Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot find xpcom, snap.do, games crash, slow flash apps


  • Please log in to reply

#1
backforthewin

backforthewin

    New Member

  • Member
  • Pip
  • 2 posts
Lately I have been experiencing crashes during gameplay and starting today I could not open firefox and it will not let me delete the Mozilla folder completely with the error 0x80070570. Hopefully it is malware and not a disk issue. Snap.do has also been removed from firefox previously but has found a way to get back onto internet explorer. As well in same time period as crashing during gameplay I have been experiencing a slower start-up and laggy responses from flash programs. No known downloads or add-ons to any games or programs that could have caused these issues. No prior steps have been done other than trying to re-install firefox for the Mozilla related issues.



OTL Extras logfile created on: 2013-08-25 11:04:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Johnny\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

7.98 Gb Total Physical Memory | 6.69 Gb Available Physical Memory | 83.84% Memory free
15.98 Gb Paging File | 14.63 Gb Available in Paging File | 91.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.67 Gb Total Space | 1634.35 Gb Free Space | 87.74% Space Free | Partition Type: NTFS

Computer Name: JOHN | User Name: Johnny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3C8FCAB0-991F-4CB7-910A-AD1F1BFA5FE6}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{9897D2F3-DC5D-4379-9D63-2CFC16A3DC0F}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{A1342C24-173B-418D-B48C-9D9A09306A84}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0104B779-66F3-4F38-BC04-FE8333B43072}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{066B0035-CF09-40F8-98A9-8A051BAB8DEB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{07998FD7-2396-45BD-8142-1B4AA31A45EB}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0B4C3491-9EAB-4894-954C-A846DDFEF720}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0BBD2977-C055-4CE3-B8BA-65215135EF63}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0EDBE38F-2A2B-40A9-84AC-C0A1FD38923C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{0F33C425-101F-4A53-8624-8E7F02395449}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{1145DE95-34C4-4454-B3CA-ECFEC8B7F874}" = dir=out | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{137AC5E5-1765-430E-9A6C-26735C13B4E1}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{16185C9B-478D-45EC-B515-3C3C3977AA61}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1A55BF89-BBA4-472D-8651-E4AB34ADD255}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{210C9AE0-398C-4EB1-A360-AA75FC46B3C5}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{29B43464-3F16-4710-86BD-DE353E42163F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal\hl2.exe |
"{29CB37F0-D343-4BBC-8D1E-69F61B95EB30}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{2B542911-DEA9-4FD7-BB68-79257392ABD5}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2E35B2DC-BE12-4D90-A78F-AA31CFB52BF9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{2F8A6EF8-4734-48F6-B605-D0CB9D206631}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
"{32439AFE-5817-4858-8F5E-BE53AD1C0F3A}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{36EC62F3-2FF7-4846-9DBF-1668F465CE96}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3759C29A-3311-453D-BFC1-B963F064B42F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashers\castle.exe |
"{44C158D5-3B3B-491F-BBFF-C4D164FD671E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{4C84497F-B924-426E-8872-5B5562E75B1B}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{4D70B1FF-534E-4148-94D2-867E8E8A6761}" = dir=out | [email protected]{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{4F663ADC-6416-48DE-B11C-B93A62C6CBD1}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{5129FAF2-F500-4765-9581-3F6D453AD3AC}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5272FA6A-67B7-4753-9A0B-03E05D8335C3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{604D07FB-1047-4AC0-9587-9E068E7F4A70}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{628616A5-F813-4CCB-938B-5FD049779007}" = dir=out | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{62FB2055-EF23-4CF0-95FC-552F9F6AD5F2}" = dir=in | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{643F0026-CE44-4A4A-B1B1-E003FB5B3BC4}" = dir=out | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{688D4624-19C6-4FFE-AB69-A956AA35A174}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6CB7675D-B22A-4D90-9098-B041FC00EE39}" = dir=out | name=windows_ie_ac_001 |
"{6F02329F-F738-4608-80CE-A4F79B4F9EC2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{70046EDF-6A9D-4C76-9453-5B9BABEDE21F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{703A7460-F59A-4328-B1AE-E5CE366F49B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{7580F8F4-A193-4BCB-8E5C-E7CD7EB470E0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{75B9C299-B115-468E-8063-F0DD9C134734}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{75C60319-2951-4B15-81E7-96CBE7D97FF0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{75DA9E01-A9FC-4DAF-B019-2A8E6B766739}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{773BB377-B486-48F0-9536-A5A640F2C1AA}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{7A9A7E0B-7338-4C64-8BDB-D9AA1EF0AEF3}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.x64.exe |
"{7DD1EAA1-2CAB-4981-A05C-3B216B2A5482}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{821BFD6D-13AB-4E8D-BB23-D689C43908F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{84FF50E8-A23F-4EB2-A57D-45396961688F}" = protocol=6 | dir=in | app=c:\users\johnny\downloads\bittorrent.exe |
"{87F97B72-9B22-48E4-9813-AF8F17155A06}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{8B0D8852-E2F0-4D12-BA64-6A49AD196252}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{8D72C56C-B2BC-4188-A123-C880C8B2793E}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{8D8C58E5-FCF1-49C4-8823-B102E5522DBE}" = dir=in | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8F1A2A1F-14CF-480D-81A0-A98D8B17D2F6}" = dir=out | [email protected]{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{93BFC887-454E-448E-8B0B-2BC6F06B6C04}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{942E26DC-111B-446E-8710-86E29EB391EA}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{997A9037-5A3E-4E40-BF25-B4AF75FFC101}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{9B9DD6FA-620D-4DA3-943C-5B3197418DD0}" = dir=out | [email protected]{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{9BD2E4A7-82D4-487E-A5C7-463104706D9D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{9F960E90-2993-4EA5-A052-AB9D59112A42}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A1B1E497-5F84-4839-B809-DD76EBBB141A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A252CB42-532A-4E8A-98CA-99B7983AF6BB}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A6EF8FF3-DDA7-4053-99C7-BADC9EE19949}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{A8AD112D-323E-40FD-BB2D-FEB310381143}" = dir=out | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{A8B145E9-6705-4085-8737-7EAD286DB592}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AD11EC3F-7CEF-4BDA-95DE-3D2722E0D669}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{AEABF0F9-66E6-4BDF-A6AF-6AC4A219FEB9}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{B01C012B-4C43-490D-B898-919C2A34DA6D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{B1CB2C81-09B3-4EDB-8DB5-773A8F297AC8}" = dir=out | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B3F41F31-41B3-4A14-9A4A-ED5C3084F90B}" = dir=out | [email protected]{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{B60F07E7-E91D-46E9-A044-FEAA8973DC66}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{BA20E1B3-FBBA-4DEB-8F11-38342CF58C10}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BDEEC18C-FD70-4FDC-962C-CD1B06FA02F1}" = dir=in | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C2F09802-A71F-40BD-BF85-457E8DA83B7E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{C3911D76-4285-48DF-9C6F-5EA1112B5827}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{CA91B5F9-1765-4AB5-BC66-A396DD7D997A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{CD8527FA-B8D2-4241-8AFE-A610DC180947}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{CDB8C9B0-7598-4002-84EB-B0E6FCF4F19F}" = dir=in | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{CDC118AA-BB1F-4AF2-A0E8-639026BB9C05}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{CEE38DB6-FCA6-4406-9AD0-1F7765362CBB}" = dir=in | [email protected]{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{CEF47643-DAE6-4E3A-B160-9EE361CB27C0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal\hl2.exe |
"{D243F73A-7D27-48A9-BC81-FB9BFA98577E}" = dir=out | [email protected]{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{D6F56BBB-C5CC-44FF-8BD5-B9F89D013A28}" = dir=out | [email protected]{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{DA0B492D-BDF7-42BA-A2A4-0F569EBA8D53}" = protocol=17 | dir=in | app=c:\users\johnny\downloads\bittorrent.exe |
"{DB277215-633A-4711-ABB8-FF5F2E03962D}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{DEE3D3B9-0F34-48F3-8024-A25C555CF131}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\castlecrashers\castle.exe |
"{DEF36A1B-D9BE-4BF8-AC7F-58D86E0247DB}" = dir=out | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E0B5A808-0702-4DAE-8B17-3FF3BFE3F35F}" = dir=out | [email protected]{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E3D44D0C-6081-4340-AA35-8E5BA65BDDD9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{E5871AAF-62B2-4B1B-9375-63A638116016}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{ECE1B65D-5C3E-4667-9FA8-FBF5B2F3ACE7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{ED77EB1A-C3E9-4679-A421-8BCF29864352}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{EFF26D77-5A4F-447C-86CD-CE0F043C4789}" = protocol=17 | dir=out | app=c:\program files (x86)\steam\steamapps\common\warframe\warframe.exe |
"{F07CC6E8-4967-4942-B626-F205D6992325}" = dir=out | [email protected]{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F0D419A2-9FEB-4615-9AFA-7937F1AA682B}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F0ED552B-2431-4B6D-90BE-E9BCE7E42EEA}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F2D242CB-62DE-4C4E-974F-20D0B90E24F1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{F2E8AAF0-AB1A-4311-A3C7-D4228FD24C44}" = dir=out | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F413457C-8547-46DF-80CA-5823C01F84C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F5FA599D-B036-495A-A42B-3FEFE6290F08}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{F63C8DD8-40E1-442C-B446-9C6E70226AC5}" = dir=in | [email protected]{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F736DB8F-4985-48B1-A3A3-F5A12FDB1AC2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
"{F98F07ED-6004-490E-8806-712A3F140C95}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warframe\tools\launcher.exe |
"{F9BD7BFA-E7C5-4FB6-9C19-CE3DD91725B1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FA64DE72-8005-4895-873B-6E35A0019F17}" = dir=out | [email protected]{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{FC0A7C68-76EE-4F4B-A389-2944EEEE37E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe |
"{FE07A815-555B-4FD5-BE5D-FC66FD2ADF7B}" = dir=out | [email protected]{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{FF385C54-067B-440B-93F8-60669297424C}" = dir=in | [email protected]{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"TCP Query User{01A4065F-74CC-4F67-8DE7-EA9850816BF9}C:\users\johnny\downloads\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\johnny\downloads\bittorrent.exe |
"TCP Query User{4D24B098-BBDB-470E-8132-26203A6235B4}C:\users\johnny\downloads\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\users\johnny\downloads\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe |
"TCP Query User{54F2A410-AB7E-408E-8D88-6D5FBC995C49}C:\users\johnny\appdata\roaming\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\johnny\appdata\roaming\bittorrent\bittorrent.exe |
"TCP Query User{5520DB64-99E5-4F75-8F07-874836365BF1}C:\users\johnny\desktop\games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\users\johnny\desktop\games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe |
"TCP Query User{634E718A-3B73-49E4-9B6E-076D87E920E6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{6DE1C475-39E7-4605-976D-0D0B044EC5CB}C:\users\johnny\documents\my games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\users\johnny\documents\my games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe |
"UDP Query User{24FDFC83-A81E-4F1B-A6B3-4E6141C7905A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{46D75B07-1AE5-4ED9-8572-38A9A33E6889}C:\users\johnny\appdata\roaming\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\johnny\appdata\roaming\bittorrent\bittorrent.exe |
"UDP Query User{A5D7FF3C-5626-475E-BA5C-3A4E5B129DA3}C:\users\johnny\documents\my games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\users\johnny\documents\my games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe |
"UDP Query User{A8E668A7-FB70-476F-B469-0B49A91F37CE}C:\users\johnny\desktop\games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\users\johnny\desktop\games\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe |
"UDP Query User{C220ABBA-0838-4998-8366-7857D98CA75B}C:\users\johnny\downloads\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\users\johnny\downloads\dishonored-skidrowcrack.com\binaries\win32\dishonored.exe |
"UDP Query User{FEEA8E69-9D00-4400-B044-8155E157FC1F}C:\users\johnny\downloads\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\johnny\downloads\bittorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003B37AE-21F5-5BC5-F5EB-CD60A8928696}" = AMD Accelerated Video Transcoding
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6397820D-9FC6-774C-1EF5-CBA09049E426}" = AMD Fuel
"{653B9326-BD45-53BE-681A-A49CAAEE8A3C}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}" = AMD Catalyst Install Manager
"{C5A22A98-AC82-4404-BFB0-1E9F654EB176}" = Motorola Mobile Drivers Installation 6.0.0
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13464292-6666-B2DB-1B0C-A3FE14DAD1F9}" = CCC Help Dutch
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{338CD56F-1CDC-CF32-33F6-DED2DF92284E}" = CCC Help French
"{46458556-5C46-79A9-A6FF-81DF1F8B2729}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{519D68B8-A768-4CDC-E4C9-B115D49CED93}" = CCC Help Norwegian
"{51D383BC-D988-8C1E-FAA1-BC5260A32A87}" = CCC Help Polish
"{5A883D2B-D279-0D01-6E62-B810AFD8CC62}" = Catalyst Control Center InstallProxy
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{67A4760F-9804-CCF6-C319-27840ED77924}" = CCC Help Korean
"{6BE5E4A9-D88B-532D-26E6-883C32BF098A}" = CCC Help Thai
"{6E0D26C1-4265-1D02-4D19-D0A8F6A463F8}" = AMD VISION Engine Control Center
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{726DDC29-79B3-41B4-BDBF-97DF25BF1EA8}" = TurboTax 2012
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DD62206-7B6C-E32E-BD11-B49B3B089D16}" = CCC Help Danish
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1" = SUPER © +Recorder.2013.55 (Mar 7, 2013) version +Recorder.2013.
"{9739158D-EDED-D628-9865-1460B5A7FAE3}" = CCC Help Portuguese
"{9809124C-0C4C-2367-7889-1E16D8EF1AAF}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A6E1EE9D-01DD-82FD-BDBC-193BCEF9FD5C}" = CCC Help Greek
"{AB13F192-49FC-A065-F15C-746B10CC43C8}" = CCC Help Japanese
"{AE548812-D611-608D-61C6-7E40F28573A2}" = CCC Help Russian
"{AF860F85-54A3-4A28-879B-BF9E6E325776}" = QuickShare
"{BC63AEF9-1367-9F7C-5926-52E56450EDCD}" = CCC Help Spanish
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C1E2D27F-B363-588E-8859-9EF7F4EBF418}" = CCC Help Chinese Traditional
"{D76AC809-CCC1-6198-4970-A63FA5CF7DCB}" = CCC Help Swedish
"{DA675EE2-4C04-9699-0EE2-7EF9FE7AB870}" = CCC Help German
"{DEAD13D3-BC70-4AAE-AEF9-BE6297E106D1}" = Motorola Device Software Update
"{E06F7C95-4D68-63D9-2231-AA5F8E186FCB}" = CCC Help English
"{E21A8F3C-1ACB-46B1-CE72-E9CF09549DED}" = Catalyst Control Center Localization All
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E2F52AC2-B925-C18F-E1AE-42FBD46ECAC7}" = CCC Help Czech
"{E649AC39-69C0-C6FE-0A54-4752DB5D1FD2}" = Catalyst Control Center Graphics Previews Common
"{E9463114-898C-7C2A-2C47-E9ABC63F5D43}" = CCC Help Finnish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF10AC4D-3349-99DA-3E58-5197CEA1D833}" = CCC Help Italian
"{FFEC93FF-C162-C0C3-B5E7-01214B0E5F2D}" = CCC Help Turkish
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.3
"BitTorrent" = BitTorrent
"BOSS" = BOSS
"Convert Audio Free FLAC to MP3_is1" = Convert Audio Free FLAC to MP3 version 1.0
"DVD Flick_is1" = DVD Flick 1.3.0.7
"HandBrake" = HandBrake 0.9.8
"OpenAL" = OpenAL
"Project 64_is1" = Project 64 version 2.0.0.14
"SearchProtect" = Search Protect by conduit
"SpeedFan" = SpeedFan (remove only)
"Steam App 108710" = Alan Wake
"Steam App 202750" = Alan Wake's American Nightmare
"Steam App 204360" = Castle Crashers
"Steam App 219150" = Hotline Miami
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 230410" = Warframe
"Steam App 32370" = Star Wars: Knights of the Old Republic
"Steam App 400" = Portal
"Steam App 440" = Team Fortress 2
"Steam App 49520" = Borderlands 2
"Steam App 550" = Left 4 Dead 2
"Steam App 620" = Portal 2
"Steam App 8870" = BioShock Infinite
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"World of Warcraft" = World of Warcraft

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-08-25 3:19:58 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Windows cannot load classes registry file. DETAIL - The configuration
registry database is corrupt.

Error - 2013-08-25 3:19:58 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = Windows was unable to load the registry. This problem is often caused
by insufficient memory or insufficient security rights. DETAIL - The configuration
registry database is corrupt. for C:\Users\Johnny\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2013-08-25 3:19:58 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Windows cannot load classes registry file. DETAIL - The configuration
registry database is corrupt.

Error - 2013-08-25 3:19:58 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = Windows was unable to load the registry. This problem is often caused
by insufficient memory or insufficient security rights. DETAIL - The configuration
registry database is corrupt. for C:\Users\Johnny\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2013-08-25 3:19:58 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Windows cannot load classes registry file. DETAIL - The configuration
registry database is corrupt.

Error - 2013-08-25 3:21:52 PM | Computer Name = John | Source = .NET Runtime | ID = 1026
Description =

Error - 2013-08-25 3:21:54 PM | Computer Name = John | Source = Application Error | ID = 1000
Description = Faulting application name: Launcher.exe_Borderlands 2 launcher, version:
1.0.0.0, time stamp: 0x51ddae47 Faulting module name: SHELL32.dll, version: 6.2.9200.16550,
time stamp: 0x5136a2a3 Exception code: 0xc0000005 Fault offset: 0x002f6f44 Faulting
process id: 0x12d0 Faulting application start time: 0x01cea1c857a8f930 Faulting application
path: C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
Faulting
module path: C:\Windows\SYSTEM32\SHELL32.dll Report Id: 9977aa6b-0dbb-11e3-be8e-bc5ff45c67c6
Faulting
package full name: Faulting package-relative application ID:

Error - 2013-08-25 3:28:04 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = Windows was unable to load the registry. This problem is often caused
by insufficient memory or insufficient security rights. DETAIL - The configuration
registry database is corrupt. for C:\Users\Johnny\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error - 2013-08-25 3:28:04 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Windows cannot load classes registry file. DETAIL - The configuration
registry database is corrupt.

Error - 2013-08-25 3:28:04 PM | Computer Name = John | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = Windows was unable to load the registry. This problem is often caused
by insufficient memory or insufficient security rights. DETAIL - The configuration
registry database is corrupt. for C:\Users\Johnny\AppData\Local\Microsoft\Windows\\UsrClass.dat

[ System Events ]
Error - 2013-08-09 4:46:43 PM | Computer Name = John | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 2013-08-11 1:04:56 PM | Computer Name = John | Source = Microsoft-Windows-Kernel-Boot | ID = 29
Description =

Error - 2013-08-11 1:05:15 PM | Computer Name = John | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:00:18 PM on ?2013-?08-?09 was unexpected.

Error - 2013-08-11 1:05:18 PM | Computer Name = John | Source = BugCheck | ID = 1001
Description =

Error - 2013-08-11 1:05:22 PM | Computer Name = John | Source = Service Control Manager | ID = 7000
Description = The ASInsHelp service failed to start due to the following error:
%%2

Error - 2013-08-11 1:05:22 PM | Computer Name = John | Source = Service Control Manager | ID = 7000
Description = The Search Protect by Conduit Updater service failed to start due
to the following error: %%2

Error - 2013-08-11 6:05:31 PM | Computer Name = John | Source = DCOM | ID = 10010
Description =

Error - 2013-08-14 1:34:33 PM | Computer Name = John | Source = Service Control Manager | ID = 7000
Description = The ASInsHelp service failed to start due to the following error:
%%2

Error - 2013-08-14 1:34:33 PM | Computer Name = John | Source = Service Control Manager | ID = 7000
Description = The Search Protect by Conduit Updater service failed to start due
to the following error: %%2

Error - 2013-08-14 3:19:20 PM | Computer Name = John | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
You have some hard drive corruption.

I would run a Disk check:


1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check,
Reboot. The disk check will run and will take an hour or more.

Then I think I would try to do a System Restore back to a time before the problem started.
http://www.sevenforu...em-restore.html

You do have some adware tho I can't see everything since you didn't post the OTL log - just the Extras log.

When you installed uTorrent I think you got Search Protect by conduit. See if you can uninstall it.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop.
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download aswMBR.exe to your desktop.
Right click aswMBR.exe and Run as Administrator
uncheck trace disk IO calls
Click the "Scan" button to start scan (Accept the Avast Engine)
On completion of the scan if the Fix button is enabled (not the FixMBR button) press it and then run a new scan and click save log, save it to your desktop and post in your next reply
If the Fix button is not enabled then just click save log, save it to your desktop and post in your next reply


Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#3
backforthewin

backforthewin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I apologize for not posting the second part of the log, I figured it had just popped the same one up twice.

asw would crash in the middle of running it, even after restarting the computer. Here are the other logs though.

VEW

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 27/08/2013 4:05:41 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/08/2013 7:30:11 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name darksouls.nexusmods.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 27/08/2013 6:26:29 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 1c76cc0 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:26:29 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 1c76cb8 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:26:28 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 1c76cb8 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:23:55 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 2f8bd58 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:23:55 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 2f8bd58 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:23:55 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 2f8bd58 for Disk 0 was retried.



JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 8 x64
Ran by Johnny on 2013-08-27 at 12:56:51.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3282812



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Johnny\AppData\Roaming\mozilla\firefox\profiles\im94d0qs.default-1370979273385\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013-08-27 at 13:00:11.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


AdwCleaner

1:

# AdwCleaner v3.001 - Report created 27/08/2013 at 12:39:59
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Johnny - JOHN
# Running from : C:\Users\Johnny\Desktop\Cleaning and Security\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Windows\System32\roboot64.exe
Folder Found C:\Users\Connor\AppData\LocalLow\Smartbar
Folder Found C:\Users\Connor\AppData\Roaming\SearchProtect
Folder Found C:\Users\Family\AppData\LocalLow\Smartbar
Folder Found C:\Users\Family\AppData\Roaming\SearchProtect
Folder Found C:\Users\Johnny\AppData\Local\Smartbar
Folder Found C:\Users\Johnny\AppData\Local\Temp\Smartbar
Folder Found C:\Users\Johnny\AppData\LocalLow\Smartbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\SmartbarBackup
Key Found : HKCU\Software\SmartbarLog
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : [x64] HKCU\Software\SmartBar
Key Found : [x64] HKCU\Software\SmartbarBackup
Key Found : [x64] HKCU\Software\SmartbarLog
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=12208235-25bf-4245-bd96-fc8c6f0e6787&searchtype=ds&q={searchTerms}&installDate=02/04/2013
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=12208235-25bf-4245-bd96-fc8c6f0e6787&searchtype=ds&q={searchTerms}&installDate=02/04/2013
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=12208235-25bf-4245-bd96-fc8c6f0e6787&searchtype=hp&installDate=02/04/2013
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=12208235-25bf-4245-bd96-fc8c6f0e6787&searchtype=ds&q={searchTerms}&installDate=02/04/2013
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=12208235-25bf-4245-bd96-fc8c6f0e6787&searchtype=ds&q={searchTerms}&installDate=02/04/2013
Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=12208235-25bf-4245-bd96-fc8c6f0e6787&searchtype=ds&q={searchTerms}&installDate=02/04/2013

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\im94d0qs.default-1370979273385\prefs.js ]


[ File : C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\jy6ph8o0.default\prefs.js ]


[ File : C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\2xpn3e0f.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6181 octets] - [27/08/2013 12:39:59]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6241 octets] ##########

2:

# AdwCleaner v3.001 - Report created 27/08/2013 at 12:40:36
# Updated 24/08/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Johnny - JOHN
# Running from : C:\Users\Johnny\Desktop\Cleaning and Security\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Johnny\AppData\Local\Smartbar
Folder Deleted : C:\Users\Johnny\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Johnny\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Family\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Family\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Connor\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Connor\AppData\Roaming\SearchProtect
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\im94d0qs.default-1370979273385\prefs.js ]


[ File : C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\jy6ph8o0.default\prefs.js ]


[ File : C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\2xpn3e0f.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6373 octets] - [27/08/2013 12:39:59]
AdwCleaner[S0].txt - [5194 octets] - [27/08/2013 12:40:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5254 octets] ##########



Thank you so much for the advice on the disk check, worked like a charm, and also for the quick reply. Started to freak out a little there.
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
Hard drive appears to still be having problems:

Log: 'System' Date/Time: 27/08/2013 6:26:29 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 1c76cc0 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:26:29 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 1c76cb8 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:26:28 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 1c76cb8 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:23:55 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 2f8bd58 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:23:55 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 2f8bd58 for Disk 0 was retried.

Log: 'System' Date/Time: 27/08/2013 6:23:55 PM
Type: Warning Category: 0
Event: 153 Source: disk
The IO operation at logical block address 2f8bd58 for Disk 0 was retried.


You can run Disk Check a second time and see if that helps but you may need to think about a new hard drive.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP