Jump to content

Got a virus: roboot.exe


Recommended Posts

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully. :excl:

  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

I did it!
COPY FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:21-07-2014
Ran by laptop (administrator) on LAPTOP-PC on 22-07-2014 00:44:30
Running from C:\Users\laptop\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Users\laptop\AppData\Local\Skillbrains\lightshot\5.1.0.15\Lightshot.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\LolClient.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1894574535-4034318136-3275050477-1000\...\Run: [LightShot] => C:\Users\laptop\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] ()
HKU\S-1-5-21-1894574535-4034318136-3275050477-1000\...\Run: [Facebook Update] => C:\Users\laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-24] (Facebook Inc.)
HKU\S-1-5-21-1894574535-4034318136-3275050477-1000\...\MountPoints2: {d033bf06-cb51-11e3-8e1b-70f395266b6f} - E:\setup.exe
HKU\S-1-5-21-1894574535-4034318136-3275050477-1000\...\MountPoints2: {deee6b3f-ce38-11e3-aa8e-70f395266b6f} - E:\PMCsetup.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://cl.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x376435D532F0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-cl
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myhoome.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myhoome.com/
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = http://cl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - No CLSID Value - 
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.1.0\ViProtocol.dll (AVG Secure Search)
Tcpip\..\Interfaces\{4DE4CCBD-C509-46C6-A114-1A0B263BF800}: [NameServer]8.8.8.8,8.8.4.4
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.1.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\laptop\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
Chrome: 
=======
CHR Extension: (Google Wallet) - C:\Users\laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-03]
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)
R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1903952 2014-07-15] (LogMeIn Inc.)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-07-14] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-28] (IDT, Inc.)
R2 vToolbarUpdater3.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\ToolbarUpdater.exe [1814040 2014-07-15] (AVG Secure Search)
 
==================== Drivers (Whitelisted) ====================
 
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-07] ()
S3 apf005; C:\Windows\system32\apf005.sys [14160 2014-05-07] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [199960 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-07-15] (AVG Technologies)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-22] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 scramby; C:\Windows\System32\drivers\scramby.sys [25896 2007-02-13] (RapidSolution Software AG)
S3 scramby_out; C:\Windows\System32\drivers\scramby_out.sys [23840 2007-08-08] (RapidSolution Software AG)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2014-04-23] () [File not signed]
U3 a5mgo4f0; No ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-22 00:43 - 2014-07-22 00:44 - 00034774 _____ () C:\Users\laptop\Downloads\Addition.txt
2014-07-22 00:42 - 2014-07-22 00:44 - 00011806 _____ () C:\Users\laptop\Downloads\FRST.txt
2014-07-22 00:41 - 2014-07-22 00:44 - 00000000 ____D () C:\FRST
2014-07-22 00:40 - 2014-07-22 00:41 - 01080320 _____ (Farbar) C:\Users\laptop\Downloads\FRST.exe
2014-07-22 00:37 - 2014-07-22 00:41 - 62393168 _____ () C:\Users\laptop\Downloads\Hordatoj Beat Tape Vol. 1 (2013) 320Kbps CD.rar
2014-07-21 15:44 - 2014-07-21 15:44 - 00424296 _____ () C:\Users\laptop\Downloads\Logo.rar
2014-07-21 15:30 - 2014-07-21 18:32 - 00000000 ____D () C:\Users\laptop\Downloads\yay
2014-07-21 01:37 - 2014-07-21 01:41 - 74324668 _____ () C:\Users\laptop\Downloads\ENFERMOS DEL RAP - La pandemia 2014 (Final) ok.wav
2014-07-20 16:03 - 2014-07-20 16:03 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-07-20 16:03 - 2014-07-20 16:03 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-07-20 04:09 - 2014-07-20 04:09 - 00727576 _____ () C:\Users\laptop\Downloads\descarga.htm
2014-07-20 02:36 - 2014-07-20 02:36 - 00791895 _____ () C:\Users\laptop\Downloads\OptiFine_1.7.10_HD_A4.jar
2014-07-20 02:02 - 2014-07-20 02:02 - 00002091 _____ () C:\Users\laptop\Desktop\Minecraft.lnk
2014-07-20 02:02 - 2014-07-20 02:02 - 00000000 ____D () C:\Users\laptop\Downloads\14w02b
2014-07-20 02:01 - 2014-07-20 02:18 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\.minecraft
2014-07-20 02:01 - 2014-07-20 02:02 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-07-20 01:54 - 2014-07-20 02:00 - 115388459 _____ (TeamExtreme ) C:\Users\laptop\Downloads\Minecraft 1.7.2.exe
2014-07-20 01:15 - 2014-07-22 00:39 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 01:14 - 2014-07-20 01:14 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 01:14 - 2014-07-20 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 01:14 - 2014-07-20 01:14 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-20 01:14 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-20 01:14 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-19 16:11 - 2014-07-19 16:11 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-19 16:10 - 2014-07-19 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 16:10 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-19 16:10 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-19 16:10 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-19 16:10 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-19 15:10 - 2014-07-21 14:51 - 00000448 _____ () C:\Windows\setupact.log
2014-07-19 15:10 - 2014-07-19 15:10 - 00000376 _____ () C:\Windows\PFRO.log
2014-07-19 15:10 - 2014-07-19 15:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 21:49 - 2014-07-18 21:49 - 00000850 _____ () C:\Windows\system32\new  1.txt
2014-07-17 22:30 - 2014-07-17 22:30 - 00001021 _____ () C:\Users\laptop\Desktop\Starcraft.lnk
2014-07-16 23:20 - 2014-07-17 22:30 - 00000000 ____D () C:\Users\laptop\Desktop\starcraft
2014-07-16 21:10 - 2014-07-16 21:10 - 00408552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 21:09 - 2014-07-16 21:09 - 00000000 _____ () C:\asc_rdflag
2014-07-16 19:50 - 2014-07-16 19:50 - 00109280 _____ () C:\Users\laptop\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 15:00 - 2014-07-16 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-16 15:00 - 2014-07-16 15:00 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-07-16 04:18 - 2014-07-16 04:18 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 00:35 - 2014-07-15 18:43 - 00000000 ____D () C:\Users\laptop\AppData\Local\AVG Web TuneUp
2014-07-15 00:34 - 2014-07-15 14:45 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-07-15 00:34 - 2014-07-15 00:33 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-07-15 00:33 - 2014-07-15 00:34 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-07-15 00:33 - 2014-07-15 00:34 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-07-15 00:33 - 2014-07-15 00:33 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-15 00:33 - 2014-07-15 00:33 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-07-14 23:47 - 2014-07-14 23:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-14 05:24 - 2014-07-21 15:08 - 00000000 ____D () C:\Users\laptop\AppData\Local\LogMeIn Hamachi
2014-07-14 05:05 - 2014-07-14 05:05 - 00000216 _____ () C:\Users\laptop\Desktop\Unturned.url
2014-07-13 23:01 - 2014-07-13 23:01 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\AVG2014
2014-07-13 22:59 - 2014-07-20 16:03 - 00000951 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-13 22:59 - 2014-07-20 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-13 22:57 - 2014-07-13 23:00 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-13 22:57 - 2014-07-13 22:57 - 00000000 ___HD () C:\$AVG
2014-07-13 22:55 - 2014-07-13 22:55 - 00000000 ____D () C:\Program Files\AVG
2014-07-13 22:18 - 2014-06-05 10:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-13 22:18 - 2014-04-11 22:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-07-13 22:18 - 2014-04-11 22:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-07-13 22:18 - 2014-04-11 22:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-07-13 22:18 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-07-13 22:18 - 2014-04-11 22:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-07-13 22:18 - 2014-04-11 22:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-07-13 22:18 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-13 22:18 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-13 22:18 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-13 22:18 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-13 22:18 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-13 22:18 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-13 22:17 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-07-13 22:17 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-13 22:17 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-07-13 22:17 - 2014-03-04 05:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-07-13 22:17 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-07-13 22:15 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-07-13 22:15 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-07-13 22:15 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-07-13 22:15 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-07-13 22:14 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-13 22:14 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-13 22:14 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-13 22:14 - 2014-06-18 19:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-13 22:14 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-13 22:14 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-13 22:14 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-13 22:14 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-13 22:14 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-13 22:14 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-13 22:14 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-13 22:14 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-13 22:14 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-13 22:14 - 2014-06-18 19:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-13 22:14 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-13 22:14 - 2014-06-18 19:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-13 22:14 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-13 22:14 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-13 22:14 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-13 22:14 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-13 22:14 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-13 22:14 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-13 22:14 - 2014-06-18 18:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-13 22:14 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-13 22:14 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-13 22:14 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-13 22:14 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-13 22:14 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-13 22:14 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-13 22:14 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-13 22:13 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-13 22:13 - 2014-06-17 20:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-13 22:13 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-13 22:13 - 2014-05-30 02:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-13 22:13 - 2014-04-04 22:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-07-13 22:13 - 2014-04-04 22:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-07-13 22:12 - 2014-05-08 05:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-07-13 22:12 - 2014-05-08 05:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-07-13 22:12 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-07-13 22:12 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-07-13 07:45 - 2014-07-22 00:31 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-13 07:45 - 2014-07-14 00:02 - 00000000 ____D () C:\Users\laptop\AppData\Local\Avg2014
2014-07-13 07:45 - 2014-07-13 07:45 - 00000000 ____D () C:\Users\laptop\AppData\Local\MFAData
2014-07-12 16:53 - 2014-07-12 16:53 - 00000000 ____D () C:\Users\laptop\Documents\Razer
2014-07-12 16:51 - 2014-07-12 16:51 - 00000000 ____D () C:\Program Files\Razer
2014-07-12 01:41 - 2014-07-12 17:31 - 00000000 ____D () C:\Program Files\BattleBlock Theatre
2014-07-09 01:23 - 2014-07-11 19:44 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Tibia
2014-07-09 01:23 - 2014-07-09 01:23 - 00000975 _____ () C:\Users\laptop\Desktop\Wodbo.lnk
2014-07-09 01:23 - 2014-07-09 01:23 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\V2wodbo
2014-07-09 01:23 - 2014-07-09 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V2wodbo
2014-07-09 01:23 - 2014-07-09 01:23 - 00000000 ____D () C:\Program Files\V2wodbo
2014-07-06 17:32 - 2014-07-11 22:38 - 00000000 ____D () C:\Program Files\Hearthstone
2014-07-06 17:32 - 2014-07-06 17:32 - 00001159 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-07-06 17:32 - 2014-07-06 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-06 17:25 - 2014-07-06 17:31 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Battle.net
2014-07-06 17:25 - 2014-07-06 17:25 - 00001120 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-07-06 17:24 - 2014-07-11 21:42 - 00000000 ____D () C:\Program Files\Battle.net
2014-07-06 17:24 - 2014-07-06 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-30 12:43 - 2014-06-30 12:43 - 00121624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
 
==================== One Month Modified Files and Folders =======
 
2014-07-22 00:44 - 2014-07-22 00:43 - 00034774 _____ () C:\Users\laptop\Downloads\Addition.txt
2014-07-22 00:44 - 2014-07-22 00:42 - 00011806 _____ () C:\Users\laptop\Downloads\FRST.txt
2014-07-22 00:44 - 2014-07-22 00:41 - 00000000 ____D () C:\FRST
2014-07-22 00:41 - 2014-07-22 00:40 - 01080320 _____ (Farbar) C:\Users\laptop\Downloads\FRST.exe
2014-07-22 00:41 - 2014-07-22 00:37 - 62393168 _____ () C:\Users\laptop\Downloads\Hordatoj Beat Tape Vol. 1 (2013) 320Kbps CD.rar
2014-07-22 00:39 - 2014-07-20 01:15 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 00:31 - 2014-07-13 07:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-22 00:06 - 2014-06-08 15:51 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\TS3Client
2014-07-22 00:06 - 2013-12-03 18:36 - 00000378 _____ () C:\Windows\Tasks\update-sys.job
2014-07-22 00:06 - 2013-12-03 10:22 - 00001024 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-22 00:02 - 2014-04-24 14:57 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1894574535-4034318136-3275050477-1000UA.job
2014-07-21 23:05 - 2013-12-03 18:36 - 00000378 _____ () C:\Windows\Tasks\update-S-1-5-21-1894574535-4034318136-3275050477-1000.job
2014-07-21 21:39 - 2013-12-13 14:13 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\AIMP3
2014-07-21 19:44 - 2010-11-20 17:01 - 01676526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 19:32 - 2014-03-19 16:31 - 01603487 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 18:32 - 2014-07-21 15:30 - 00000000 ____D () C:\Users\laptop\Downloads\yay
2014-07-21 15:44 - 2014-07-21 15:44 - 00424296 _____ () C:\Users\laptop\Downloads\Logo.rar
2014-07-21 15:08 - 2014-07-14 05:24 - 00000000 ____D () C:\Users\laptop\AppData\Local\LogMeIn Hamachi
2014-07-21 15:08 - 2013-12-03 15:29 - 00002155 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-07-21 15:08 - 2013-12-03 10:22 - 00001020 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 15:02 - 2014-04-24 14:57 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1894574535-4034318136-3275050477-1000Core.job
2014-07-21 14:59 - 2009-07-14 00:34 - 00034928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 14:59 - 2009-07-14 00:34 - 00034928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 14:51 - 2014-07-19 15:10 - 00000448 _____ () C:\Windows\setupact.log
2014-07-21 14:51 - 2013-12-03 11:45 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-07-21 14:51 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 01:41 - 2014-07-21 01:37 - 74324668 _____ () C:\Users\laptop\Downloads\ENFERMOS DEL RAP - La pandemia 2014 (Final) ok.wav
2014-07-21 00:15 - 2014-03-12 15:48 - 00000000 ____D () C:\Program Files\Steam
2014-07-20 16:03 - 2014-07-20 16:03 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-07-20 16:03 - 2014-07-20 16:03 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-07-20 16:03 - 2014-07-13 22:59 - 00000951 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-20 16:03 - 2014-07-13 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-20 04:09 - 2014-07-20 04:09 - 00727576 _____ () C:\Users\laptop\Downloads\descarga.htm
2014-07-20 02:36 - 2014-07-20 02:36 - 00791895 _____ () C:\Users\laptop\Downloads\OptiFine_1.7.10_HD_A4.jar
2014-07-20 02:18 - 2014-07-20 02:01 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\.minecraft
2014-07-20 02:02 - 2014-07-20 02:02 - 00002091 _____ () C:\Users\laptop\Desktop\Minecraft.lnk
2014-07-20 02:02 - 2014-07-20 02:02 - 00000000 ____D () C:\Users\laptop\Downloads\14w02b
2014-07-20 02:02 - 2014-07-20 02:01 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2014-07-20 02:00 - 2014-07-20 01:54 - 115388459 _____ (TeamExtreme ) C:\Users\laptop\Downloads\Minecraft 1.7.2.exe
2014-07-20 01:32 - 2013-12-03 15:27 - 00000000 ____D () C:\Program Files\Common Files\Spigot
2014-07-20 01:14 - 2014-07-20 01:14 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 01:14 - 2014-07-20 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 01:14 - 2014-07-20 01:14 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-20 01:14 - 2013-12-03 10:24 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Malwarebytes
2014-07-20 01:14 - 2013-12-03 10:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-19 16:16 - 2013-12-03 10:23 - 00002127 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-19 16:12 - 2014-01-01 03:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-19 16:11 - 2014-07-19 16:11 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-19 16:10 - 2014-07-19 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 16:10 - 2014-01-01 03:45 - 00000000 ____D () C:\Program Files\Java
2014-07-19 15:10 - 2014-07-19 15:10 - 00000376 _____ () C:\Windows\PFRO.log
2014-07-19 15:10 - 2014-07-19 15:10 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-18 21:49 - 2014-07-18 21:49 - 00000850 _____ () C:\Windows\system32\new  1.txt
2014-07-17 22:30 - 2014-07-17 22:30 - 00001021 _____ () C:\Users\laptop\Desktop\Starcraft.lnk
2014-07-17 22:30 - 2014-07-16 23:20 - 00000000 ____D () C:\Users\laptop\Desktop\starcraft
2014-07-17 17:07 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
2014-07-17 15:50 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-16 21:10 - 2014-07-16 21:10 - 00408552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 21:09 - 2014-07-16 21:09 - 00000000 _____ () C:\asc_rdflag
2014-07-16 21:09 - 2013-12-03 18:00 - 47083520 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-07-16 21:09 - 2013-12-03 18:00 - 00253952 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-07-16 21:09 - 2013-12-03 18:00 - 00102400 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-07-16 21:09 - 2013-12-03 18:00 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-07-16 21:09 - 2013-12-02 17:26 - 00000000 ____D () C:\Users\laptop
2014-07-16 20:16 - 2014-04-11 05:18 - 00000000 ____D () C:\Users\laptop\Desktop\lapappy
2014-07-16 20:16 - 2014-03-24 19:28 - 00000000 ____D () C:\Users\laptop\Desktop\Fondos
2014-07-16 19:55 - 2014-02-08 05:47 - 00000000 ____D () C:\Users\laptop\AppData\Local\Razer
2014-07-16 19:55 - 2014-02-08 05:45 - 00000000 ____D () C:\ProgramData\Razer
2014-07-16 19:50 - 2014-07-16 19:50 - 00109280 _____ () C:\Users\laptop\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 18:48 - 2014-03-31 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-07-16 16:24 - 2013-12-03 15:35 - 47083520 _____ () C:\Windows\system32\config\software.iobit
2014-07-16 16:24 - 2013-12-03 15:35 - 00253952 _____ () C:\Windows\system32\config\default.iobit
2014-07-16 16:24 - 2013-12-03 15:35 - 00102400 _____ () C:\Windows\system32\config\sam.iobit
2014-07-16 16:24 - 2013-12-03 15:35 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-07-16 15:00 - 2014-07-16 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-16 15:00 - 2014-07-16 15:00 - 00000000 ____D () C:\Program Files\LogMeIn Hamachi
2014-07-16 04:18 - 2014-07-16 04:18 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-15 22:50 - 2013-12-23 02:33 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\uTorrent
2014-07-15 22:26 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-15 18:43 - 2014-07-15 00:35 - 00000000 ____D () C:\Users\laptop\AppData\Local\AVG Web TuneUp
2014-07-15 14:45 - 2014-07-15 00:34 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-07-15 03:23 - 2013-12-03 15:29 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-15 03:16 - 2010-11-20 20:39 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-15 00:34 - 2014-07-15 00:33 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-07-15 00:34 - 2014-07-15 00:33 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-07-15 00:33 - 2014-07-15 00:34 - 00042784 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2014-07-15 00:33 - 2014-07-15 00:33 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-07-15 00:33 - 2014-07-15 00:33 - 00000000 ____D () C:\Program Files\AVG Web TuneUp
2014-07-15 00:05 - 2013-12-03 11:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 23:47 - 2014-07-14 23:47 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-14 23:41 - 2009-07-13 22:04 - 00000478 _____ () C:\Windows\win.ini
2014-07-14 23:40 - 2013-12-17 11:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-14 05:05 - 2014-07-14 05:05 - 00000216 _____ () C:\Users\laptop\Desktop\Unturned.url
2014-07-14 00:46 - 2006-02-25 10:08 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Win32
2014-07-14 00:32 - 2013-12-03 15:28 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-14 00:02 - 2014-07-13 07:45 - 00000000 ____D () C:\Users\laptop\AppData\Local\Avg2014
2014-07-13 23:01 - 2014-07-13 23:01 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\AVG2014
2014-07-13 23:00 - 2014-07-13 22:57 - 00000000 ____D () C:\ProgramData\AVG2014
2014-07-13 22:57 - 2014-07-13 22:57 - 00000000 ___HD () C:\$AVG
2014-07-13 22:55 - 2014-07-13 22:55 - 00000000 ____D () C:\Program Files\AVG
2014-07-13 07:45 - 2014-07-13 07:45 - 00000000 ____D () C:\Users\laptop\AppData\Local\MFAData
2014-07-12 17:31 - 2014-07-12 01:41 - 00000000 ____D () C:\Program Files\BattleBlock Theatre
2014-07-12 16:53 - 2014-07-12 16:53 - 00000000 ____D () C:\Users\laptop\Documents\Razer
2014-07-12 16:51 - 2014-07-12 16:51 - 00000000 ____D () C:\Program Files\Razer
2014-07-12 01:41 - 2013-12-10 13:27 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-11 22:38 - 2014-07-06 17:32 - 00000000 ____D () C:\Program Files\Hearthstone
2014-07-11 22:37 - 2014-02-09 04:20 - 00000000 ____D () C:\Users\laptop\AppData\Local\Battle.net
2014-07-11 21:42 - 2014-07-06 17:24 - 00000000 ____D () C:\Program Files\Battle.net
2014-07-11 19:44 - 2014-07-09 01:23 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Tibia
2014-07-11 03:02 - 2014-07-19 16:10 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-19 16:10 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-19 16:10 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-19 16:10 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-09 01:23 - 2014-07-09 01:23 - 00000975 _____ () C:\Users\laptop\Desktop\Wodbo.lnk
2014-07-09 01:23 - 2014-07-09 01:23 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\V2wodbo
2014-07-09 01:23 - 2014-07-09 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\V2wodbo
2014-07-09 01:23 - 2014-07-09 01:23 - 00000000 ____D () C:\Program Files\V2wodbo
2014-07-06 17:32 - 2014-07-06 17:32 - 00001159 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-07-06 17:32 - 2014-07-06 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-07-06 17:32 - 2014-02-09 04:20 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-07-06 17:31 - 2014-07-06 17:25 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Battle.net
2014-07-06 17:25 - 2014-07-06 17:25 - 00001120 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-07-06 17:24 - 2014-07-06 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-07-06 17:14 - 2013-12-19 16:38 - 00000000 ____D () C:\ProgramData\Skype
2014-07-06 13:17 - 2013-12-19 16:38 - 00000000 ____D () C:\Users\laptop\AppData\Roaming\Skype
2014-06-30 12:43 - 2014-06-30 12:43 - 00121624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiskx.sys
2014-06-29 14:48 - 2009-07-14 00:53 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-26 17:38 - 2013-12-17 11:25 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\laptop\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-17 16:58
 
==================== End Of Log ============================

COPY Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:21-07-2014
Ran by laptop at 2014-07-22 00:45:24
Running from C:\Users\laptop\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.0.6 - IObit)
AIMP3 (HKLM\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 3.1.0.6 - AVG Technologies)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theatre (HKLM\...\BattleBlock Theatre_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM\...\Hearthstone) (Version:  - Blizzard Entertainment)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6268.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2057 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.0.4.1083 - IObit)
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
lightshot-5.1.0.15 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.0.15 - Skillbrains)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.222 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versión 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 ESN Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Paquete de idioma de Microsoft .NET Framework 4.5 ESN (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50709 - Microsoft Corporation)
REALTEK Wireless LAN Software (HKLM\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Spacewar (HKLM\...\Steam App 480) (Version:  - Valve)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
System Requirements Lab for Intel (HKLM\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Unturned (HKLM\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{A57A9AE3-09A9-44A0-AA78-458C71DA6FDE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{837C1EAC-6A89-44A0-8C45-E655AAFD8CE1}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
V2wodbo (HKLM\...\V2wodbo) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
==================== Restore Points  =========================
 
14-07-2014 01:55:06 Windows Update
14-07-2014 02:54:17 Installed AVG 2014
14-07-2014 02:56:11 Installed AVG 2014
14-07-2014 09:22:03 Installed LogMeIn Hamachi
15-07-2014 03:30:03 Windows Update
19-07-2014 20:06:31 Installed Java 7 Update 65
 
==================== Hosts content: ==========================
 
2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {144031DA-D6D5-4AD7-9306-CB67E8CB2DE8} - System32\Tasks\update-S-1-5-21-1894574535-4034318136-3275050477-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: {1E8CFA67-6F11-415A-86BC-891EA884AB1B} - System32\Tasks\{4B62F731-052F-47DB-AF14-8526E00BAC6D} => C:\MuAvantasiaS8\main.exe
Task: {2750AF61-7218-45C4-BFC5-D4D67884ABA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {2B2DFA70-F4B4-4F34-8F50-0A70ACEBDF8E} - System32\Tasks\{153A9906-B81F-4E42-B0D0-1D3EF2695B0B} => C:\MuAvantasiaS8\main.exe
Task: {488B9346-1737-477B-BD6F-B1845C6D426D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {56C70CF9-4AA9-4E73-A68E-280E839F2308} - System32\Tasks\ASC7_SkipUac_laptop => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2013-11-18] (IObit)
Task: {85F62465-6A43-4D88-A80A-A3868BA75056} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [2013-11-11] (IObit)
Task: {8BC03D41-FBA2-4952-9069-0B1F9AB0BB7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {95DCC614-1F65-4F9E-B9AA-AE811CD07B39} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1894574535-4034318136-3275050477-1000Core => C:\Users\laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-24] (Facebook Inc.)
Task: {D75A3BF3-F50D-4EEA-BD4C-AC0BAF93755B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {D9717316-5604-4BBE-88DA-7F4BA1BFBB38} - System32\Tasks\{E8BCBC65-BC7A-4863-897E-82DBD4B79BD9} => C:\MuAvantasiaS8\main.exe
Task: {EF2E258B-30E3-47EF-ACA0-C33BA47EB7DE} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: {F22DCAD4-91F2-42B1-8AD3-00AD7CB7F86F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1894574535-4034318136-3275050477-1000UA => C:\Users\laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-04-24] (Facebook Inc.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1894574535-4034318136-3275050477-1000Core.job => C:\Users\laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1894574535-4034318136-3275050477-1000UA.job => C:\Users\laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1894574535-4034318136-3275050477-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-03 15:29 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2014-07-15 00:33 - 2014-07-15 00:33 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\loggingserver.exe
2014-07-15 00:33 - 2014-07-15 00:33 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.1.0\log4cplusU.dll
2013-12-03 15:29 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madExcept_.bpl
2013-12-03 15:29 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madBasic_.bpl
2013-12-03 15:29 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2013-12-03 15:29 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-15 00:33 - 2014-07-15 00:33 - 02575384 _____ () C:\Program Files\AVG Web TuneUp\vprot.exe
2013-12-03 15:17 - 2012-04-10 15:32 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2013-12-03 15:17 - 2014-07-16 04:18 - 05430776 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
2013-12-03 15:17 - 2014-07-16 04:18 - 01640440 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\RiotLauncher.dll
2013-12-19 20:31 - 2013-11-15 15:14 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\LolClient.exe
2013-12-19 20:27 - 2013-11-15 15:13 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-07-19 16:16 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-19 16:16 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-19 16:16 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-19 16:16 - 2014-07-15 05:24 - 14664008 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
2014-07-19 16:16 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-19 16:16 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:4EE74317
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: Akamai NetSession Interface => 
MSCONFIG\startupreg: avgnt => 
MSCONFIG\startupreg: SearchSettings => 
 
==================== Faulty Device Manager Devices =============
 
Name: A5Z35AVS IDE Controller
Description: A5Z35AVS IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a5mgo4f0
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: GT-S6810L
Description: GT-S6810L
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: SAMSUNG Electronics Co. Ltd. 
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Adaptador ISATAP de Microsoft
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Adaptador ISATAP de Microsoft #2
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: CDC Serial
Description: CDC Serial
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Adaptador ISATAP de Microsoft #3
Description: Adaptador ISATAP de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: CDC Serial
Description: CDC Serial
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: GT-S6810L
Description: GT-S6810L
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/21/2014 02:52:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2014 02:39:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2014 02:10:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2014 01:31:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 04:03:10 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_ztx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.
 
Error: (07/20/2014 04:03:07 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_zhx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.
 
Error: (07/20/2014 04:03:03 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_trx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.
 
Error: (07/20/2014 04:03:00 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_rux.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.
 
Error: (07/20/2014 04:02:57 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_msx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.
 
Error: (07/20/2014 04:02:54 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_kox.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.
 
 
System errors:
=============
Error: (07/21/2014 02:51:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 5:45:34 del ‎21-‎07-‎2014 resultó inesperado.
 
Error: (07/21/2014 02:38:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LogMeIn Hamachi Tunneling Engine no pudo iniciarse debido al siguiente error: 
%%1053
 
Error: (07/21/2014 02:38:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio LogMeIn Hamachi Tunneling Engine.
 
Error: (07/21/2014 02:37:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 2:36:21 del ‎21-‎07-‎2014 resultó inesperado.
 
Error: (07/21/2014 02:09:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio LogMeIn Hamachi Tunneling Engine no pudo iniciarse debido al siguiente error: 
%%1053
 
Error: (07/21/2014 02:09:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio LogMeIn Hamachi Tunneling Engine.
 
Error: (07/21/2014 02:08:41 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 2:07:05 del ‎21-‎07-‎2014 resultó inesperado.
 
Error: (07/21/2014 01:30:21 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 1:28:29 del ‎21-‎07-‎2014 resultó inesperado.
 
Error: (07/21/2014 01:16:12 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: El servicio Examinador no puede recuperar la lista de copias de seguridad un número excesivo de veces en el transporte \Device\NetBT_Tcpip_{152F6C49-8359-418E-9715-CCB230F21E11}.
El examinador auxiliar está detenido.
 
Error: (07/20/2014 06:17:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: El explorador maestro recibió una notificación del equipo KEVIN-PC
que cree que es el explorador maestro para el dominio en el transporte NetBT_Tcpip_{152F6C49-8359-418E-9715-CCB230F21.
El explorador maestro está detenido o se está forzando una elección.
 
 
Microsoft Office Sessions:
=========================
Error: (07/21/2014 02:52:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2014 02:39:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2014 02:10:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/21/2014 01:31:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/20/2014 04:03:10 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_ztx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/20/2014 04:03:07 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_zhx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/20/2014 04:03:03 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_trx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/20/2014 04:03:00 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_rux.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/20/2014 04:02:57 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_msx.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/20/2014 04:02:54 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Producto: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): No se encontró el archivo de origen(contenedor): C:\ProgramData\AVG2014\SetupBackup\lng_kox.cab.  Compruebe que el archivo existe y que puede obtener acceso a él.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 85%
Total physical RAM: 1976.27 MB
Available physical RAM: 287.95 MB
Total Pagefile: 3952.53 MB
Available Pagefile: 1083.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.56 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:297.98 GB) (Free:231.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: A7795EF8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=OF Extended)
 
==================== End Of Log ============================
Link to post
Share on other sites

Hi,

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select "Run As Administrator"

  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.

    Copy and paste the contents of that logfile in your next reply.

Step 2

Scan with mbam.pngMalwarebytes Antimalware

  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.

    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)

  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.
Step 3

Please download the eset.pngESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.

    Please copy and paste the log in your next reply.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.