1405000.01C\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-04-19] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140530.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-18] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140602.008\ENG64.SYS [126040 2014-05-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140602.008\EX64.SYS [2099288 2014-05-21] (Symantec Corporation)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1405000.01C\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1405000.01C\Ironx64.SYS [224416 2012-07-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1405000.01C\SYMTDIV.SYS [457304 2013-04-24] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-02 10:02 - 2014-06-02 10:02 - 00000642 _____ () C:\Users\Tracy\Desktop\JRT.txt
2014-06-02 09:45 - 2014-06-02 09:45 - 01327971 _____ () C:\Users\Tracy\Downloads\adwcleaner_3.211.exe
2014-06-02 07:46 - 2014-06-02 07:46 - 01327971 _____ () C:\Users\Tracy\Downloads\AdwCleaner (4).exe
2014-06-02 07:43 - 2014-06-02 18:04 - 00000000 ____D () C:\Users\Tracy\Downloads\FRST-OlderVersion
2014-05-31 17:33 - 2014-05-31 17:33 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Valassis
2014-05-31 17:33 - 2014-05-31 17:33 - 00000000 ____D () C:\Program Files (x86)\Valassis
2014-05-31 17:31 - 2014-05-31 17:31 - 02119632 _____ (Valassis) C:\Users\Tracy\Downloads\[email protected]_prodcand-KLkpU5Wt.exe
2014-05-31 12:00 - 2014-05-31 12:00 - 00981688 _____ (Microsoft Corporation) C:\Users\Tracy\Downloads\Setup.X86.en-US_O365HomePremRetail_d69e75df-1424-4a07-8ea3-ec6865f40316_TX_PR_.exe
2014-05-30 13:41 - 2014-05-30 13:41 - 00002230 _____ () C:\Users\Tracy\Downloads\fixlist (3).txt
2014-05-30 11:45 - 2014-05-30 11:45 - 00002230 _____ () C:\Users\Tracy\Downloads\fixlist (2).txt
2014-05-30 11:44 - 2014-05-30 11:44 - 00002230 _____ () C:\Users\Tracy\Downloads\fixlist (1).txt
2014-05-30 09:39 - 2014-05-30 09:40 - 13654233 _____ () C:\Users\Tracy\Downloads\MNO_KerryClarensau.mp4
2014-05-28 19:56 - 2014-03-18 21:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2014-05-28 19:56 - 2014-03-18 21:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2014-05-28 19:53 - 2014-05-28 19:53 - 00000843 _____ () C:\Users\Tracy\Downloads\Unconfirmed 566073.crdownload
2014-05-24 10:21 - 2014-05-24 10:21 - 03834608 _____ (Catalina Marketing Corp) C:\Users\Tracy\Downloads\CatalinaSavingsPrinter (4).exe
2014-05-22 11:52 - 2014-05-22 11:52 - 03834608 _____ (Catalina Marketing Corp) C:\Users\Tracy\Downloads\CatalinaSavingsPrinter (3).exe
2014-05-22 11:52 - 2014-05-22 11:52 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina – Print Savings
2014-05-22 11:49 - 2014-05-22 11:49 - 03834608 _____ (Catalina Marketing Corp) C:\Users\Tracy\Downloads\CatalinaSavingsPrinter (2).exe
2014-05-18 11:30 - 2014-05-18 11:30 - 00011457 _____ () C:\Users\Tracy\Downloads\bow-outline.svg
2014-05-18 05:06 - 2014-06-02 09:42 - 00001987 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-18 04:58 - 2014-05-18 04:58 - 00918672 _____ (Google Inc.) C:\Users\Tracy\Downloads\ChromeSetup (2).exe
2014-05-18 04:55 - 2014-05-18 04:55 - 00918672 _____ (Google Inc.) C:\Users\Tracy\Downloads\ChromeSetup (1).exe
2014-05-16 13:49 - 2014-05-16 13:49 - 00000843 _____ () C:\Users\Tracy\Downloads\sd.jnlp
2014-05-16 13:47 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-16 13:47 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-16 13:47 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-16 13:47 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-16 13:46 - 2014-05-16 13:47 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-16 13:45 - 2014-05-16 13:45 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (4).exe
2014-05-16 13:43 - 2014-05-16 13:43 - 00000843 _____ () C:\Users\Tracy\Downloads\sd (1).jnlp
2014-05-16 13:42 - 2014-05-16 13:42 - 00000843 _____ () C:\Users\Tracy\Downloads\Unconfirmed 566128.crdownload
2014-05-16 13:35 - 2014-05-16 13:35 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-05-16 08:27 - 2014-05-16 08:27 - 00000000 ____D () C:\Users\Tracy\Desktop\Dave's Resume
2014-05-16 03:02 - 2014-05-05 20:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 03:02 - 2014-05-05 19:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 03:02 - 2014-05-05 19:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 03:02 - 2014-05-05 19:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 03:01 - 2014-05-05 20:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 03:01 - 2014-05-05 20:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 00:28 - 2014-06-02 09:52 - 00003204 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2014-05-15 23:09 - 2014-05-15 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-05-15 08:35 - 2014-03-25 12:30 - 12900864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 08:35 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-13 22:20 - 2014-05-13 22:20 - 00050901 _____ () C:\Users\Tracy\Downloads\Addition.txt
2014-05-13 22:17 - 2014-05-13 22:20 - 00053505 _____ () C:\Users\Tracy\Downloads\FRST.txt
2014-05-13 20:27 - 2014-06-02 18:05 - 00000000 ____D () C:\FRST
2014-05-13 20:26 - 2014-06-02 07:43 - 02067456 _____ (Farbar) C:\Users\Tracy\Downloads\FRST64.exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55.exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (3).exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (2).exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (1).exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Oracle
2014-05-11 18:56 - 2014-05-16 13:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-11 18:53 - 2014-05-11 18:53 - 00921000 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u51 (1).exe
2014-05-11 03:06 - 2014-05-11 03:06 - 00000000 ____D () C:\Users\Tracy\AppData\Local\DeSmuME
2014-05-11 03:05 - 2014-05-11 03:05 - 00000000 ____D () C:\Users\Tracy\Downloads\desmume-0.9.10-win32
2014-05-11 03:01 - 2014-05-11 03:01 - 00000000 ____D () C:\Users\Tracy\AppData\Local\IsolatedStorage
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\StormFall
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Program Files (x86)\Tweaks
2014-05-11 02:58 - 2014-05-11 02:58 - 00796376 _____ () C:\Users\Tracy\Downloads\FileOpenerSetup (1).exe
2014-05-07 15:29 - 2014-05-07 15:29 - 00276928 _____ () C:\Windows\Minidump\Mini050714-01.dmp
2014-05-07 11:38 - 2014-05-07 11:37 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-07 11:37 - 2014-05-07 11:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-07 11:37 - 2014-05-07 11:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-07 11:37 - 2014-05-07 11:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-07 11:37 - 2014-05-07 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 11:37 - 2014-05-07 11:37 - 00000000 ____D () C:\Program Files\Java
2014-05-07 11:35 - 2014-05-07 11:35 - 30818216 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\jre-7u55-windows-x64.exe
2014-05-07 11:32 - 2014-05-07 15:57 - 00000000 ____D () C:\Users\Tracy\Desktop\JavaRa-2.6
2014-05-07 11:31 - 2014-05-07 11:31 - 00159578 _____ () C:\Users\Tracy\Desktop\JavaRa-2.6.zip
2014-05-07 11:15 - 2014-06-02 09:52 - 00003338 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2014-05-05 21:05 - 2014-05-05 21:05 - 00855379 _____ () C:\Users\Tracy\Desktop\SecurityCheck (4).exe
2014-05-05 15:36 - 2014-05-05 15:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-05 15:34 - 2014-05-05 15:35 - 02347384 _____ (ESET) C:\Users\Tracy\Downloads\esetsmartinstaller_enu.exe
2014-05-05 15:30 - 2014-05-05 15:30 - 00002342 _____ () C:\maam.txt
2014-05-05 13:26 - 2014-05-18 09:28 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-05 13:26 - 2014-05-05 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-05 13:26 - 2014-05-05 13:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-05 13:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-05 13:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-05 13:24 - 2014-05-05 13:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tracy\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-04 19:46 - 2014-05-04 19:46 - 01016261 _____ (Thisisu) C:\Users\Tracy\Downloads\JRT.exe
2014-05-04 19:31 - 2014-05-04 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 19:29 - 2014-05-04 19:29 - 01016261 _____ (Thisisu) C:\Users\Tracy\Downloads\JRT (1).exe
2014-05-04 19:29 - 2014-05-04 19:29 - 01016261 _____ (Thisisu) C:\Users\Tracy\Desktop\JRT.exe
2014-05-04 19:16 - 2014-06-02 09:46 - 00000000 ____D () C:\AdwCleaner
2014-05-04 19:16 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-04 19:14 - 2014-05-04 19:14 - 01313617 _____ () C:\Users\Tracy\Desktop\AdwCleaner (4).exe
2014-05-04 19:03 - 2014-05-04 19:03 - 00000000 ____D () C:\_OTL
2014-05-03 11:08 - 2014-05-03 11:08 - 00102338 _____ () C:\Users\Tracy\Downloads\Extras.Txt
2014-05-03 11:06 - 2014-05-03 11:06 - 00223900 _____ () C:\Users\Tracy\Downloads\OTL.Txt
2014-05-03 10:15 - 2014-05-03 10:15 - 00602112 _____ (OldTimer Tools) C:\Users\Tracy\Desktop\OTL.exe
2014-05-03 03:20 - 2014-05-03 03:20 - 00000000 __SHD () C:\found.000
 
==================== One Month Modified Files and Folders =======
 
2014-06-02 18:05 - 2014-05-13 20:27 - 00000000 ____D () C:\FRST
2014-06-02 18:05 - 2009-05-26 11:57 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Temp
2014-06-02 18:04 - 2014-06-02 07:43 - 00000000 ____D () C:\Users\Tracy\Downloads\FRST-OlderVersion
2014-06-02 17:54 - 2011-07-28 18:32 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000UA.job
2014-06-02 17:53 - 2010-12-04 04:47 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-02 17:46 - 2013-06-23 16:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-02 17:36 - 2011-09-13 09:16 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-06-02 16:43 - 2009-04-22 16:12 - 01805699 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 10:03 - 2009-04-06 20:20 - 00003578 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-06-02 10:02 - 2014-06-02 10:02 - 00000642 _____ () C:\Users\Tracy\Desktop\JRT.txt
2014-06-02 09:54 - 2011-07-28 18:32 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000Core.job
2014-06-02 09:53 - 2010-12-04 04:47 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-02 09:52 - 2014-05-16 00:28 - 00003204 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2014-06-02 09:52 - 2014-05-07 11:15 - 00003338 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2014-06-02 09:48 - 2013-05-17 19:15 - 00104686 _____ () C:\Windows\PFRO.log
2014-06-02 09:48 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 09:48 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 09:48 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 09:47 - 2006-11-02 11:42 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-02 09:46 - 2014-05-04 19:16 - 00000000 ____D () C:\AdwCleaner
2014-06-02 09:45 - 2014-06-02 09:45 - 01327971 _____ () C:\Users\Tracy\Downloads\adwcleaner_3.211.exe
2014-06-02 09:42 - 2014-05-18 05:06 - 00001987 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-02 07:49 - 2011-05-01 19:31 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\SoftGrid Client
2014-06-02 07:46 - 2014-06-02 07:46 - 01327971 _____ () C:\Users\Tracy\Downloads\AdwCleaner (4).exe
2014-06-02 07:43 - 2014-05-13 20:26 - 02067456 _____ (Farbar) C:\Users\Tracy\Downloads\FRST64.exe
2014-06-02 03:00 - 2010-01-28 02:18 - 00781970 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-05-31 17:33 - 2014-05-31 17:33 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Valassis
2014-05-31 17:33 - 2014-05-31 17:33 - 00000000 ____D () C:\Program Files (x86)\Valassis
2014-05-31 17:31 - 2014-05-31 17:31 - 02119632 _____ (Valassis) C:\Users\Tracy\Downloads\[email protected]_prodcand-KLkpU5Wt.exe
2014-05-31 12:00 - 2014-05-31 12:00 - 00981688 _____ (Microsoft Corporation) C:\Users\Tracy\Downloads\Setup.X86.en-US_O365HomePremRetail_d69e75df-1424-4a07-8ea3-ec6865f40316_TX_PR_.exe
2014-05-31 12:00 - 2013-08-13 19:37 - 00000000 ____D () C:\Users\Tracy\AppData\Local\CrashDumps
2014-05-30 23:24 - 2013-05-20 08:04 - 00021826 _____ () C:\Windows\setupact.log
2014-05-30 13:41 - 2014-05-30 13:41 - 00002230 _____ () C:\Users\Tracy\Downloads\fixlist (3).txt
2014-05-30 11:45 - 2014-05-30 11:45 - 00002230 _____ () C:\Users\Tracy\Downloads\fixlist (2).txt
2014-05-30 11:44 - 2014-05-30 11:44 - 00002230 _____ () C:\Users\Tracy\Downloads\fixlist (1).txt
2014-05-30 09:40 - 2014-05-30 09:39 - 13654233 _____ () C:\Users\Tracy\Downloads\MNO_KerryClarensau.mp4
2014-05-30 07:58 - 2009-04-06 20:14 - 00000000 ____D () C:\ProgramData\Norton
2014-05-29 10:41 - 2009-05-28 13:01 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-28 20:04 - 2013-08-12 13:26 - 00001799 _____ () C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2014-05-28 20:04 - 2009-05-26 11:57 - 00000000 ____D () C:\Users\Tracy
2014-05-28 19:53 - 2014-05-28 19:53 - 00000843 _____ () C:\Users\Tracy\Downloads\Unconfirmed 566073.crdownload
2014-05-28 18:41 - 2009-05-29 13:25 - 00008264 _____ () C:\Users\Tracy\AppData\Roaming\wklnhst.dat
2014-05-27 22:51 - 2010-12-22 19:53 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\HpUpdate
2014-05-25 17:54 - 2009-05-26 12:09 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTracy
2014-05-25 17:54 - 2009-05-26 12:09 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForTracy.job
2014-05-24 18:22 - 2006-11-02 08:46 - 00764576 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-24 10:21 - 2014-05-24 10:21 - 03834608 _____ (Catalina Marketing Corp) C:\Users\Tracy\Downloads\CatalinaSavingsPrinter (4).exe
2014-05-22 11:52 - 2014-05-22 11:52 - 03834608 _____ (Catalina Marketing Corp) C:\Users\Tracy\Downloads\CatalinaSavingsPrinter (3).exe
2014-05-22 11:52 - 2014-05-22 11:52 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina – Print Savings
2014-05-22 11:49 - 2014-05-22 11:49 - 03834608 _____ (Catalina Marketing Corp) C:\Users\Tracy\Downloads\CatalinaSavingsPrinter (2).exe
2014-05-21 19:55 - 2009-09-15 00:54 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Mozilla
2014-05-19 08:07 - 2013-07-18 15:05 - 00010752 _____ () C:\Users\Tracy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-18 11:30 - 2014-05-18 11:30 - 00011457 _____ () C:\Users\Tracy\Downloads\bow-outline.svg
2014-05-18 09:28 - 2014-05-05 13:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-18 04:58 - 2014-05-18 04:58 - 00918672 _____ (Google Inc.) C:\Users\Tracy\Downloads\ChromeSetup (2).exe
2014-05-18 04:55 - 2014-05-18 04:55 - 00918672 _____ (Google Inc.) C:\Users\Tracy\Downloads\ChromeSetup (1).exe
2014-05-16 13:49 - 2014-05-16 13:49 - 00000843 _____ () C:\Users\Tracy\Downloads\sd.jnlp
2014-05-16 13:47 - 2014-05-16 13:46 - 00004129 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-16 13:47 - 2014-05-11 18:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 13:47 - 2013-05-13 07:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-16 13:45 - 2014-05-16 13:45 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (4).exe
2014-05-16 13:43 - 2014-05-16 13:43 - 00000843 _____ () C:\Users\Tracy\Downloads\sd (1).jnlp
2014-05-16 13:42 - 2014-05-16 13:42 - 00000843 _____ () C:\Users\Tracy\Downloads\Unconfirmed 566128.crdownload
2014-05-16 13:35 - 2014-05-16 13:35 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-05-16 08:27 - 2014-05-16 08:27 - 00000000 ____D () C:\Users\Tracy\Desktop\Dave's Resume
2014-05-16 03:12 - 2009-07-14 03:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 03:10 - 2013-07-14 14:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 03:10 - 2006-11-02 08:35 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-15 23:09 - 2014-05-15 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-05-15 23:03 - 2013-02-19 21:14 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-15 23:03 - 2012-02-14 20:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-05-15 23:03 - 2012-02-14 20:41 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-05-15 23:00 - 2009-05-26 12:10 - 00000000 ___RD () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 08:05 - 2009-05-31 19:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-14 23:13 - 2009-07-30 10:30 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\BitTorrent
2014-05-14 09:21 - 2009-05-26 13:17 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-05-14 08:46 - 2013-06-23 16:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 08:46 - 2013-06-23 16:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 08:46 - 2013-06-23 16:51 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 22:20 - 2014-05-13 22:20 - 00050901 _____ () C:\Users\Tracy\Downloads\Addition.txt
2014-05-13 22:20 - 2014-05-13 22:17 - 00053505 _____ () C:\Users\Tracy\Downloads\FRST.txt
2014-05-13 20:26 - 2013-10-15 08:42 - 00000680 _____ () C:\Users\Tracy\AppData\Local\d3d9caps.dat
2014-05-12 17:11 - 2013-10-10 03:57 - 00002096 _____ () C:\Windows\LkmdfCoInst.log
2014-05-12 17:11 - 2010-06-07 14:33 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55.exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (3).exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (2).exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00921512 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u55 (1).exe
2014-05-11 18:57 - 2014-05-11 18:57 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Oracle
2014-05-11 18:53 - 2014-05-11 18:53 - 00921000 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u51 (1).exe
2014-05-11 08:38 - 2013-02-19 23:07 - 00000000 ____D () C:\Users\Tracy\Desktop\Blog
2014-05-11 03:06 - 2014-05-11 03:06 - 00000000 ____D () C:\Users\Tracy\AppData\Local\DeSmuME
2014-05-11 03:05 - 2014-05-11 03:05 - 00000000 ____D () C:\Users\Tracy\Downloads\desmume-0.9.10-win32
2014-05-11 03:01 - 2014-05-11 03:01 - 00000000 ____D () C:\Users\Tracy\AppData\Local\IsolatedStorage
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\StormFall
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
2014-05-11 02:59 - 2014-05-11 02:59 - 00000000 ____D () C:\Program Files (x86)\Tweaks
2014-05-11 02:58 - 2014-05-11 02:58 - 00796376 _____ () C:\Users\Tracy\Downloads\FileOpenerSetup (1).exe
2014-05-11 00:20 - 2013-11-20 20:23 - 00271360 _____ () C:\Users\Tracy\Documents\Outlook.pst
2014-05-08 09:49 - 2011-07-28 18:32 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000UA
2014-05-08 09:49 - 2011-07-28 18:32 - 00003396 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000Core
2014-05-08 09:48 - 2010-12-04 04:47 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 09:48 - 2010-12-04 04:47 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-07 15:57 - 2014-05-07 11:32 - 00000000 ____D () C:\Users\Tracy\Desktop\JavaRa-2.6
2014-05-07 15:29 - 2014-05-07 15:29 - 00276928 _____ () C:\Windows\Minidump\Mini050714-01.dmp
2014-05-07 15:29 - 2014-04-13 18:29 - 821355198 _____ () C:\Windows\MEMORY.DMP
2014-05-07 15:29 - 2010-02-05 07:01 - 00000000 ____D () C:\Windows\Minidump
2014-05-07 11:37 - 2014-05-07 11:38 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-07 11:37 - 2014-05-07 11:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-07 11:37 - 2014-05-07 11:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-07 11:37 - 2014-05-07 11:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-07 11:37 - 2014-05-07 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 11:37 - 2014-05-07 11:37 - 00000000 ____D () C:\Program Files\Java
2014-05-07 11:35 - 2014-05-07 11:35 - 30818216 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\jre-7u55-windows-x64.exe
2014-05-07 11:31 - 2014-05-07 11:31 - 00159578 _____ () C:\Users\Tracy\Desktop\JavaRa-2.6.zip
2014-05-07 11:30 - 2010-07-08 17:49 - 00000000 ____D () C:\BigFishGamesCache
2014-05-06 12:57 - 2006-11-02 11:07 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-06 11:41 - 2010-06-23 17:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-05 21:05 - 2014-05-05 21:05 - 00855379 _____ () C:\Users\Tracy\Desktop\SecurityCheck (4).exe
2014-05-05 20:46 - 2014-05-16 03:01 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-05 20:21 - 2014-05-16 03:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 20:21 - 2014-05-16 03:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 19:32 - 2014-05-16 03:02 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 19:14 - 2014-05-16 03:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 19:14 - 2014-05-16 03:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 15:36 - 2014-05-05 15:36 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-05 15:35 - 2014-05-05 15:34 - 02347384 _____ (ESET) C:\Users\Tracy\Downloads\esetsmartinstaller_enu.exe
2014-05-05 15:30 - 2014-05-05 15:30 - 00002342 _____ () C:\maam.txt
2014-05-05 13:26 - 2014-05-05 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-05 13:26 - 2014-05-05 13:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-05 13:26 - 2013-03-18 14:07 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-05 13:26 - 2010-06-23 17:53 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Malwarebytes
2014-05-05 13:26 - 2010-06-23 17:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-05 13:24 - 2014-05-05 13:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tracy\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-04 19:46 - 2014-05-04 19:46 - 01016261 _____ (Thisisu) C:\Users\Tracy\Downloads\JRT.exe
2014-05-04 19:31 - 2014-05-04 19:31 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 19:29 - 2014-05-04 19:29 - 01016261 _____ (Thisisu) C:\Users\Tracy\Downloads\JRT (1).exe
2014-05-04 19:29 - 2014-05-04 19:29 - 01016261 _____ (Thisisu) C:\Users\Tracy\Desktop\JRT.exe
2014-05-04 19:14 - 2014-05-04 19:14 - 01313617 _____ () C:\Users\Tracy\Desktop\AdwCleaner (4).exe
2014-05-04 19:03 - 2014-05-04 19:03 - 00000000 ____D () C:\_OTL
2014-05-04 19:01 - 2009-04-06 19:50 - 00000000 ____D () C:\ProgramData\Temp
2014-05-03 11:08 - 2014-05-03 11:08 - 00102338 _____ () C:\Users\Tracy\Downloads\Extras.Txt
2014-05-03 11:06 - 2014-05-03 11:06 - 00223900 _____ () C:\Users\Tracy\Downloads\OTL.Txt
2014-05-03 10:15 - 2014-05-03 10:15 - 00602112 _____ (OldTimer Tools) C:\Users\Tracy\Desktop\OTL.exe
2014-05-03 03:20 - 2014-05-03 03:20 - 00000000 __SHD () C:\found.000
 
Some content of TEMP:
====================
C:\Users\Tracy\AppData\Local\Temp\Quarantine.exe
C:\Users\Tracy\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_6864.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-06-02 09:56
 
==================== End Of Log ============================

  • 0

#66
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Step 1: FRST Fix
  • Please download the attached fixlist.txt file and save it to the same location as FRST

    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please disable your AntiVirus before doing these steps!
  • If you have Win Vista / Win 7 / Win 8 please start IE as Administrator!
  • This will only work for Internet Explorer or FireFox
  • Please download ESET Online Scanner from here
  • How to do this?
    • Visit this website here
    • You will see a screen like this:


e922iil8.png

  • Click Run ESET Online Scanner

    4e3svhbd.png
  • A Window will open (see above) - please click on the link
  • A window will pop up - please download the file to your Desktop
  • When the download has finished please run the program (for Win Vista/ Win7 / Win 8 User please run it as Administrator)

    p35jbmyy.png
  • Tick the box next to YES, I accept the Terms of Use then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.

    p3b9meru.png
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Then click on Start
  • virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • After the scan is finished please click on Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

Attached Files


  • 0

#67
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Still with me? ...
  • 0

#68
tdjones813

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

yes


  • 0

#69
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
OK, tell me if you need any help. :)
  • 0

#70
tdjones813

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

Just wanted to let you know I'm still here.  Keyboard died and had to wait to get a new one.  Will do everything sometime today


  • 0

Advertisements


#71
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts

OK ;)


  • 0

#72
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,698 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP