Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Some Virus eating my disk space [Solved]


  • This topic is locked This topic is locked

#1
Swipernoswiping

Swipernoswiping

    Member

  • Member
  • PipPip
  • 18 posts
I posted a topic earlier -----> http://www.geekstogo...01#entry2336201

and it is about my disk space

when I go inside my D drive and click ctrl+a and then click properties it says that I consumed 73 gb (68gb now because I moved a 5gb file to C) so I should have 32gb space left in my D drive because I have 100gb in D but when I click Computer it says that I have only 5.2gb remaining (red line) so can you help me with it?

pls. :help:
  • 0

Advertisements


#2
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
oh I forgot about the OTL results

here it is



OTL Extras logfile created on: 9/30/2013 9:00:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.58% Memory free
4.00 Gb Paging File | 2.94 Gb Available in Paging File | 73.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 6.71 Gb Free Space | 13.78% Space Free | Partition Type: NTFS
Drive D: | 100.21 Gb Total Space | 5.20 Gb Free Space | 5.19% Space Free | Partition Type: NTFS

Computer Name: DATAVISION | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{560FAF95-FAA0-4CE7-BF32-2E6BDE1EDB12}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A7C68D0A-35B5-4C7C-972A-02EC581DAAFE}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00616D94-39BF-4181-8B6F-02B3CC56D9DB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{04B49AF6-B14C-4C2E-B6DD-92E0DBDF692F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1EB4CF7F-B282-4DD4-A16C-C6A2ED23AB9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38F05A96-BD0D-4443-BA72-763A6FEEE8CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5F2D66D4-10AF-425D-A330-918F49FE9835}" = protocol=6 | dir=in | app=d:\dula na ta!\grand theft auto iv\launchgtaiv.exe |
"{6D5BFD9B-3C1B-44E2-826D-38D549CE98D7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78A644ED-2D8A-4231-9629-AC1044A296F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7D43C27D-F961-4B84-B5A8-0909408F88C1}" = protocol=17 | dir=in | app=d:\dula na ta!\grand theft auto iv\launchgtaiv.exe |
"{8738FDC8-3133-4D33-BF74-558B51787177}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8BBDCDB8-5797-4FE8-B57F-2039DE284537}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe |
"{EB4F658E-2C13-47B3-9503-C19D335CBDB4}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe |
"{F45D7E47-D301-4468-89EF-516127E4629C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{FD6751F9-3086-4AFB-8756-D3C98530A2F0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{3B6F9310-2466-4A9F-AB79-F780D21C1802}D:\dula na ta!\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\dula na ta!\grand theft auto iv\gtaiv.exe |
"TCP Query User{6B9C8754-BB89-4F16-9D93-00EE8E9CE5D3}D:\dula na ta!\ubisoft\rayman origins\rayman origins.exe" = protocol=6 | dir=in | app=d:\dula na ta!\ubisoft\rayman origins\rayman origins.exe |
"TCP Query User{78763035-CAF2-45CC-90EA-F4CA33859E5A}D:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=d:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe |
"TCP Query User{99FE9D89-E20F-4326-ACD9-567FEB8D1BD5}D:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=d:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{F7D5C2BB-E279-4E12-9292-7C5DA354BEC7}D:\dula na ta!\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=d:\dula na ta!\prototype 2\prototype2.exe |
"UDP Query User{0B70C66F-9470-4C2A-8DD9-F4D3D00DE12C}D:\dula na ta!\ubisoft\rayman origins\rayman origins.exe" = protocol=17 | dir=in | app=d:\dula na ta!\ubisoft\rayman origins\rayman origins.exe |
"UDP Query User{3775E6CD-1754-4D5A-9CE3-3DEB3AE2E9CF}D:\dula na ta!\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\dula na ta!\grand theft auto iv\gtaiv.exe |
"UDP Query User{709BF507-FB90-430C-ACD5-0C46C2414004}D:\dula na ta!\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=d:\dula na ta!\prototype 2\prototype2.exe |
"UDP Query User{83AB753E-80A9-40B6-910E-D0D2CFED6DCB}D:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=d:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe |
"UDP Query User{F46947A4-E3B0-4796-913D-7C9925452A1A}D:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=d:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09041881-2C94-4A67-8E55-8483C019C7D2}" = Microsoft Student with Encarta Premium 2009
"{0DCD0704-E2AB-4e97-96A7-90F146BD8243}" = Content Manager Assistant for PlayStation®
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B971160-CA64-4DBE-AF03-296F99EFEF48}" = Vtools Toolbar v7.9
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58597FDC-CDF0-4760-A57C-250DF09F4A21}" = Adobe Shockwave Player 12.0
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}" = Learning Essentials for Microsoft Office
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}" = Rayman Origins
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"AccelerateTab_is1" = AccelerateTab
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"avast" = avast! Free Antivirus
"Bully. Scholarship Edition_R.G. Mechanics_is1" = Bully. Scholarship Edition
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"GTA IV Vehicle Mod Installer v1.5_is1" = GTA IV Vehicle Mod Installer v1.5
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.8.5
"lucky leap" = lucky leap 1.0.0
"metaCrawler" = metaCrawler
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyPC Backup" = MyPC Backup
"MySSID_is1" = Vtune 7.13
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter
"Razer Game Booster_is1" = Razer Game Booster
"USB Disk Security_is1" = USB Disk Security
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.94
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/29/2013 1:04:40 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: GTAIV.exe, version: 1.0.7.0, time stamp:
0x4bd9efbe Faulting module name: GTAIV.exe, version: 1.0.7.0, time stamp: 0x4bd9efbe
Exception
code: 0xc0000005 Fault offset: 0x001a9346 Faulting process id: 0x14f4 Faulting application
start time: 0x01cebcd1640327a2 Faulting application path: D:\Dula na ta!\Grand Theft
Auto IV\GTAIV.exe Faulting module path: D:\Dula na ta!\Grand Theft Auto IV\GTAIV.exe
Report
Id: a4908ce6-28c4-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 1:18:08 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SPEEDD~1.DLL_unloaded, version: 0.0.0.0,
time stamp: 0x52380f91 Exception code: 0xc0000005 Fault offset: 0x0703dcdc Faulting
process id: 0x714 Faulting application start time: 0x01cebcc0e1a1744a Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: SPEEDD~1.DLL Report Id: 862f5e6f-28c6-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 3:10:52 AM | Computer Name = Datavision | Source = Application Hang | ID = 1002
Description = The program GTAIV.exe version 1.0.7.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 7bc Start Time:
01cebce2c9911b66 Termination Time: 72 Application Path: D:\Dula na ta!\Grand Theft
Auto IV\GTAIV.exe Report Id:

Error - 9/29/2013 3:10:59 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SPEEDD~1.DLL_unloaded, version: 0.0.0.0,
time stamp: 0x52380f91 Exception code: 0xc0000005 Fault offset: 0x06e9dcdc Faulting
process id: 0xfc8 Faulting application start time: 0x01cebcd34c17eade Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: SPEEDD~1.DLL Report Id: 4a1afdda-28d6-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 3:51:05 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: GTAIV.exe, version: 1.0.7.0, time stamp:
0x4bd9efbe Faulting module name: GTAIV.exe, version: 1.0.7.0, time stamp: 0x4bd9efbe
Exception
code: 0xc0000005 Fault offset: 0x005c5240 Faulting process id: 0x1040 Faulting application
start time: 0x01cebce31c8e34b0 Faulting application path: D:\Dula na ta!\Grand Theft
Auto IV\GTAIV.exe Faulting module path: D:\Dula na ta!\Grand Theft Auto IV\GTAIV.exe
Report
Id: e49777da-28db-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 7:40:25 AM | Computer Name = Datavision | Source = Windows Backup | ID = 4104
Description =

Error - 9/29/2013 8:05:25 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4,
time stamp: 0x4f97642d Faulting module name: WebKit.dll, version: 7534.57.2.4, time
stamp: 0x4f976417 Exception code: 0xc0000005 Fault offset: 0x000c7f63 Faulting process
id: 0x1218 Faulting application start time: 0x01cebd07a9bb72b4 Faulting application
path: C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting
module path: C:\Program Files\Safari\Apple Application Support\WebKit.dll Report
Id: 6bc37a08-28ff-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 9:07:28 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Safari.exe, version: 5.34.57.2, time stamp:
0x4f982b5e Faulting module name: JavaScriptCore.dll, version: 7534.57.3.3, time
stamp: 0x4f973ed0 Exception code: 0xc0000005 Fault offset: 0x000d913c Faulting process
id: 0x5c0 Faulting application start time: 0x01cebd14c8c17872 Faulting application
path: C:\Program Files\Safari\Safari.exe Faulting module path: C:\Program Files\Safari\Apple
Application Support\JavaScriptCore.dll Report Id: 17369151-2908-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 9:30:11 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Safari.exe, version: 5.34.57.2, time stamp:
0x4f982b5e Faulting module name: JavaScriptCore.dll, version: 7534.57.3.3, time
stamp: 0x4f973ed0 Exception code: 0xc0000005 Fault offset: 0x000d913c Faulting process
id: 0x1544 Faulting application start time: 0x01cebd17ba8c27e0 Faulting application
path: C:\Program Files\Safari\Safari.exe Faulting module path: C:\Program Files\Safari\Apple
Application Support\JavaScriptCore.dll Report Id: 43ad91a8-290b-11e3-99a3-5404a6cbb8e5

Error - 9/30/2013 6:09:58 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4,
time stamp: 0x4f97642d Faulting module name: WebKit.dll, version: 7534.57.2.4, time
stamp: 0x4f976417 Exception code: 0xc0000005 Fault offset: 0x000c7f63 Faulting process
id: 0x4d4 Faulting application start time: 0x01cebdbace6a8a34 Faulting application
path: C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting
module path: C:\Program Files\Safari\Apple Application Support\WebKit.dll Report
Id: 759a8366-29b8-11e3-84a0-5404a6cbb8e5

[ System Events ]
Error - 9/30/2013 6:32:50 AM | Computer Name = Datavision | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:31:40 PM on ?9/?30/?2013 was unexpected.

Error - 9/30/2013 6:34:47 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 9/30/2013 6:41:34 AM | Computer Name = Datavision | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 9/30/2013 6:49:46 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/30/2013 8:51:24 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/30/2013 8:53:41 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Computer
Backup (MyPC Backup) service to connect.

Error - 9/30/2013 8:53:41 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7000
Description = The Computer Backup (MyPC Backup) service failed to start due to the
following error: %%1053

Error - 9/30/2013 8:54:27 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Update
lucky leap service to connect.

Error - 9/30/2013 8:54:27 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7000
Description = The Update lucky leap service failed to start due to the following
error: %%1053

Error - 9/30/2013 8:54:53 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).


< End of report >
  • 0

#3
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi :)

:welcome:

My name is Valinorum and I will be your helper today. Before we proceed, please, acknowledge yourself the following(s):

  • Please do not create any new threads on this while we are working on your system, as it wastes another volunteer's time.
  • Please do not install any new software while we are working on this system,as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malwares infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. do not keep going on.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you. Take is as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face. :)
  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Can you please post the main OTL log as well? Thanks. :)
  • 0

#5
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
the first one is the OTL.txt

and this one is the extra.txt



OTL Extras logfile created on: 9/30/2013 9:00:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.58% Memory free
4.00 Gb Paging File | 2.94 Gb Available in Paging File | 73.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 6.71 Gb Free Space | 13.78% Space Free | Partition Type: NTFS
Drive D: | 100.21 Gb Total Space | 5.20 Gb Free Space | 5.19% Space Free | Partition Type: NTFS

Computer Name: DATAVISION | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{560FAF95-FAA0-4CE7-BF32-2E6BDE1EDB12}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A7C68D0A-35B5-4C7C-972A-02EC581DAAFE}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00616D94-39BF-4181-8B6F-02B3CC56D9DB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{04B49AF6-B14C-4C2E-B6DD-92E0DBDF692F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1EB4CF7F-B282-4DD4-A16C-C6A2ED23AB9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38F05A96-BD0D-4443-BA72-763A6FEEE8CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5F2D66D4-10AF-425D-A330-918F49FE9835}" = protocol=6 | dir=in | app=d:\dula na ta!\grand theft auto iv\launchgtaiv.exe |
"{6D5BFD9B-3C1B-44E2-826D-38D549CE98D7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78A644ED-2D8A-4231-9629-AC1044A296F3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7D43C27D-F961-4B84-B5A8-0909408F88C1}" = protocol=17 | dir=in | app=d:\dula na ta!\grand theft auto iv\launchgtaiv.exe |
"{8738FDC8-3133-4D33-BF74-558B51787177}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8BBDCDB8-5797-4FE8-B57F-2039DE284537}" = protocol=17 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe |
"{EB4F658E-2C13-47B3-9503-C19D335CBDB4}" = protocol=6 | dir=in | app=c:\users\user\appdata\roaming\bittorrent\bittorrent.exe |
"{F45D7E47-D301-4468-89EF-516127E4629C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{FD6751F9-3086-4AFB-8756-D3C98530A2F0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{3B6F9310-2466-4A9F-AB79-F780D21C1802}D:\dula na ta!\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\dula na ta!\grand theft auto iv\gtaiv.exe |
"TCP Query User{6B9C8754-BB89-4F16-9D93-00EE8E9CE5D3}D:\dula na ta!\ubisoft\rayman origins\rayman origins.exe" = protocol=6 | dir=in | app=d:\dula na ta!\ubisoft\rayman origins\rayman origins.exe |
"TCP Query User{78763035-CAF2-45CC-90EA-F4CA33859E5A}D:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe" = protocol=6 | dir=in | app=d:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe |
"TCP Query User{99FE9D89-E20F-4326-ACD9-567FEB8D1BD5}D:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=d:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{F7D5C2BB-E279-4E12-9292-7C5DA354BEC7}D:\dula na ta!\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=d:\dula na ta!\prototype 2\prototype2.exe |
"UDP Query User{0B70C66F-9470-4C2A-8DD9-F4D3D00DE12C}D:\dula na ta!\ubisoft\rayman origins\rayman origins.exe" = protocol=17 | dir=in | app=d:\dula na ta!\ubisoft\rayman origins\rayman origins.exe |
"UDP Query User{3775E6CD-1754-4D5A-9CE3-3DEB3AE2E9CF}D:\dula na ta!\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\dula na ta!\grand theft auto iv\gtaiv.exe |
"UDP Query User{709BF507-FB90-430C-ACD5-0C46C2414004}D:\dula na ta!\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=d:\dula na ta!\prototype 2\prototype2.exe |
"UDP Query User{83AB753E-80A9-40B6-910E-D0D2CFED6DCB}D:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe" = protocol=17 | dir=in | app=d:\dula na ta!\arkham city\batman arkham city\binaries\win32\batmanac.exe |
"UDP Query User{F46947A4-E3B0-4796-913D-7C9925452A1A}D:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=d:\dula na ta!\ac2\assassin's creed ii\assassinscreediigame.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07043840-959A-4B0D-8825-2C533F0DDB19}" = Microsoft Math
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09041881-2C94-4A67-8E55-8483C019C7D2}" = Microsoft Student with Encarta Premium 2009
"{0DCD0704-E2AB-4e97-96A7-90F146BD8243}" = Content Manager Assistant for PlayStation®
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B971160-CA64-4DBE-AF03-296F99EFEF48}" = Vtools Toolbar v7.9
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{58597FDC-CDF0-4760-A57C-250DF09F4A21}" = Adobe Shockwave Player 12.0
"{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}" = Microsoft Games for Windows Marketplace
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}" = Learning Essentials for Microsoft Office
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}" = Rayman Origins
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE}" = Microsoft Student 2007 for Learning Essentials
"AccelerateTab_is1" = AccelerateTab
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"avast" = avast! Free Antivirus
"Bully. Scholarship Edition_R.G. Mechanics_is1" = Bully. Scholarship Edition
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"GTA IV Vehicle Mod Installer v1.5_is1" = GTA IV Vehicle Mod Installer v1.5
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.8.5
"lucky leap" = lucky leap 1.0.0
"metaCrawler" = metaCrawler
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyPC Backup" = MyPC Backup
"MySSID_is1" = Vtune 7.13
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter
"Razer Game Booster_is1" = Razer Game Booster
"USB Disk Security_is1" = USB Disk Security
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 7.94
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/29/2013 1:04:40 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: GTAIV.exe, version: 1.0.7.0, time stamp:
0x4bd9efbe Faulting module name: GTAIV.exe, version: 1.0.7.0, time stamp: 0x4bd9efbe
Exception
code: 0xc0000005 Fault offset: 0x001a9346 Faulting process id: 0x14f4 Faulting application
start time: 0x01cebcd1640327a2 Faulting application path: D:\Dula na ta!\Grand Theft
Auto IV\GTAIV.exe Faulting module path: D:\Dula na ta!\Grand Theft Auto IV\GTAIV.exe
Report
Id: a4908ce6-28c4-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 1:18:08 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SPEEDD~1.DLL_unloaded, version: 0.0.0.0,
time stamp: 0x52380f91 Exception code: 0xc0000005 Fault offset: 0x0703dcdc Faulting
process id: 0x714 Faulting application start time: 0x01cebcc0e1a1744a Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: SPEEDD~1.DLL Report Id: 862f5e6f-28c6-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 3:10:52 AM | Computer Name = Datavision | Source = Application Hang | ID = 1002
Description = The program GTAIV.exe version 1.0.7.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 7bc Start Time:
01cebce2c9911b66 Termination Time: 72 Application Path: D:\Dula na ta!\Grand Theft
Auto IV\GTAIV.exe Report Id:

Error - 9/29/2013 3:10:59 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SPEEDD~1.DLL_unloaded, version: 0.0.0.0,
time stamp: 0x52380f91 Exception code: 0xc0000005 Fault offset: 0x06e9dcdc Faulting
process id: 0xfc8 Faulting application start time: 0x01cebcd34c17eade Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: SPEEDD~1.DLL Report Id: 4a1afdda-28d6-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 3:51:05 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: GTAIV.exe, version: 1.0.7.0, time stamp:
0x4bd9efbe Faulting module name: GTAIV.exe, version: 1.0.7.0, time stamp: 0x4bd9efbe
Exception
code: 0xc0000005 Fault offset: 0x005c5240 Faulting process id: 0x1040 Faulting application
start time: 0x01cebce31c8e34b0 Faulting application path: D:\Dula na ta!\Grand Theft
Auto IV\GTAIV.exe Faulting module path: D:\Dula na ta!\Grand Theft Auto IV\GTAIV.exe
Report
Id: e49777da-28db-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 7:40:25 AM | Computer Name = Datavision | Source = Windows Backup | ID = 4104
Description =

Error - 9/29/2013 8:05:25 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4,
time stamp: 0x4f97642d Faulting module name: WebKit.dll, version: 7534.57.2.4, time
stamp: 0x4f976417 Exception code: 0xc0000005 Fault offset: 0x000c7f63 Faulting process
id: 0x1218 Faulting application start time: 0x01cebd07a9bb72b4 Faulting application
path: C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting
module path: C:\Program Files\Safari\Apple Application Support\WebKit.dll Report
Id: 6bc37a08-28ff-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 9:07:28 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Safari.exe, version: 5.34.57.2, time stamp:
0x4f982b5e Faulting module name: JavaScriptCore.dll, version: 7534.57.3.3, time
stamp: 0x4f973ed0 Exception code: 0xc0000005 Fault offset: 0x000d913c Faulting process
id: 0x5c0 Faulting application start time: 0x01cebd14c8c17872 Faulting application
path: C:\Program Files\Safari\Safari.exe Faulting module path: C:\Program Files\Safari\Apple
Application Support\JavaScriptCore.dll Report Id: 17369151-2908-11e3-99a3-5404a6cbb8e5

Error - 9/29/2013 9:30:11 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: Safari.exe, version: 5.34.57.2, time stamp:
0x4f982b5e Faulting module name: JavaScriptCore.dll, version: 7534.57.3.3, time
stamp: 0x4f973ed0 Exception code: 0xc0000005 Fault offset: 0x000d913c Faulting process
id: 0x1544 Faulting application start time: 0x01cebd17ba8c27e0 Faulting application
path: C:\Program Files\Safari\Safari.exe Faulting module path: C:\Program Files\Safari\Apple
Application Support\JavaScriptCore.dll Report Id: 43ad91a8-290b-11e3-99a3-5404a6cbb8e5

Error - 9/30/2013 6:09:58 AM | Computer Name = Datavision | Source = Application Error | ID = 1000
Description = Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4,
time stamp: 0x4f97642d Faulting module name: WebKit.dll, version: 7534.57.2.4, time
stamp: 0x4f976417 Exception code: 0xc0000005 Fault offset: 0x000c7f63 Faulting process
id: 0x4d4 Faulting application start time: 0x01cebdbace6a8a34 Faulting application
path: C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe Faulting
module path: C:\Program Files\Safari\Apple Application Support\WebKit.dll Report
Id: 759a8366-29b8-11e3-84a0-5404a6cbb8e5

[ System Events ]
Error - 9/30/2013 6:32:50 AM | Computer Name = Datavision | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:31:40 PM on ?9/?30/?2013 was unexpected.

Error - 9/30/2013 6:34:47 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 9/30/2013 6:41:34 AM | Computer Name = Datavision | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 9/30/2013 6:49:46 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 9/30/2013 8:51:24 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/30/2013 8:53:41 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Computer
Backup (MyPC Backup) service to connect.

Error - 9/30/2013 8:53:41 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7000
Description = The Computer Backup (MyPC Backup) service failed to start due to the
following error: %%1053

Error - 9/30/2013 8:54:27 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Update
lucky leap service to connect.

Error - 9/30/2013 8:54:27 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7000
Description = The Update lucky leap service failed to start due to the following
error: %%1053

Error - 9/30/2013 8:54:53 AM | Computer Name = Datavision | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).


< End of report >
  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
You posted Extras.txt both time. :confused: I also need the OTL.txt :happy:

If you are unsure then follow this step.

  • Step #1 Scan with OTL
  • Please download OldTimer's Listit from one of the following locations and save it to your Desktop.
    Download Link 1
    Download Link 2
    Downlaod LInk 3
  • Copy and Paste the following code inside the Custom Scans/Fixes box;
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button;
  • After the scan a log will be produced;
  • Copy and paste the content of the logs in your next reply

  • Required Log(s):
  • OTL.txt;

Regards,
Valinorum
  • 0

#7
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
im so sorry


i think it is this one



OTL logfile created on: 9/30/2013 9:00:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.58% Memory free
4.00 Gb Paging File | 2.94 Gb Available in Paging File | 73.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.73 Gb Total Space | 6.71 Gb Free Space | 13.78% Space Free | Partition Type: NTFS
Drive D: | 100.21 Gb Total Space | 5.20 Gb Free Space | 5.19% Space Free | Partition Type: NTFS

Computer Name: DATAVISION | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/30 21:00:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2013/09/22 22:35:48 | 000,037,048 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2013/09/20 06:45:18 | 001,953,320 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2013/09/19 20:19:18 | 001,365,312 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/09/19 20:16:38 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2013/09/18 12:51:02 | 000,106,472 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
PRC - [2013/09/16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/08/30 19:29:49 | 001,127,000 | ---- | M] (BitTorrent Inc.) -- C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
PRC - [2013/06/21 17:52:52 | 000,875,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2013/06/21 17:52:51 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/06/18 15:58:10 | 000,526,248 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files\Sony\Content Manager Assistant\CMAWatcher.exe
PRC - [2013/06/18 15:58:08 | 003,505,048 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files\Sony\Content Manager Assistant\CMA.exe
PRC - [2013/05/16 22:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/05/16 22:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/05/16 22:38:28 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/05/11 18:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 16:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 16:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/19 22:46:12 | 006,155,336 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
PRC - [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2012/04/24 20:18:16 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
PRC - [2011/05/30 09:21:42 | 000,623,520 | ---- | M] (Zbshareware Lab) -- C:\Program Files\USB Disk Security\USBGuard.exe
PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 20:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/02 10:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2008/06/04 02:05:37 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE


========== Modules (No Company Name) ==========

MOD - [2013/09/22 22:35:48 | 000,037,048 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2013/09/22 22:35:46 | 000,619,192 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2013/09/22 22:31:58 | 000,053,248 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WebParser.dll
MOD - [2013/09/22 22:31:54 | 000,023,040 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.dll
MOD - [2013/09/22 22:31:50 | 000,020,480 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\WifiStatus.dll
MOD - [2013/09/22 22:31:30 | 000,010,752 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
MOD - [2013/09/22 22:31:22 | 000,020,992 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
MOD - [2013/09/22 22:30:28 | 000,010,240 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\PowerPlugin.dll
MOD - [2013/09/22 22:30:00 | 000,024,064 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\iTunesPlugin.dll
MOD - [2013/09/20 06:37:30 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2013/09/20 06:32:28 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2013/09/12 18:57:03 | 016,177,544 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013/09/04 17:23:19 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2013/09/04 17:22:51 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\887ef2648686aad19feff405eddbffd2\System.EnterpriseServices.ni.dll
MOD - [2013/09/04 17:22:49 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\System.Transactions.ni.dll
MOD - [2013/09/04 17:22:47 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\6e920adca916e193d1a8f690902db139\System.Data.ni.dll
MOD - [2013/09/04 17:22:30 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2013/09/04 17:22:07 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2013/09/04 17:22:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2013/09/04 17:22:01 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2013/09/04 17:21:02 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2012/05/25 04:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/04/24 20:18:24 | 000,087,912 | ---- | M] () -- C:\Program Files\Safari\Apple Application Support\zlib1.dll
MOD - [2012/04/24 20:18:06 | 001,242,472 | ---- | M] () -- C:\Program Files\Safari\Apple Application Support\libxml2.dll
MOD - [2010/11/05 09:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/09/02 10:59:16 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [2009/06/11 05:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2008/06/04 02:06:14 | 000,351,000 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\MSENCXML.DLL
MOD - [2008/06/04 02:06:14 | 000,269,080 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\ERSREGPR.DLL
MOD - [2008/06/04 02:06:14 | 000,228,120 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\MSENCDAT.DLL
MOD - [2008/06/04 02:06:14 | 000,178,968 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Reference 2009\ENCCONT.DLL
MOD - [2008/06/04 02:05:37 | 000,068,376 | ---- | M] () -- C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICTEIT.EBK
MOD - [1998/10/31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL


========== Services (SafeList) ==========

SRV - [2013/09/28 12:34:24 | 000,206,624 | ---- | M] (lucky leap) [Auto | Stopped] -- C:\Program Files\lucky leap\updateluckyleap.exe -- (Update lucky leap)
SRV - [2013/09/20 22:56:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/20 06:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/09/19 20:16:38 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/09/18 12:51:02 | 000,106,472 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2013/09/17 16:18:00 | 002,478,928 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2013/09/16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/07 19:00:19 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/02 20:58:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/07/09 09:36:54 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/06/21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/16 22:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/11 18:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/09 16:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 09:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/08/18 01:01:19 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013/08/16 18:06:45 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/16 18:06:45 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/16 18:06:45 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/06/21 20:02:43 | 009,069,344 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/05/09 16:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/05/09 16:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 16:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 16:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 16:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/03/04 12:42:06 | 000,108,624 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2012/12/04 09:21:12 | 000,016,440 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2011/05/18 17:49:32 | 000,054,784 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GeneStor.sys -- (GeneStor)
DRV - [2010/11/20 18:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2009/07/16 18:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/14 07:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2007/03/16 10:11:38 | 000,012,256 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-...121134&tsp=5012
IE - HKCU\..\URLSearchHook: {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files\Vtools Toolbar\IE\7.9\vtoolsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{09D79313-3069-42DD-83A3-F6EA5D0DF23B}: "URL" = http://ph.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://mixidj.delta-...121134&tsp=5012
IE - HKCU\..\SearchScopes\{1006A95B-A573-4A3C-9E07-40FCFA7944DF}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "http://mixidj.delta-...21134&tsp=5012"
FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.6
FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.4.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/08/16 18:06:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/07/16 11:51:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2013/09/29 20:53:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions
[2013/09/21 17:18:35 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
[2013/09/21 13:10:31 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
[2013/08/17 22:32:08 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
[2013/08/17 17:52:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profileswad9qqli.default\extensions
[2013/08/17 17:52:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profileswad9qqli.default\extensions\staged
[2013/09/07 17:27:33 | 000,037,942 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
[2013/09/21 17:17:35 | 002,196,860 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
[2013/09/28 12:34:24 | 000,007,295 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
[2013/09/21 13:11:37 | 000,001,305 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\searchplugins\mixidj.xml
[2013/09/21 13:11:30 | 000,000,911 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\searchplugins\yahoo_ff.xml
[2013/09/07 19:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/09/07 19:00:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/07 19:00:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/09/30 18:35:34 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files\Vtools Toolbar\IE\7.9\vtoolsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files\Vtools Toolbar\IE\7.9\vtoolsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab)
O4 - HKCU..\Run: [BitTorrent] C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [L09AXLRD_6560107] C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF09C0F1-C128-474E-896A-7FB36E546CBF}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/09/21 13:54:21 | 000,000,150 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/30 19:40:00 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/09/30 18:31:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/09/30 18:31:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
[2013/09/30 18:18:50 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/09/29 20:53:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Wise Disk Cleaner
[2013/09/29 20:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\lucky leap
[2013/09/29 20:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
[2013/09/29 20:53:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2013/09/29 20:52:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2013/09/29 20:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/09/29 11:28:12 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Rainmeter
[2013/09/29 11:28:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Rainmeter
[2013/09/29 11:28:06 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2013/09/29 11:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/09/27 13:23:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2013/09/27 11:39:34 | 000,000,000 | RH-D | C] -- C:\Users\User\AppData\Roaming\SecuROM
[2013/09/27 10:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA IV Vehicle Mod Installer
[2013/09/27 10:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\GTA IV Vehicle Mod Installer
[2013/09/27 09:05:52 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2013/09/26 18:00:43 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Rockstar Games
[2013/09/26 17:56:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Rockstar Games
[2013/09/26 17:49:50 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013/09/26 17:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2013/09/24 21:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/09/24 21:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/09/24 21:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/09/21 13:58:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Apple Computer
[2013/09/21 13:58:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple Computer
[2013/09/21 13:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013/09/21 13:55:13 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2013/09/21 13:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2013/09/21 13:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/09/21 13:36:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple
[2013/09/21 13:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013/09/21 13:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/09/21 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Razer
[2013/09/21 13:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2013/09/21 13:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Vtools Toolbar
[2013/09/21 13:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2013/09/21 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Vtools
[2013/09/21 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Razer
[2013/09/21 13:11:19 | 000,000,000 | ---D | C] -- C:\Program Files\Vtools
[2013/09/21 13:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2013/09/21 13:10:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Babylon
[2013/09/21 13:10:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/09/21 13:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/09/21 13:10:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\IObit
[2013/09/21 13:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\Secure Speed Dial
[2013/09/20 21:11:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Urban Trial Freestyle
[2013/09/20 21:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\Tate Multimedia
[2013/09/20 19:59:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Sony Corporation
[2013/09/20 19:59:28 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\PS Vita
[2013/09/20 19:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013/09/20 16:40:42 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\NFS SHIFT
[2013/09/20 15:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\NFS SHIFT
[2013/09/16 21:28:28 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Bully Scholarship Edition
[2013/09/16 21:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2013/09/16 21:27:33 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Bully. Scholarship Edition
[2013/09/16 21:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Bully
[2013/09/15 17:54:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Criterion Games
[2013/09/15 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Ubisoft
[2013/09/15 11:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2013/09/15 11:33:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2013/09/14 10:05:18 | 000,000,000 | ---D | C] -- C:\ATI
[2013/09/13 20:56:55 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\NBA Live 2003
[2013/09/13 20:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\EA SPORTS
[2013/09/13 18:41:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Need for Speed World
[2013/09/12 21:14:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Electronic_Arts_Inc
[2013/09/12 19:08:31 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Square Enix
[2013/09/07 19:00:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/09/07 17:27:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Macromedia
[2013/09/05 21:12:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\NVIDIA
[2013/09/05 21:11:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\2K Games
[2013/09/05 21:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2013/09/04 18:15:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\NVIDIA
[2013/09/04 18:06:55 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Arkham City Cutscenes
[2013/09/03 21:55:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2013/09/03 21:54:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2013/09/03 19:20:48 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2013/09/03 18:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013/09/03 18:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/09/03 18:05:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2013/09/02 21:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2013/09/01 16:49:33 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Games for Windows - LIVE Demos
[2013/08/31 22:33:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2013/08/31 22:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2013/08/31 22:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2013/08/31 21:57:17 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\WB Games
[2013/08/31 21:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman Arkham City
[2013/08/31 21:07:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx

========== Files - Modified Within 30 Days ==========

[2013/09/30 21:01:59 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/30 21:01:59 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/30 20:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/30 20:53:17 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/30 20:53:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/30 20:52:57 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/30 20:19:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/30 18:35:34 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/09/30 16:04:19 | 000,660,618 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/09/30 16:04:19 | 000,121,016 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/09/30 15:24:17 | 000,002,231 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/09/30 15:24:02 | 001,786,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/29 20:52:30 | 000,001,061 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/09/29 20:24:07 | 000,129,088 | ---- | M] () -- C:\Users\User\Documents\BACKUP.reg
[2013/09/29 11:28:07 | 000,001,889 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2013/09/26 17:49:50 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2013/09/21 13:39:01 | 000,002,503 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013/09/20 19:51:50 | 000,002,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
[2013/09/19 18:22:09 | 000,003,280 | ---- | M] () -- C:\bootsqm.dat
[2013/09/18 14:24:12 | 000,268,968 | ---- | M] () -- C:\Windows\System32\sqlite3.dll
[2013/09/13 20:54:00 | 000,000,513 | ---- | M] () -- C:\Windows\eReg.dat
[2013/09/12 19:56:35 | 000,000,258 | RHS- | M] () -- C:\Users\User\ntuser.pol
[2013/09/04 17:19:41 | 000,001,413 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/09/03 21:48:49 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

========== Files Created - No Company Name ==========

[2013/09/30 15:23:45 | 001,786,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/09/29 20:52:30 | 000,001,061 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[2013/09/29 20:23:50 | 000,129,088 | ---- | C] () -- C:\Users\User\Documents\BACKUP.reg
[2013/09/29 20:06:27 | 000,002,231 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/09/29 20:02:21 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/29 20:02:12 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/29 11:28:07 | 000,001,889 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
[2013/09/29 11:28:07 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
[2013/09/21 13:39:01 | 000,002,503 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013/09/21 13:39:01 | 000,002,491 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2013/09/21 13:36:29 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/09/21 13:10:23 | 000,268,968 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2013/09/20 19:51:51 | 000,001,272 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Manager Assistant for PlayStation®.lnk
[2013/09/20 19:51:50 | 000,002,114 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
[2013/09/19 18:22:09 | 000,003,280 | ---- | C] () -- C:\bootsqm.dat
[2013/09/13 20:54:00 | 000,000,513 | ---- | C] () -- C:\Windows\eReg.dat
[2013/09/04 17:19:41 | 000,001,419 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/09/03 21:48:49 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/09/03 19:24:17 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2013/09/03 19:19:41 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2013/09/03 19:18:58 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2013/09/03 18:29:09 | 000,016,437 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2013/09/02 21:11:21 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/09/02 21:10:15 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/09/01 16:49:05 | 000,001,344 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2013/08/18 00:42:43 | 000,000,258 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2013/08/17 17:53:02 | 000,413,977 | ---- | C] () -- C:\Users\User\AppData\Local\metacrawler_speedial_v9.0.2.crx
[2013/08/16 18:06:45 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/08/16 18:06:45 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/08/16 18:06:45 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/08/16 18:06:32 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/08/16 18:06:31 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/07/25 18:05:50 | 000,003,584 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/09 10:21:07 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013/07/09 10:21:07 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013/07/09 10:21:07 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013/07/09 10:21:06 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013/07/09 10:21:04 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013/07/09 10:12:17 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pxhpinst.exe
[2013/07/09 09:09:14 | 003,155,536 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2013/07/09 09:09:14 | 000,424,769 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013/07/09 09:09:01 | 000,013,216 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== ZeroAccess Check ==========

[2009/07/14 12:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 09:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/07/09 16:53:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\2K Sports
[2013/09/21 13:10:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2013/09/30 21:04:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BitTorrent
[2013/09/16 21:27:33 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Bully. Scholarship Edition
[2013/09/29 20:12:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2013/09/30 18:31:01 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DefaultTab
[2013/09/21 13:10:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IObit
[2013/08/17 17:53:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MetaCrawler
[2013/09/13 18:41:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Need for Speed World
[2013/08/18 00:44:38 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PowerISO
[2013/09/29 11:28:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Rainmeter
[2013/08/17 17:51:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SimilarSites
[2013/09/15 11:34:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ubisoft
[2013/08/25 15:37:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unity
[2013/08/29 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2013/09/21 13:11:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vtools
[2013/07/23 11:33:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wildfire
[2013/09/29 21:06:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Disk Cleaner
[2013/07/09 10:38:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Zbshareware Lab

========== Purity Check ==========



< End of report >
  • 0

#8
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi Swipernoswiping, :)

  • Step #1 P2P warning:

    **IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.
  • BitTorrent
I shall provide you with a few reference links, please read them up to know the risks of having a P2P program.

Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P file-sharing as a major conduit to spread their wares.

My recommendation is that you uninstall the programs listed above.

If you choose not to remove them, please do not use them until this computer is clean.
  • Step #2 Cracks, Cheats and Keygen
    We do not condone the use of Cracks, Cheats, Keygen and also other warez contents. To have our assistance, please remove the following program.
  • Cheat Engine 6.2_is1

  • Step #3 Uninstall List
    I want you to uninstall the following program(s) listed below due to poor reputation we receive about them. To uninstall a program, go to Start > Control Panel > Uninstall a program or Start > Control Panel > Programs and Features. Wait for the list to fill up and double-click on the items I have listed below and follow the on-screen instruction to remove/uninstall them.
  • AccelerateTab_is1
  • lucky leap
  • metaCrawler
  • MyPC Backup
  • MySSID_is1
  • Wise Disk Cleaner_is1

  • Step #4 windirstat scan
  • Please download windirstat from here.
  • Right click on it and Run as Administrator;
  • Install and run the program;
  • Choose All local drives from the prompt;
  • Wait for the scan to finish;
  • Now check your D:\ and check which folder/file is taking up the spaces;
  • Report me back.

Regards,
Valinorum
  • 0

#9
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
the heaviest folder is of course the folder that I have my games in but then I was surprised when I saw that the backup file that the technicians who repaired this was 26. 3 gb but when I check its properties it says it is 0 BYTES


so should I delete that backup file

and how?


the name of that file is DATAVISION
  • 0

#10
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi Swipernoswiping, :)

the heaviest folder is of course the folder that I have my games

No wonder,my little brother is a hardcore gamer too. :lol:

Can you answer some questions before I can tell if removing the backup is okay or not? :)

  • I saw that the backup file that the technicians who repaired this was 26. 3 gb

    What did he repair?
  • Did he tell you anything about the contents of the backup?
  • Can you tell me the file extension of the backup file
  • Last, did you perform all other steps?

Regards,
Valinorum
  • 0

Advertisements


#11
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
It was when I haven't used this PC for 4 months because it was summer and I didn't stay at home so when I returned home, my PC cannot turn on

No, he didn't tell me anything

I looked at the zip files and it contains some savegames savedatas and also program files that I have installed after they repaired this PC


Yeah, but I couldn't delete the MYSSID_is1 because I can find it
  • 0

#12
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
because I can't find it
  • 0

#13
Swipernoswiping

Swipernoswiping

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
should I delete it?
  • 0

#14
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi Swipernoswiping, :)

I have planned a fix for your problem but since I am still a trainee here it is required that my fix need to be checked by my teacher before I can post them to you. It is done so that we may prevent unforeseen error from my part and you have the benefit of having an extra pair of eyes inspecting your issue. :happy:

Please, bear with me. I will return to you shortly.

Regards,
Valinorum
  • 0

#15
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi Swipernoswiping, :)

I looked at the zip files and it contains some savegames savedatas and also program files that I have installed after they repaired this PC

It looks like the backup file contains old save files and old program files from the time before your technician repaired your PC. Do check in the zip folder for any required save data or files you wish to keep. Program files would not need the backup as they are created in C:\Program Files by default unless you create a custom file path. Other than that, you can remove the file.

  • Step #1 Fix with Junkware Removal Tool:
    Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

  • Step #2 Fix with OTL:
  • Re-run OTL;
  • Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').

    :Commands
    [CreateRestorePoint]

    :OTL
    MOD - [2013/09/20 06:37:30 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
    MOD - [2013/09/20 06:32:28 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
    SRV - [2013/09/28 12:34:24 | 000,206,624 | ---- | M] (lucky leap) [Auto | Stopped] -- C:\Program Files\lucky leap\updateluckyleap.exe -- (Update lucky leap)
    SRV - [2013/09/20 06:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-...121134&tsp=5012
    IE - HKCU\..\URLSearchHook: {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files\Vtools Toolbar\IE\7.9\vtoolsToolbarIE.dll (Spigot, Inc.)
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://mixidj.delta-...121134&tsp=5012
    IE - HKCU\..\SearchScopes\{1006A95B-A573-4A3C-9E07-40FCFA7944DF}: "URL" = http://www.mysearchr...q={searchTerms}
    FF - prefs.js..browser.startup.homepage: "http://mixidj.delta-...21134&tsp=5012"
    FF - prefs.js..extensions.enabledAddons: WebSiteRecommendation%40weliketheweb.com:1.0.6
    FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.4.0
    [2013/08/17 22:32:08 | 000,000,000 | ---D | M] ("WebSite Recommendation") -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
    [2013/09/28 12:34:24 | 000,007,295 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\extensions\[email protected]
    [2013/09/21 13:11:37 | 000,001,305 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wad9qqli.default\searchplugins\mixidj.xml
    O2 - BHO: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files\Vtools Toolbar\IE\7.9\vtoolsToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (Vtools Toolbar) - {5BFEFF94-6411-4B74-A947-4969134B24DE} - C:\Program Files\Vtools Toolbar\IE\7.9\vtoolsToolbarIE.dll (Spigot, Inc.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKCU..\Run: [BitTorrent] C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
    O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
    [2013/09/29 20:53:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Wise Disk Cleaner
    [2013/09/29 20:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\lucky leap
    [2013/09/29 20:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
    [2013/09/29 20:53:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
    [2013/09/29 20:52:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    [2013/09/21 13:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Vtools Toolbar
    [2013/09/21 13:11:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Vtools
    [2013/09/21 13:10:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Babylon
    [2013/09/21 13:10:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
    [2013/09/21 13:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
    [2013/09/21 13:10:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\IObit
    [2013/08/17 17:53:02 | 000,413,977 | ---- | C] () -- C:\Users\User\AppData\Local\metacrawler_speedial_v9.0.2.crx
    [2013/08/17 17:53:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MetaCrawler
    [2013/08/29 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent

    :Commands
    [CreateRestorePoint]
    [emptytemp]

  • Click on "Run Fix" and let the program run unhindered;
  • Your PC will reboot automatically and a log will be opened. Post it in your next reply;
  • Re-run OTL and click on Quick Scan;
  • After the scan a log will be open, Post it in your next reply.

 

  • Step #3 Scan with Security Check
    • Download Security Check by screen317 to your Desktop from any of the following location;
    • Link 1
    • Link 2
  • Right click on the program and choose Run as Administrator;
  • After the checking a log will appear;
  • Copy and Paste the content of the log in your next reply.

 

  • Required Log(s):
  • Junkware Removal log;
  • OTL fix log;
  • OTL quick scan log;
  • Security Check log.

Regards,
Valinorum
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP