Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Spyware [Solved]


  • This topic is locked This topic is locked

#16
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
I ran the scan anyway as to not waste any time...however an error message populated regarding my a:drive (don't have an a:drive) door being open?
  • 0

Advertisements


#17
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
heyage13 :thumbsup: you're right, my mistake, sorry.

Run OTL
  • Hit None button.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    C:\Users\Room PC|searchfog;true;true;true /FP
    HKCU\Software|*searchfog* /RS
    HKLM\SYSTEM\CurrentControlSet|*searchfog* /RS
    HKLM\SOFTWARE|*searchfog* /RS

  • Hit Run Scan button.
OTL will take a few minutes to generate a log, please post the result.

Edited by crooleeck, 25 November 2013 - 01:59 AM.

  • 0

#18
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
Every time I now run OTL, the scan always freezes at this point...not sure why or what steps to take. It didn't do this when you originally told me to run OTL a few days ago.

HKEY_CURRENT_USER|SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER
STARTPAGE2\PROGRAMSCACHE...
  • 0

#19
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Don't worry, we can take another tool.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :regfind
    searchfog
    
    :folderfind
    *searchfog*
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • 0

#20
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
please ignore my previous post, as scan was not complete...attached is the log file

Edited by heyage13, 25 November 2013 - 07:39 PM.

  • 0

#21
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts

attached is the log file

I can't see... Please upload again.
  • 0

#22
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
I can't even add the doc as its almost 9000 pages long...I'm thinking of re-formatting my PC and just start rom scratch...would this get rid of all the malware?
  • 0

#23
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Oh, I think we can fix this problem ;)

Try run SystemLook again, but this time only for this script:
:regfind
searchfog

  • 0

#24
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
SystemLook 30.07.11 by jpshortstuff
Log created at 14:52 on 26/11/2013 by Room PC
Administrator - Elevation successful

========== regfind ==========

Searching for "searchfog"
No data found.

-= EOF =-
  • 0

#25
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
OK, there is no loading point this infection in registry. So I need take a look to other areas.


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

Advertisements


#26
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
FRST.TXT:


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-11-2013 01
Ran by Room PC (administrator) on ROOMPC-PC on 26-11-2013 20:01:16
Running from C:\Users\Room PC\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [153672 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1093232 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028384 2013-10-17] (NVIDIA Corporation)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
AppInit_DLLs: C:\Program Files\Citrix\ICA Client\RSHook.dll [ 2012-12-14] (Citrix Systems, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x17B305D91307CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198

Chrome:
=======
CHR RestoreOnStartup: "hxxp://google.com/"
CHR Extension: (Google Docs) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Dark Vibe) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0
CHR Extension: (Personal Trainer) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgohkgndpahjklgpdihieeedjeneoke\1.7_0
CHR Extension: (Planner 5D) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna\1.2.0.4_0
CHR Extension: (Google Wallet) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Pop Art Studio Online) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oompiimecpnflklhlnmdpddcjdmiibkf\1.0.0.0_0
CHR Extension: (Psykopaint) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0
CHR Extension: (Weather Underground) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej\1.6_0
CHR Extension: (World Clocks) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej\5.0_0
CHR Extension: (Gmail) - C:\Users\ROOMPC~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [bhapnjfnhgjijlphlbjbhkjbinbmcmjn] - C:\Users\Room PC\AppData\Local\CRE\bhapnjfnhgjijlphlbjbhkjbinbmcmjn.crx

========================== Services (Whitelisted) =================

S3 jswpsapi; C:\Program Files\D-Link\D-Link RangeBooster N DWA-542\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14650144 2013-10-17] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)
R2 DigiNet; C:\Windows\System32\DRIVERS\diginet.sys [18704 2013-04-17] (Avid Technology, Inc.)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [16768 2011-04-08] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-09-27] (NVIDIA Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [112096 2012-02-09] (Power Software Ltd)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
R3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-26 20:01 - 2013-11-26 20:01 - 00013104 _____ C:\Users\Room PC\Downloads\FRST.txt
2013-11-26 20:00 - 2013-11-26 20:00 - 01091605 _____ (Farbar) C:\Users\Room PC\Downloads\FRST.exe
2013-11-26 20:00 - 2013-11-26 20:00 - 00000000 ____D C:\FRST
2013-11-26 10:01 - 2013-11-26 10:01 - 00000000 _____ C:\Users\Room PC\Desktop\~WRD0004.tmp
2013-11-26 09:48 - 2013-11-26 09:48 - 00000162 ____H C:\Users\Room PC\Desktop\~$stemLook.txt
2013-11-25 20:38 - 2013-11-25 20:38 - 26750546 _____ C:\Users\Room PC\Downloads\SystemLook.txt
2013-11-25 14:55 - 2013-11-26 14:52 - 00000422 _____ C:\Users\Room PC\Desktop\SystemLook.txt
2013-11-25 14:55 - 2013-11-25 14:55 - 00139264 _____ C:\Users\Room PC\Desktop\SystemLook.exe
2013-11-24 17:10 - 2013-11-24 17:10 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Desktop\OTL.exe
2013-11-24 13:17 - 2013-11-26 19:27 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 13:17 - 2013-11-26 13:27 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-24 11:36 - 2013-11-24 11:36 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-24 11:36 - 2013-11-24 11:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-24 11:36 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-24 11:22 - 2013-11-24 11:22 - 00019938 _____ C:\Users\Room PC\Desktop\ESET.txt
2013-11-23 18:08 - 2013-11-23 18:08 - 02347384 _____ (ESET) C:\Users\Room PC\Downloads\esetsmartinstaller_enu.exe
2013-11-23 18:08 - 2013-11-23 18:08 - 00000000 ____D C:\Program Files\ESET
2013-11-23 18:06 - 2013-11-23 18:06 - 00000984 _____ C:\Users\Room PC\Desktop\AdwCleaner[S2].txt
2013-11-23 18:03 - 2013-11-23 18:03 - 01085542 _____ C:\Users\Room PC\Downloads\adwcleaner.exe
2013-11-23 12:20 - 2013-11-23 12:20 - 00000000 ____D C:\Program Files\Vuze
2013-11-23 11:48 - 2013-11-23 11:48 - 00000000 ____D C:\_OTL
2013-11-23 11:46 - 2013-11-23 11:46 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Downloads\OTL (2).exe
2013-11-23 11:42 - 2013-11-23 11:42 - 00001354 _____ C:\Users\Room PC\Desktop\AdwCleaner[R1].txt
2013-11-22 20:15 - 2013-11-22 20:15 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\AVAST Software
2013-11-22 20:14 - 2013-11-22 20:14 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-22 20:11 - 2013-11-23 11:16 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-22 20:11 - 2013-11-22 20:11 - 04733592 _____ (AVAST Software) C:\Users\Room PC\Downloads\avast_free_antivirus_setup_online.exe
2013-11-21 19:45 - 2013-11-21 19:45 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Room PC\Downloads\SpyHunter-Installer.exe
2013-11-21 19:36 - 2013-11-21 19:37 - 05938856 _____ (ParetoLogic, Inc.) C:\Users\Room PC\Downloads\RegCureProSetup.exe
2013-11-21 19:36 - 2013-11-21 19:36 - 00001205 _____ C:\Users\Room PC\Downloads\FixNCR.reg
2013-11-21 19:24 - 2013-11-26 11:30 - 00002642 _____ C:\Windows\setupact.log
2013-11-21 19:24 - 2013-11-26 09:39 - 00307324 _____ C:\Windows\PFRO.log
2013-11-21 19:24 - 2013-11-21 19:24 - 00000000 _____ C:\Windows\setuperr.log
2013-11-21 19:19 - 2013-11-21 19:19 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\eCyber
2013-11-21 19:18 - 2013-11-21 19:18 - 00903832 _____ C:\Users\Room PC\Downloads\yet_another_cleaner.exe
2013-11-21 13:12 - 2013-11-21 13:12 - 04745728 _____ (AVAST Software) C:\Users\Room PC\Downloads\aswMBR.exe
2013-11-21 12:20 - 2013-11-21 12:20 - 00072094 _____ C:\Users\Room PC\Downloads\Extras.Txt
2013-11-21 12:19 - 2013-11-21 12:19 - 00089544 _____ C:\Users\Room PC\Downloads\OTL.Txt
2013-11-21 12:13 - 2013-11-21 12:13 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Downloads\OTL (1).exe
2013-11-21 12:12 - 2013-11-21 12:12 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Downloads\OTL.exe
2013-11-20 17:57 - 2013-11-21 19:30 - 00000000 ____D C:\ProgramData\RegCure
2013-11-18 17:50 - 2013-11-18 17:50 - 00474830 _____ C:\Users\Room PC\Downloads\msvcr110.zip
2013-11-18 17:29 - 2013-11-18 17:29 - 03057885 _____ C:\Users\Room PC\Downloads\vid03.wmv
2013-11-18 17:10 - 2013-11-18 17:10 - 00012661 _____ C:\Users\Room PC\Downloads\[kickass.to]saints.row.iv.crack.only.reloaded.torrent
2013-11-16 13:25 - 2013-11-16 13:25 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\NVIDIA
2013-11-16 13:18 - 2013-11-16 13:18 - 01123608 _____ C:\Users\Room PC\Downloads\SteamSetup.exe
2013-11-16 13:18 - 2013-11-16 13:18 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-11-16 12:49 - 2013-11-16 12:49 - 00055624 _____ C:\Users\Room PC\Downloads\steam_api.zip
2013-11-16 12:48 - 2013-11-16 12:49 - 04241280 _____ (Dll-Files.com ) C:\Users\Room PC\Downloads\dffsetup-steam_api.exe
2013-11-13 23:52 - 2013-10-12 02:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 23:52 - 2013-10-12 02:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 23:52 - 2013-10-12 02:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 23:52 - 2013-10-12 02:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 23:52 - 2013-10-12 02:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 23:52 - 2013-10-12 01:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 23:51 - 2013-10-12 02:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 23:51 - 2013-10-12 02:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 23:51 - 2013-10-12 02:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 23:51 - 2013-10-12 02:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 23:51 - 2013-10-12 02:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 23:51 - 2013-10-12 02:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 23:51 - 2013-10-12 02:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 23:51 - 2013-10-12 02:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 23:51 - 2013-10-12 02:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 23:51 - 2013-10-12 00:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 17:28 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 17:28 - 2013-10-11 21:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 17:28 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 17:28 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 17:28 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 17:28 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 17:28 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 17:28 - 2013-10-02 20:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 17:28 - 2013-09-24 21:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 17:28 - 2013-09-24 21:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 17:28 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 17:28 - 2013-09-24 20:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 17:28 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 17:28 - 2013-09-24 20:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 17:28 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 17:28 - 2013-09-24 19:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 17:28 - 2013-09-24 19:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 17:28 - 2013-07-04 07:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 16:36 - 2013-11-11 16:36 - 03740128 _____ (foobar2000.org) C:\Users\Room PC\Downloads\foobar2000_v1.2.9.exe
2013-11-11 16:08 - 2013-11-11 16:08 - 00019342 _____ C:\Users\Room PC\Downloads\Pink_Floyd-A_Saucerful_Of_Secrets-Remastered-CD-FLAC-2011-PERFECT.torrent
2013-11-09 20:20 - 2013-11-09 20:20 - 00006411 _____ C:\Users\Room PC\Downloads\The.Wolverine.2013.EXTENDED.BDRip.x264-GloRG.torrent
2013-11-03 23:23 - 2013-10-23 05:24 - 00053024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 22933792 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 15855568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 15212336 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 10410272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-11-03 23:22 - 2013-10-23 05:24 - 09524088 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 09480328 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 02946848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 02747168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 02695200 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 01241376 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233165.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233165.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 00599840 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 00560416 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2013-11-03 23:22 - 2013-10-23 05:24 - 00018174 _____ C:\Windows\system32\nvinfo.pb
2013-11-03 23:22 - 2013-06-16 07:38 - 00161056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2013-11-03 23:22 - 2013-06-16 07:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2013-11-03 23:22 - 2013-01-29 03:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco32.dll
2013-11-03 21:13 - 2013-11-03 21:14 - 154712352 _____ (NVIDIA Corporation) C:\Users\Room PC\Downloads\331.65-desktop-win8-win7-winvista-32bit-english-whql.exe
2013-10-30 23:03 - 2013-10-17 20:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2013-10-30 23:02 - 2013-09-27 18:01 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-30 22:52 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-10-30 22:51 - 2013-10-30 22:51 - 00004734 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-30 22:51 - 2013-10-08 06:50 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-10-30 22:51 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-10-30 22:51 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-10-30 22:49 - 2013-10-30 22:49 - 00915368 _____ (Oracle Corporation) C:\Users\Room PC\Downloads\chromeinstall-7u45.exe
2013-10-30 22:22 - 2013-10-30 22:22 - 00011391 _____ C:\Users\Room PC\Downloads\Battlefield.4.Update.1-RELOADED.torrent
2013-10-30 22:09 - 2013-10-30 22:09 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-30 16:07 - 2013-10-30 16:07 - 00042372 _____ C:\Users\Room PC\Downloads\Battlefield.4-RELOADED.torrent

==================== One Month Modified Files and Folders =======

2013-11-26 20:01 - 2013-11-26 20:01 - 00013104 _____ C:\Users\Room PC\Downloads\FRST.txt
2013-11-26 20:00 - 2013-11-26 20:00 - 01091605 _____ (Farbar) C:\Users\Room PC\Downloads\FRST.exe
2013-11-26 20:00 - 2013-11-26 20:00 - 00000000 ____D C:\FRST
2013-11-26 19:34 - 2013-06-12 16:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-26 19:27 - 2013-11-24 13:17 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-26 19:06 - 2013-02-09 16:31 - 01226588 _____ C:\Windows\WindowsUpdate.log
2013-11-26 14:52 - 2013-11-25 14:55 - 00000422 _____ C:\Users\Room PC\Desktop\SystemLook.txt
2013-11-26 13:27 - 2013-11-24 13:17 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-26 12:03 - 2013-02-09 16:59 - 00787482 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-26 11:30 - 2013-11-21 19:24 - 00002642 _____ C:\Windows\setupact.log
2013-11-26 10:01 - 2013-11-26 10:01 - 00000000 _____ C:\Users\Room PC\Desktop\~WRD0004.tmp
2013-11-26 09:48 - 2013-11-26 09:48 - 00000162 ____H C:\Users\Room PC\Desktop\~$stemLook.txt
2013-11-26 09:46 - 2009-07-13 23:34 - 00013792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-26 09:46 - 2009-07-13 23:34 - 00013792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-26 09:39 - 2013-11-21 19:24 - 00307324 _____ C:\Windows\PFRO.log
2013-11-26 09:39 - 2013-02-09 17:04 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-26 09:39 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-25 23:33 - 2013-02-09 17:28 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\Azureus
2013-11-25 20:38 - 2013-11-25 20:38 - 26750546 _____ C:\Users\Room PC\Downloads\SystemLook.txt
2013-11-25 14:55 - 2013-11-25 14:55 - 00139264 _____ C:\Users\Room PC\Desktop\SystemLook.exe
2013-11-24 17:10 - 2013-11-24 17:10 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Desktop\OTL.exe
2013-11-24 13:58 - 2013-08-25 18:44 - 00000000 ____D C:\AdwCleaner
2013-11-24 13:18 - 2013-02-09 17:42 - 00000000 ____D C:\Users\Room PC\AppData\Local\Google
2013-11-24 13:18 - 2013-02-09 17:42 - 00000000 ____D C:\Program Files\Google
2013-11-24 13:17 - 2013-02-09 17:42 - 00000000 ____D C:\Users\Room PC\AppData\Local\Deployment
2013-11-24 11:36 - 2013-11-24 11:36 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-24 11:36 - 2013-11-24 11:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-24 11:22 - 2013-11-24 11:22 - 00019938 _____ C:\Users\Room PC\Desktop\ESET.txt
2013-11-24 03:42 - 2013-08-09 19:59 - 00000000 ____D C:\Program Files\VirtualDJ
2013-11-23 18:08 - 2013-11-23 18:08 - 02347384 _____ (ESET) C:\Users\Room PC\Downloads\esetsmartinstaller_enu.exe
2013-11-23 18:08 - 2013-11-23 18:08 - 00000000 ____D C:\Program Files\ESET
2013-11-23 18:06 - 2013-11-23 18:06 - 00000984 _____ C:\Users\Room PC\Desktop\AdwCleaner[S2].txt
2013-11-23 18:03 - 2013-11-23 18:03 - 01085542 _____ C:\Users\Room PC\Downloads\adwcleaner.exe
2013-11-23 12:20 - 2013-11-23 12:20 - 00000000 ____D C:\Program Files\Vuze
2013-11-23 11:48 - 2013-11-23 11:48 - 00000000 ____D C:\_OTL
2013-11-23 11:46 - 2013-11-23 11:46 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Downloads\OTL (2).exe
2013-11-23 11:42 - 2013-11-23 11:42 - 00001354 _____ C:\Users\Room PC\Desktop\AdwCleaner[R1].txt
2013-11-23 11:16 - 2013-11-22 20:11 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-22 20:15 - 2013-11-22 20:15 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\AVAST Software
2013-11-22 20:14 - 2013-11-22 20:14 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-22 20:11 - 2013-11-22 20:11 - 04733592 _____ (AVAST Software) C:\Users\Room PC\Downloads\avast_free_antivirus_setup_online.exe
2013-11-21 19:45 - 2013-11-21 19:45 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Room PC\Downloads\SpyHunter-Installer.exe
2013-11-21 19:37 - 2013-11-21 19:36 - 05938856 _____ (ParetoLogic, Inc.) C:\Users\Room PC\Downloads\RegCureProSetup.exe
2013-11-21 19:36 - 2013-11-21 19:36 - 00001205 _____ C:\Users\Room PC\Downloads\FixNCR.reg
2013-11-21 19:30 - 2013-11-20 17:57 - 00000000 ____D C:\ProgramData\RegCure
2013-11-21 19:30 - 2013-09-02 01:31 - 00000000 ____D C:\Users\Room PC\AppData\Local\Unity
2013-11-21 19:29 - 2013-08-17 10:11 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-21 19:24 - 2013-11-21 19:24 - 00000000 _____ C:\Windows\setuperr.log
2013-11-21 19:21 - 2013-02-27 19:16 - 00000000 ____D C:\Windows\pss
2013-11-21 19:21 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-21 19:20 - 2013-02-27 19:01 - 00000000 ____D C:\Windows\Minidump
2013-11-21 19:19 - 2013-11-21 19:19 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\eCyber
2013-11-21 19:18 - 2013-11-21 19:18 - 00903832 _____ C:\Users\Room PC\Downloads\yet_another_cleaner.exe
2013-11-21 13:12 - 2013-11-21 13:12 - 04745728 _____ (AVAST Software) C:\Users\Room PC\Downloads\aswMBR.exe
2013-11-21 12:20 - 2013-11-21 12:20 - 00072094 _____ C:\Users\Room PC\Downloads\Extras.Txt
2013-11-21 12:19 - 2013-11-21 12:19 - 00089544 _____ C:\Users\Room PC\Downloads\OTL.Txt
2013-11-21 12:13 - 2013-11-21 12:13 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Downloads\OTL (1).exe
2013-11-21 12:12 - 2013-11-21 12:12 - 00602112 _____ (OldTimer Tools) C:\Users\Room PC\Downloads\OTL.exe
2013-11-21 03:00 - 2013-08-19 18:38 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-21 03:00 - 2013-08-19 18:38 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-20 17:55 - 2013-02-09 16:56 - 00000000 ____D C:\Users\Room PC
2013-11-20 17:54 - 2013-10-23 20:27 - 00000000 ____D C:\Users\Room PC\Desktop\Sints Row IV
2013-11-20 17:54 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\wfp
2013-11-20 17:54 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\registration
2013-11-19 05:21 - 2013-02-09 17:11 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 17:50 - 2013-11-18 17:50 - 00474830 _____ C:\Users\Room PC\Downloads\msvcr110.zip
2013-11-18 17:29 - 2013-11-18 17:29 - 03057885 _____ C:\Users\Room PC\Downloads\vid03.wmv
2013-11-18 17:10 - 2013-11-18 17:10 - 00012661 _____ C:\Users\Room PC\Downloads\[kickass.to]saints.row.iv.crack.only.reloaded.torrent
2013-11-18 17:01 - 2013-04-02 16:11 - 00000000 ____D C:\Users\Room PC\AppData\Local\Adobe
2013-11-16 19:56 - 2013-06-16 21:43 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\XBMC
2013-11-16 13:25 - 2013-11-16 13:25 - 00000000 ____D C:\Users\Room PC\AppData\Roaming\NVIDIA
2013-11-16 13:18 - 2013-11-16 13:18 - 01123608 _____ C:\Users\Room PC\Downloads\SteamSetup.exe
2013-11-16 13:18 - 2013-11-16 13:18 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-11-16 12:49 - 2013-11-16 12:49 - 00055624 _____ C:\Users\Room PC\Downloads\steam_api.zip
2013-11-16 12:49 - 2013-11-16 12:48 - 04241280 _____ (Dll-Files.com ) C:\Users\Room PC\Downloads\dffsetup-steam_api.exe
2013-11-14 18:19 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\rescache
2013-11-13 23:54 - 2013-02-11 20:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 23:51 - 2013-07-21 22:51 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 23:49 - 2013-02-10 21:16 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-11 16:36 - 2013-11-11 16:36 - 03740128 _____ (foobar2000.org) C:\Users\Room PC\Downloads\foobar2000_v1.2.9.exe
2013-11-11 16:08 - 2013-11-11 16:08 - 00019342 _____ C:\Users\Room PC\Downloads\Pink_Floyd-A_Saucerful_Of_Secrets-Remastered-CD-FLAC-2011-PERFECT.torrent
2013-11-09 20:20 - 2013-11-09 20:20 - 00006411 _____ C:\Users\Room PC\Downloads\The.Wolverine.2013.EXTENDED.BDRip.x264-GloRG.torrent
2013-11-03 23:25 - 2013-07-29 18:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-11-03 23:25 - 2013-02-09 17:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-11-03 21:14 - 2013-11-03 21:13 - 154712352 _____ (NVIDIA Corporation) C:\Users\Room PC\Downloads\331.65-desktop-win8-win7-winvista-32bit-english-whql.exe
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\ProgramData\Oracle
2013-10-30 22:52 - 2013-10-30 22:52 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-30 22:51 - 2013-10-30 22:51 - 00004734 _____ C:\Windows\system32\jupdate-1.7.0_45-b18.log
2013-10-30 22:51 - 2013-07-29 17:47 - 00000000 ____D C:\Program Files\Java
2013-10-30 22:49 - 2013-10-30 22:49 - 00915368 _____ (Oracle Corporation) C:\Users\Room PC\Downloads\chromeinstall-7u45.exe
2013-10-30 22:22 - 2013-10-30 22:22 - 00011391 _____ C:\Users\Room PC\Downloads\Battlefield.4.Update.1-RELOADED.torrent
2013-10-30 22:09 - 2013-10-30 22:09 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-30 16:07 - 2013-10-30 16:07 - 00042372 _____ C:\Users\Room PC\Downloads\Battlefield.4-RELOADED.torrent

Some content of TEMP:
====================
C:\Users\Room PC\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 18:23

==================== End Of Log ============================





ADDITION.TXT:


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-11-2013 01
Ran by Room PC at 2013-11-26 20:01:57
Running from C:\Users\Room PC\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

«Sleeping Dogs - Limited Edition»
32 Bit HP CIO Components Installer (Version: 6.1.1)
6300 (Version: 130.0.365.000)
6300_Help (Version: 82.0.242.000)
6300Trb (Version: 82.0.242.000)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ASIO4ALL (Version: 2.11 Beta2)
Avid Effects (Version: 10.3.5)
Avid HD Driver (x86) (Version: 10.3.5)
Avid Pro Tools (Version: 10.3.5)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Citrix Authentication Manager (Version: 4.0.0.53726)
Citrix Receiver (HDX Flash Redirection) (Version: 13.4.0.25)
Citrix Receiver (Version: 13.4.0.25)
Citrix Receiver Inside (Version: 3.4.0.29585)
Citrix Receiver Updater (Version: 3.4.0.29577)
Citrix Receiver(Aero) (Version: 13.4.0.25)
Citrix Receiver(DV) (Version: 13.4.0.25)
Citrix Receiver(USB) (Version: 13.4.0.25)
Connect (Version: 1.4.13206.0)
Copy (Version: 130.0.428.000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
DWA-542 (Version: 1.20b01)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU Version: 1.8.0.0)
Fax (Version: 130.0.418.000)
Full Tilt Poker (Version: 4.59.12.WIN.FullTilt.COM)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Google Chrome (Version: 31.0.1650.57)
Google Update Helper (Version: 1.3.21.165)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
iExplorer 3.2.2.4
iTunes (Version: 11.1.0.126)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
Media Player Codec Pack 4.2.8 (Version: 4.2.8)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Mouse and Keyboard Center (Version: 2.0.162.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 11 Mini Repack
Nero Backup Drivers (Version: 1.0.10000.1.0)
Network (Version: 130.0.572.000)
NVIDIA 3D Vision Controller Driver 331.65 (Version: 331.65)
NVIDIA 3D Vision Driver 331.65 (Version: 331.65)
NVIDIA Control Panel 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Graphics Driver 331.65 (Version: 331.65)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA PhysX (Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3165)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Online Plug-in (Version: 13.4.0.25)
PowerISO (Version: 5.0)
QuickTime (Version: 7.74.80.86)
Scan (Version: 13.0.0.0)
Self-service Plug-in (Version: 3.4.0.33684)
SHIELD Streaming (Version: 1.6.34)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnderCoverXP 1.23
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
VirtualDJ Home FREE (Version: 7.4)
Visual C++ Redistributables (Version: 1.2.0.5555)
Vuze (Version: 5.1.0.0)
WebReg (Version: 130.0.132.017)
WinRAR 4.20 beta 1 (32-bit) (Version: 4.20.1)
XBMC

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {4C1ADC12-4890-48EB-8122-D3707171D745} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-24] (Google Inc.)
Task: {B34BF5F7-9856-421F-9B36-F60CD786DDD8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {BC08EA4D-51D2-4294-A025-5965B1FE1BFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-24] (Google Inc.)
Task: {E78F72A6-29DB-447E-9617-BF6255BEC303} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-11-24 13:18 - 2013-11-14 06:28 - 00702416 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-24 13:18 - 2013-11-14 06:28 - 00099792 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-24 13:18 - 2013-11-14 06:29 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-24 13:18 - 2013-11-14 06:29 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-24 13:18 - 2013-11-14 06:28 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
2013-11-24 13:18 - 2013-11-14 06:29 - 13582800 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Room PC\Cookies:YZc1ftExOIdltThCMoLme

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/26/2013 04:40:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/26/2013 04:40:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "OnlineServices,version="11.0.0.0"1".
Dependent Assembly OnlineServices,version="11.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/26/2013 10:32:13 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (11/26/2013 10:05:39 AM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 14.0.7109.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2b8

Start Time: 01ceeab6e65675e9

Termination Time: 7

Application Path: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Report Id: 2596a1e0-56ac-11e3-af40-5cd998f8a35e

Error: (11/26/2013 09:50:47 AM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 14.0.7109.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b6c

Start Time: 01ceeab6947b4854

Termination Time: 24

Application Path: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Report Id: 1b5fa252-56aa-11e3-af40-5cd998f8a35e

Error: (11/26/2013 09:48:23 AM) (Source: Application Hang) (User: )
Description: The program WINWORD.EXE version 14.0.7109.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d00

Start Time: 01ceeab67275385a

Termination Time: 13

Application Path: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE

Report Id: c8a8b785-56a9-11e3-af40-5cd998f8a35e

Error: (11/25/2013 08:31:06 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 10.0.9200.16736 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f28

Start Time: 01cee965f9186b35

Termination Time: 50

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 67da156f-563a-11e3-a819-5cd998f8a35e

Error: (11/25/2013 08:27:34 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 10.0.9200.16736 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 754

Start Time: 01cee965fb2419f1

Termination Time: 57

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/25/2013 01:36:03 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (11/25/2013 01:23:05 PM) (Source: Application Hang) (User: )
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 264

Start Time: 01cee9f50ccd73d1

Termination Time: 3

Application Path: C:\Users\Room PC\Desktop\OTL.exe

Report Id: 9e41cab9-55fe-11e3-a819-5cd998f8a35e


System errors:
=============
Error: (11/26/2013 04:52:26 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/26/2013 11:30:54 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:54 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:53 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:53 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:52 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:49 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:48 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:48 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (11/26/2013 11:30:47 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.


Microsoft Office Sessions:
=========================
Error: (11/26/2013 04:40:21 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Nero\Nero 11\nero backitup\NBVSSTool_x64.exe

Error: (11/26/2013 04:40:16 PM) (Source: SideBySide)(User: )
Description: OnlineServices,version="11.0.0.0"c:\program files\Nero\KM\NMDllHost.exe.Manifest

Error: (11/26/2013 10:32:13 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (11/26/2013 10:05:39 AM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.7109.50002b801ceeab6e65675e97C:\Program Files\Microsoft Office\Office14\WINWORD.EXE2596a1e0-56ac-11e3-af40-5cd998f8a35e

Error: (11/26/2013 09:50:47 AM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.7109.5000b6c01ceeab6947b485424C:\Program Files\Microsoft Office\Office14\WINWORD.EXE1b5fa252-56aa-11e3-af40-5cd998f8a35e

Error: (11/26/2013 09:48:23 AM) (Source: Application Hang)(User: )
Description: WINWORD.EXE14.0.7109.5000d0001ceeab67275385a13C:\Program Files\Microsoft Office\Office14\WINWORD.EXEc8a8b785-56a9-11e3-af40-5cd998f8a35e

Error: (11/25/2013 08:31:06 PM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.16736f2801cee965f9186b3550C:\Program Files\Internet Explorer\iexplore.exe67da156f-563a-11e3-a819-5cd998f8a35e

Error: (11/25/2013 08:27:34 PM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.1673675401cee965fb2419f157C:\Program Files\Internet Explorer\iexplore.exe

Error: (11/25/2013 01:36:03 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (11/25/2013 01:23:05 PM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.026401cee9f50ccd73d13C:\Users\Room PC\Desktop\OTL.exe9e41cab9-55fe-11e3-a819-5cd998f8a35e


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 3327.12 MB
Available physical RAM: 1656.25 MB
Total Pagefile: 6652.52 MB
Available Pagefile: 4374.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:662.48 GB) NTFS
Drive e: (Iomega HDD) (Fixed) (Total:1863.01 GB) (Free:651.54 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:14.53 GB) (Free:1.8 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 36EC2C3C)

Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 915F062F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: EE109927)
Partition 1: (Not Active) - (Size=-198626966528) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
  • 0

#27
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Step 1:
Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Step 2:
Please try reset chrome setting:

Reset your browser settings:

  • Click the Chrome menu on the browser toolbar.
  • Select Settings.
  • Click Show advanced settings and find the "Reset browser settings” section.
  • Click Reset browser settings.
  • In the dialog that appears, click Reset. Note: When the "Help make Google Chrome better by reporting the current settings" checkbox is selected you are anonymously sending Google your Chrome settings. Reporting these settings allows us to analyze trends and work to prevent future unwanted settings changes
.

More info here.

Attached File  fixlist.txt   261bytes   48 downloads

Edited by crooleeck, 28 November 2013 - 01:14 AM.

  • 0

#28
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-11-2013 01
Ran by Room PC at 2013-11-28 08:57:26 Run:1
Running from C:\Users\Room PC\Desktop\fixlist
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CHR HKLM\...\Chrome\Extension: [bhapnjfnhgjijlphlbjbhkjbinbmcmjn] - C:\Users\Room PC\AppData\Local\CRE\bhapnjfnhgjijlphlbjbhkjbinbmcmjn.crx
C:\Users\Room PC\AppData\Local\Temp\Quarantine.exe
AlternateDataStreams: C:\Users\Room PC\Cookies:YZc1ftExOIdltThCMoLme
*****************

HKLM\SOFTWARE\Google\Chrome\Extensions\bhapnjfnhgjijlphlbjbhkjbinbmcmjn => Key deleted successfully.
"C:\Users\Room PC\AppData\Local\CRE\bhapnjfnhgjijlphlbjbhkjbinbmcmjn.crx" => File/Directory not found.
C:\Users\Room PC\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\Room PC\Cookies" => ":YZc1ftExOIdltThCMoLme" ADS not found.

==== End of Fixlog ====
  • 0

#29
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Did you reset Chrome settings? How is computer working now?
  • 0

#30
heyage13

heyage13

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 116 posts
ive reset my chrome settings and problem seems to have gone away!! i think the fix you provided me with definitely helped. thank you!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP