okay did as you said
OTL Scan Log:
OTL logfile created on: 1/26/2014 6:45:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nicholas\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.46 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 29.48% Memory free
6.92 Gb Paging File | 4.38 Gb Available in Paging File | 63.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 208.56 Gb Free Space | 89.59% Space Free | Partition Type: NTFS
Drive E: | 93.92 Gb Total Space | 44.10 Gb Free Space | 46.96% Space Free | Partition Type: NTFS
Drive G: | 178.85 Gb Total Space | 178.28 Gb Free Space | 99.68% Space Free | Partition Type: NTFS
Drive H: | 25.00 Gb Total Space | 12.78 Gb Free Space | 51.14% Space Free | Partition Type: NTFS
Computer Name: NICHOLAS-PC | User Name: Nicholas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2014/01/26 18:44:37 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Nicholas\Downloads\aswMBR.exe
PRC - [2014/01/26 15:49:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nicholas\Downloads\OTL.exe
PRC - [2014/01/26 09:05:12 | 001,005,056 | ---- | M] (DevPro) -- C:\Users\Nicholas\AppData\Roaming\DevPro\DevPro.exe
PRC - [2014/01/21 03:05:44 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/01/11 04:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/10/23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/15 13:09:52 | 000,090,112 | -H-- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
========== Modules (No Company Name) ========== MOD - [2014/01/21 04:04:55 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\be5f0f2e208bbb3c647acfbc33434251\System.Runtime.Serialization.ni.dll
MOD - [2014/01/21 04:04:32 | 002,511,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\f8eb1864adfa5be104c3b84177ab5427\System.Data.Linq.ni.dll
MOD - [2014/01/21 04:02:06 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2014/01/21 04:02:03 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c5db04fde4893300ff28045ce4f7567d\System.Windows.Forms.ni.dll
MOD - [2014/01/21 04:01:54 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2014/01/21 04:01:50 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll
MOD - [2014/01/21 04:01:48 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll
MOD - [2014/01/21 04:01:44 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2014/01/21 04:01:39 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2014/01/11 04:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 04:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 04:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 04:28:15 | 000,715,544 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014/01/11 04:28:14 | 000,100,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014/01/11 04:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
========== Services (SafeList) ========== SRV - [2014/01/20 18:13:04 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/11/26 02:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/07/15 13:09:52 | 000,090,112 | -H-- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Nicholas\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2014/01/26 14:49:17 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B793BBD9-EB18-4F6B-A01E-F01E1CE3249F}\MpKslcc5c8f9c.sys -- (MpKslcc5c8f9c)
DRV - [2014/01/26 08:07:48 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B793BBD9-EB18-4F6B-A01E-F01E1CE3249F}\MpKsl426aad7a.sys -- (MpKsl426aad7a)
DRV - [2013/09/27 09:53:06 | 000,104,768 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/11/20 15:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 15:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009/07/24 11:30:12 | 000,040,832 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/13 17:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 16:02:52 | 000,164,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6032.sys -- (e1kexpress)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-739588601-926540075-11685257-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-739588601-926540075-11685257-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE11SRIE - HKU\S-1-5-21-739588601-926540075-11685257-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ========== CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url =
http://www.bing.com/...q={searchTerms}CHR - default_search_provider: suggest_url =
http://api.bing.com/...uage={language},
CHR - homepage: about:Tabs
CHR - Extension: Google Docs = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: greatSSaaver = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gibgmiiampohmckfdmgedoepdphcgdao\2.7\
CHR - Extension: Best Save = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\242\
CHR - Extension: Google Wallet = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohbgicdakccadnageapnakmhggidkao\1.1\
CHR - Extension: Gmail = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: YoutubeAdblocker = C:\Users\Nicholas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmhifcklhmfpkjopafnomhlhphonlhoi\1.0\
O1 HOSTS File: ([2009/06/10 15:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.50.64.78 69.50.64.70 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABED451C-0854-463F-A8E0-C14BDA2F910F}: DhcpNameServer = 69.50.64.78 69.50.64.70 8.8.8.8
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/08/12 10:35:03 | 000,000,000 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2014/01/25 15:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\YoutubeAdblocker
[2014/01/25 15:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\YoutubeAdblocker
[2014/01/25 15:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\greatsavaer
[2014/01/25 15:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\greatsavaer
[2014/01/25 15:06:16 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Torch
[2014/01/25 15:06:16 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Comodo
[2014/01/25 15:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\5a5cc18011d38872
[2014/01/25 15:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2014/01/20 22:01:59 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DevPro
[2014/01/20 22:01:59 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\DevPro
[2014/01/20 21:55:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/01/20 21:43:31 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\DevPro, LLC
[2014/01/20 19:32:28 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Diagnostics
[2014/01/20 19:08:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/20 19:01:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/01/20 19:01:04 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Adobe
[2014/01/20 18:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/20 18:27:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/20 18:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/20 18:22:14 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Google
[2014/01/20 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Deployment
[2014/01/20 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Apps
[2014/01/20 18:13:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2014/01/19 21:59:45 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\uTorrent
[2014/01/19 18:36:22 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\Macromedia
[2014/01/19 18:36:22 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\Adobe
[2014/01/17 20:29:46 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\Media Player Classic
[2014/01/15 19:56:23 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Microsoft Games
[2014/01/15 19:50:14 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/15 19:50:14 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Searches
[2014/01/15 19:50:14 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/15 19:50:14 | 000,000,000 | -H-D | C] -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/15 19:50:07 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\Identities
[2014/01/15 19:50:06 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Contacts
[2014/01/15 19:48:04 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\VirtualStore
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\AppData\Local\Temporary Internet Files
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Templates
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Start Menu
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\SendTo
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Recent
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\PrintHood
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\NetHood
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Documents\My Videos
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Documents\My Pictures
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Documents\My Music
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\My Documents
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Local Settings
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\AppData\Local\History
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Cookies
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\Application Data
[2014/01/15 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Nicholas\AppData\Local\Application Data
[2014/01/15 19:48:02 | 000,000,000 | --SD | C] -- C:\Users\Nicholas\AppData\Roaming\Microsoft
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Videos
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Saved Games
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Pictures
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Music
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Links
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Favorites
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Downloads
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Documents
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\Desktop
[2014/01/15 19:48:02 | 000,000,000 | R--D | C] -- C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/15 19:48:02 | 000,000,000 | -H-D | C] -- C:\Users\Nicholas\AppData
[2014/01/15 19:48:02 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Temp
[2014/01/15 19:48:02 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Local\Microsoft
[2014/01/15 19:48:02 | 000,000,000 | ---D | C] -- C:\Users\Nicholas\AppData\Roaming\Media Center Programs
========== Files - Modified Within 30 Days ========== [2014/01/26 18:42:50 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/26 14:15:48 | 000,021,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 14:15:48 | 000,021,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 14:12:55 | 000,661,656 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/26 14:12:55 | 000,121,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/26 14:08:56 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/26 14:08:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/26 14:08:36 | 2786,521,088 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/21 21:45:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/21 19:51:28 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/01/21 07:25:03 | 000,002,221 | ---- | M] () -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/21 04:20:57 | 000,268,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/20 22:05:51 | 000,000,898 | ---- | M] () -- C:\Users\Nicholas\Desktop\DevPro.exe.lnk
[2014/01/20 19:15:58 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/01/20 18:28:34 | 000,002,197 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/15 20:07:25 | 000,001,403 | ---- | M] () -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/15 17:51:32 | 000,108,227 | ---- | M] () -- C:\Windows\System32\license.rtf
========== Files Created - No Company Name ========== [2014/01/21 21:45:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2014/01/21 19:51:28 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/01/21 03:25:00 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/20 22:05:51 | 000,000,898 | ---- | C] () -- C:\Users\Nicholas\Desktop\DevPro.exe.lnk
[2014/01/20 19:46:13 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/20 19:15:58 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/01/20 19:01:42 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/01/20 18:28:34 | 000,002,221 | ---- | C] () -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/20 18:28:34 | 000,002,197 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/20 18:22:21 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/20 18:22:20 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/15 20:07:25 | 000,001,403 | ---- | C] () -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/15 19:50:15 | 000,001,409 | ---- | C] () -- C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/15 19:48:02 | 000,000,290 | ---- | C] () -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/01/15 19:48:02 | 000,000,272 | ---- | C] () -- C:\Users\Nicholas\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/05/15 16:31:19 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013/03/20 11:22:54 | 000,982,240 | -H-- | C] () -- C:\Windows\System32\igkrng500.bin
[2013/03/20 11:22:50 | 000,092,356 | -H-- | C] () -- C:\Windows\System32\igfcg500m.bin
[2013/03/20 11:22:50 | 000,004,096 | -H-- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2013/03/20 11:22:40 | 000,439,308 | -H-- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2013/03/20 11:22:37 | 000,000,151 | -H-- | C] () -- C:\Windows\System32\GfxUI.exe.config
========== ZeroAccess Check ========== [2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 15:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2014/01/26 12:56:00 | 000,000,000 | ---D | M] -- C:\Users\Nicholas\AppData\Roaming\DevPro
[2014/01/20 22:06:05 | 000,000,000 | ---D | M] -- C:\Users\Nicholas\AppData\Roaming\DevPro, LLC
[2014/01/19 21:59:51 | 000,000,000 | ---D | M] -- C:\Users\Nicholas\AppData\Roaming\uTorrent
========== Purity Check ========== ========== Custom Scans ========== ========== Base Services ==========SRV - [2009/07/13 19:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2013/02/26 22:49:16 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/13 19:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 15:29:08 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 15:29:12 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2013/09/24 18:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/13 19:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 15:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/07/08 22:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 15:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 15:29:12 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/02 23:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/13 19:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 19:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 19:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 15:29:07 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2013/10/23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/10/23 15:01:10 | 000,280,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/07/13 19:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 19:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 19:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 19:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2012/10/03 10:42:26 | 000,242,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/13 19:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 04:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/10 23:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2013/09/24 18:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/13 19:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 15:29:24 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 15:29:12 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/13 19:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2013/09/24 18:49:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/13 19:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 15:29:07 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 15:29:12 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 15:29:21 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 15:29:07 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 19:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/04/30 22:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 15:29:12 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 15:29:07 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 15:29:07 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 15:29:49 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2013/05/26 22:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 15:29:11 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 15:29:06 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 15:29:41 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 15:29:20 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/13 19:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 16:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 15:29:20 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/13 19:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 15:29:07 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 15:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
< MD5 for: SERVICES >[2009/06/10 15:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 15:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.EXE >[2009/07/13 19:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 19:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >[2011/04/11 20:15:38 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2011/04/11 20:15:38 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
< MD5 for: SERVICES.LNK >[2009/07/13 22:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 22:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/10 15:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 15:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >[2011/04/11 20:15:37 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2011/04/11 20:15:37 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/13 14:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 14:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SVCHOST.EXE >[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 19:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: USERINIT.EXE >[2010/11/20 15:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 15:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
< MD5 for: WINLOGON.EXE >[2010/11/20 15:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 15:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
< MD5 for: WSHELPER.DLL >[2009/07/13 19:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\System32\wshelper.dll
[2009/07/13 19:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\wshelper.dll
< MD5 for: WSHELPER.DLL.MUI >[2011/04/11 20:15:40 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=CD53AEA05D09943FDAA9E6E779D28A26 -- C:\Windows\System32\en-US\wshelper.dll.mui
[2011/04/11 20:15:40 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=CD53AEA05D09943FDAA9E6E779D28A26 -- C:\Windows\winsxs\x86_microsoft-windows-w..ure-other.resources_31bf3856ad364e35_6.1.7600.16385_en-us_adb3c1d9fa188607\wshelper.dll.mui
< C:\Windows\assembly\tmp\U\*.* /s >[2009/07/13 22:53:46 | 000,006,386 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/13 22:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2014/01/20 18:22:20 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/01/20 18:22:21 | 000,000,890 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > < dir C:\ /S /A:L /C > Volume in drive C has no label.
Volume Serial Number is 9215-99D0
Directory of C:\
07/13/2009 10:53 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:53 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:53 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:53 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:53 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 10:53 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 10:53 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:53 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:53 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:53 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:53 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 10:53 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 10:53 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 10:53 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 10:53 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 10:53 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 10:53 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 10:53 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 10:53 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 10:53 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 10:53 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 10:53 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 10:53 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 10:53 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Nicholas
01/15/2014 07:48 PM <JUNCTION> Application Data [C:\Users\Nicholas\AppData\Roaming]
01/15/2014 07:48 PM <JUNCTION> Cookies [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Cookies]
01/15/2014 07:48 PM <JUNCTION> Local Settings [C:\Users\Nicholas\AppData\Local]
01/15/2014 07:48 PM <JUNCTION> My Documents [C:\Users\Nicholas\Documents]
01/15/2014 07:48 PM <JUNCTION> NetHood [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/15/2014 07:48 PM <JUNCTION> PrintHood [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/15/2014 07:48 PM <JUNCTION> Recent [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Recent]
01/15/2014 07:48 PM <JUNCTION> SendTo [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\SendTo]
01/15/2014 07:48 PM <JUNCTION> Start Menu [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu]
01/15/2014 07:48 PM <JUNCTION> Templates [C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Nicholas\AppData\Local
01/15/2014 07:48 PM <JUNCTION> Application Data [C:\Users\Nicholas\AppData\Local]
01/15/2014 07:48 PM <JUNCTION> History [C:\Users\Nicholas\AppData\Local\Microsoft\Windows\History]
01/15/2014 07:48 PM <JUNCTION> Temporary Internet Files [C:\Users\Nicholas\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Nicholas\Documents
01/15/2014 07:48 PM <JUNCTION> My Music [C:\Users\Nicholas\Music]
01/15/2014 07:48 PM <JUNCTION> My Pictures [C:\Users\Nicholas\Pictures]
01/15/2014 07:48 PM <JUNCTION> My Videos [C:\Users\Nicholas\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 10:53 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 10:53 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 10:53 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Valued Customer
05/15/2013 03:47 PM <JUNCTION> Application Data [C:\Users\Valued Customer\AppData\Roaming]
05/15/2013 03:47 PM <JUNCTION> Cookies [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\Cookies]
05/15/2013 03:47 PM <JUNCTION> Local Settings [C:\Users\Valued Customer\AppData\Local]
05/15/2013 03:47 PM <JUNCTION> My Documents [C:\Users\Valued Customer\Documents]
05/15/2013 03:47 PM <JUNCTION> NetHood [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/15/2013 03:47 PM <JUNCTION> PrintHood [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/15/2013 03:47 PM <JUNCTION> Recent [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\Recent]
05/15/2013 03:47 PM <JUNCTION> SendTo [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\SendTo]
05/15/2013 03:47 PM <JUNCTION> Start Menu [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\Start Menu]
05/15/2013 03:47 PM <JUNCTION> Templates [C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Valued Customer\AppData\Local
05/15/2013 03:47 PM <JUNCTION> Application Data [C:\Users\Valued Customer\AppData\Local]
05/15/2013 03:47 PM <JUNCTION> History [C:\Users\Valued Customer\AppData\Local\Microsoft\Windows\History]
05/15/2013 03:47 PM <JUNCTION> Temporary Internet Files [C:\Users\Valued Customer\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Valued Customer\Documents
05/15/2013 03:47 PM <JUNCTION> My Music [C:\Users\Valued Customer\Music]
05/15/2013 03:47 PM <JUNCTION> My Pictures [C:\Users\Valued Customer\Pictures]
05/15/2013 03:47 PM <JUNCTION> My Videos [C:\Users\Valued Customer\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
66 Dir(s) 223,727,095,808 bytes free
< type c:\diskreport.txt /c >Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: NICHOLAS-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 System Rese NTFS Partition 100 MB Healthy System
Volume 2 C NTFS Partition 232 GB Healthy Boot
Volume 3 E OS NTFS Partition 93 GB Healthy
Volume 4 G DATA NTFS Partition 178 GB Healthy
Volume 5 H Recovery NTFS Partition 25 GB Healthy
Volume 6 SYSTEM FAT32 Partition 200 MB Healthy Hidden
< End of report >
extras.txt:
OTL Extras logfile created on: 1/26/2014 6:45:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nicholas\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.46 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 29.48% Memory free
6.92 Gb Paging File | 4.38 Gb Available in Paging File | 63.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 208.56 Gb Free Space | 89.59% Space Free | Partition Type: NTFS
Drive E: | 93.92 Gb Total Space | 44.10 Gb Free Space | 46.96% Space Free | Partition Type: NTFS
Drive G: | 178.85 Gb Total Space | 178.28 Gb Free Space | 99.68% Space Free | Partition Type: NTFS
Drive H: | 25.00 Gb Total Space | 12.78 Gb Free Space | 51.14% Space Free | Partition Type: NTFS
Computer Name: NICHOLAS-PC | User Name: Nicholas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-739588601-926540075-11685257-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{CDADCBB2-DD4C-4A88-916B-2BB3255EE8F7}E:\program files (x86)\devpro\ygopro_vs_ai_debug.exe" = protocol=6 | dir=in | app=e:\program files (x86)\devpro\ygopro_vs_ai_debug.exe |
"TCP Query User{E032E725-3866-42C2-82A8-FEDA0FD2E182}C:\users\nicholas\appdata\roaming\devpro\devpro.dll" = protocol=6 | dir=in | app=c:\users\nicholas\appdata\roaming\devpro\devpro.dll |
"UDP Query User{71DAEAD4-6E67-4330-B1D8-FF96D1A356EE}E:\program files (x86)\devpro\ygopro_vs_ai_debug.exe" = protocol=17 | dir=in | app=e:\program files (x86)\devpro\ygopro_vs_ai_debug.exe |
"UDP Query User{86A9D865-8C80-45D1-B2ED-A719D7002600}C:\users\nicholas\appdata\roaming\devpro\devpro.dll" = protocol=17 | dir=in | app=c:\users\nicholas\appdata\roaming\devpro\devpro.dll |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{67787A65-AEE5-436B-B58C-538FBAE6374C}" = DevPro
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.2.0 (Standard)
"Microsoft Security Client" = Microsoft Security Essentials
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 1/19/2014 8:35:31 PM | Computer Name = Nicholas-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "E:\Users\jeff\Downloads\iTunes64Setup.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/19/2014 9:57:25 PM | Computer Name = Nicholas-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ygopro_vs_ai_debug.exe, version: 1.0.3.1,
time stamp: 0x51ac888b Faulting module name: MSVCR100.dll, version: 10.0.40219.325,
time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting
process id: 0xfd4 Faulting application start time: 0x01cf157b1da3d3a7 Faulting application
path: E:\Program Files (x86)\DevPro\ygopro_vs_ai_debug.exe Faulting module path:
E:\Program Files (x86)\DevPro\MSVCR100.dll Report Id: 34f1531f-8176-11e3-8433-18a90531fba5
Error - 1/19/2014 10:42:19 PM | Computer Name = Nicholas-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ygopro_vs_ai_debug.exe, version: 1.0.3.1,
time stamp: 0x51ac888b Faulting module name: MSVCR100.dll, version: 10.0.40219.325,
time stamp: 0x4df2be1e Exception code: 0xc0000417 Fault offset: 0x0008af3e Faulting
process id: 0xf24 Faulting application start time: 0x01cf158312997f5f Faulting application
path: E:\Program Files (x86)\DevPro\ygopro_vs_ai_debug.exe Faulting module path:
E:\Program Files (x86)\DevPro\MSVCR100.dll Report Id: 7aafd911-817c-11e3-8433-18a90531fba5
Error - 1/20/2014 8:18:56 PM | Computer Name = Nicholas-PC | Source = WinMgmt | ID = 10
Description =
Error - 1/21/2014 6:22:15 AM | Computer Name = Nicholas-PC | Source = WinMgmt | ID = 10
Description =
Error - 1/21/2014 6:26:39 AM | Computer Name = Nicholas-PC | Source = WinMgmt | ID = 10
Description =
Error - 1/21/2014 6:57:58 AM | Computer Name = Nicholas-PC | Source = Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072EE7
Error - 1/21/2014 6:57:58 AM | Computer Name = Nicholas-PC | Source = Software Protection Platform Service | ID = 8208
Description = Acquisition of genuine ticket failed (hr=0x80072EE7) for template
Id 66c92734-d682-4d71-983e-d6ec3f16059f
Error - 1/21/2014 9:57:23 PM | Computer Name = Nicholas-PC | Source = WinMgmt | ID = 10
Description =
Error - 1/22/2014 1:59:51 AM | Computer Name = Nicholas-PC | Source = Application Error | ID = 1000
Description = Faulting application name: devpro.dll, version: 0.0.0.0, time stamp:
0x52ca9794 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp:
0x521ea91c Exception code: 0xc0000005 Fault offset: 0x0003224d Faulting process id:
0xb4 Faulting application start time: 0x01cf173430b8a9cd Faulting application path:
C:\Users\Nicholas\AppData\Roaming\DevPro\devpro.dll Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 67e239fc-832a-11e3-abae-18a90531fba5
[ System Events ]
Error - 1/22/2014 8:06:30 PM | Computer Name = Nicholas-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 1/22/2014 8:06:30 PM | Computer Name = Nicholas-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 1/23/2014 8:52:55 PM | Computer Name = Nicholas-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 1/23/2014 9:49:40 PM | Computer Name = Nicholas-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 1/23/2014 11:38:17 PM | Computer Name = Nicholas-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 1/24/2014 8:55:13 PM | Computer Name = Nicholas-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.2427.0 Update Source: %%859 Update Stage:
%%852 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 1/24/2014 10:56:28 PM | Computer Name = Nicholas-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.2427.0 Update Source: %%859 Update Stage:
%%852 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 1/24/2014 10:57:14 PM | Computer Name = Nicholas-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
Error - 1/25/2014 12:12:43 PM | Computer Name = Nicholas-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:11:29 AM on ?1/?25/?2014 was unexpected.
Error - 1/25/2014 12:50:51 PM | Computer Name = Nicholas-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:48:34 AM on ?1/?25/?2014 was unexpected.
< End of report >
aswMBR log:aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-26 18:45:45
-----------------------------
18:45:45.752 OS Version: Windows 6.1.7601 Service Pack 1
18:45:45.752 Number of processors: 2 586 0x170A
18:45:45.753 ComputerName: NICHOLAS-PC UserName: Nicholas
18:45:47.755 Initialize success
18:55:47.047 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
18:55:47.051 Disk 0 Vendor: ST3250318AS HP34 Size: 238475MB BusType: 3
18:55:47.149 Disk 0 MBR read successfully
18:55:47.150 Disk 0 MBR scan
18:55:47.152 Disk 0 Windows 7 default MBR code
18:55:47.163 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:55:47.171 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238373 MB offset 206848
18:55:47.175 Disk 0 scanning sectors +488394752
18:55:47.329 Disk 0 scanning C:\Windows\system32\drivers
18:55:53.069 Service scanning
18:55:58.300 Service MpKslcc5c8f9c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B793BBD9-EB18-4F6B-A01E-F01E1CE3249F}\MpKslcc5c8f9c.sys **LOCKED** 32
18:56:08.275 Modules scanning
18:56:16.428 Disk 0 trace - called modules:
18:56:16.441 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
18:56:16.769 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860d1200]
18:56:16.773 3 CLASSPNP.SYS[8bfd459e] -> nt!IofCallDriver -> [0x85c30368]
18:56:16.777 5 ACPI.sys[8bccb3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0x85c2f908]
18:56:16.781 Scan finished successfully
18:59:28.101 Disk 0 MBR has been saved successfully to "C:\Users\Nicholas\Downloads\MBR.dat"
18:59:28.149 The log file has been saved successfully to "C:\Users\Nicholas\Downloads\aswMBR.txt"
Edited by Peacemaker2.0, 26 January 2014 - 07:19 PM.