Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow and trouble using programs

Started by Nick Garcia , Sep 04 2014 07:17 AM

  • Please log in to reply

#1
Nick Garcia
Posted 04 September 2014 - 07:17 AM

Nick Garcia

    Member

  • Member
  • PipPip
  • 25 posts
OTL logfile created on: 9/4/2014 5:46:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Pictures
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 28.43% Memory free
7.22 Gb Paging File | 4.69 Gb Available in Paging File | 64.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 683.58 Gb Total Space | 182.14 Gb Free Space | 26.64% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 58.36 Gb Free Space | 12.53% Space Free | Partition Type: NTFS
Drive F: | 1862.98 Gb Total Space | 912.91 Gb Free Space | 49.00% Space Free | Partition Type: NTFS

Computer Name: XPS420 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/09/04 05:41:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Pictures\OTL.exe
PRC - [2014/07/29 16:17:57 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/07/25 08:51:18 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/07/25 08:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/07/02 14:42:26 | 000,940,320 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014/07/02 14:42:25 | 001,818,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/21 14:08:56 | 001,333,424 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012/12/21 14:08:48 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2012/04/24 09:31:34 | 001,150,368 | R--- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2012/04/11 12:09:14 | 001,177,496 | R--- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2012/04/11 12:01:46 | 000,247,704 | R--- | M] (Western Digital) -- C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/06/27 10:18:08 | 000,223,448 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
PRC - [2007/06/27 10:17:26 | 000,272,600 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
PRC - [2007/06/27 10:17:12 | 000,446,680 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
PRC - [2007/06/27 10:16:02 | 000,157,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
PRC - [2007/06/27 10:15:14 | 000,059,096 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
PRC - [2007/06/27 10:14:46 | 000,317,656 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
PRC - [2007/06/27 10:13:56 | 000,268,504 | ---- | M] () -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
PRC - [2007/02/12 11:46:34 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe


========== Modules (No Company Name) ==========

MOD - [2014/07/29 16:17:55 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV - [2014/08/28 06:48:02 | 000,833,728 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/08/26 18:31:32 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/29 16:17:55 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/25 08:51:13 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/21 14:08:56 | 001,333,424 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012/04/24 09:31:34 | 001,150,368 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2012/04/11 12:09:14 | 001,177,496 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2012/04/11 12:01:46 | 000,247,704 | R--- | M] (Western Digital) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2011/11/16 11:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/27 15:28:14 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/11/15 09:23:56 | 000,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2007/09/12 03:40:44 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/06/27 10:18:08 | 000,223,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2007/06/27 10:17:26 | 000,272,600 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe -- (QualityManager)
SRV - [2007/06/27 10:17:12 | 000,446,680 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2007/06/27 10:16:02 | 000,157,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2007/06/27 10:15:28 | 000,039,640 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE)
SRV - [2007/06/27 10:15:14 | 000,059,096 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2007/06/27 10:14:46 | 000,317,656 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore)
SRV - [2007/06/27 10:13:56 | 000,268,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/02/12 11:46:34 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Users\admin\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.sys -- (SASKUTIL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\admin\AppData\Local\Temp\SAS_SelfExtract\SASENUM.SYS -- (SASENUM)
DRV - File not found [Kernel | System | Stopped] -- C:\Users\admin\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS -- (SASDIFSV)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/09/04 04:35:43 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014/07/02 16:28:03 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2014/07/02 15:54:57 | 010,681,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2014/05/12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/05/07 15:27:25 | 000,030,976 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV - [2013/11/14 15:04:38 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2013/11/14 15:04:37 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012/12/21 14:09:18 | 000,047,568 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012/12/21 14:09:14 | 000,150,080 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012/12/21 14:09:14 | 000,046,056 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2012/12/21 14:08:54 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012/12/21 14:08:16 | 000,171,680 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2012/05/03 19:17:47 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/12/27 15:17:49 | 000,005,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2007/09/12 03:44:34 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/09/12 03:40:48 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/07/19 23:44:54 | 000,110,120 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pnp680r.sys -- (Pnp680r)
DRV - [2007/06/27 10:17:46 | 000,014,552 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2007/02/18 20:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...rlz=1I7DKUS<br>
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ew...7_FRPage<br> IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...=UP97DHP<br> IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...earchBox<br> IE - HKCU\..\SearchScopes\{EAA12AAE-0D61-4237-BB90-15E9487756E2}: "URL" = http://www.google.co...=1I7DKUS<br> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.startup.homepage: "https://www.google.com"
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: %7B5F590AA2-1221-4113-A6F4-A4BB62414FAC%7D:0.45.8.20130519.3
FF - prefs.js..extensions.enabledAddons: %7Bb0e1b4a6-2c6f-4e99-94f2-8e625d7ae255%7D:3.5.0
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: thumbnailZoom%40dadler.github.com:2.7
FF - prefs.js..extensions.enabledAddons: doubleclick-picture%40windpr.tw:1.1.140101
FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.3.5
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.40
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:11.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...PC=UP97&#38;q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/07/29 16:17:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/03/05 01:16:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/07/29 16:17:47 | 000,000,000 | ---D | M]

[2012/04/30 19:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2014/09/03 15:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jm4q3r93.default\extensions
[2013/04/17 13:36:32 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jm4q3r93.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2014/09/03 15:35:51 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\jm4q3r93.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2014/01/08 17:54:22 | 000,029,504 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\[email protected]
[2014/01/01 13:03:38 | 000,168,246 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\[email protected]
[2013/08/22 13:30:29 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\[email protected]
[2014/08/26 21:45:03 | 000,077,816 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\[email protected]
[2013/05/24 16:23:32 | 000,043,024 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi
[2014/09/03 15:35:51 | 000,541,661 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/09/08 17:47:26 | 000,242,531 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi
[2014/07/23 06:55:58 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/03/09 06:39:01 | 000,091,556 | ---- | M] () (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2014/07/02 14:41:13 | 000,006,057 | ---- | M] () -- C:\Users\admin\AppData\Roaming\mozilla\firefox\profiles\jm4q3r93.default\searchplugins\bingp.xml
[2014/08/10 19:24:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/07/29 16:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/07/29 16:17:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/04/29 16:23:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...hTerms}<br> CHR - default_search_provider: suggest_url = http://api.bing.com/...C=UP97,<br> CHR - homepage: http://www.msn.com/?...UP97DHP<br> CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat" File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_67)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{999403D4-F743-4C82-AB44-BC305939356E}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\admin\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\admin\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exe_auto_file] -- "C:\Program Files\CCleaner\CCleaner.exe" "%1"
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/09/04 03:39:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/09/03 14:58:17 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Apple Computer
[2014/09/03 14:58:16 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Apple Computer
[2014/09/03 14:58:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2014/09/03 14:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/09/03 14:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2014/09/03 14:56:02 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Apple
[2014/09/03 14:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/08/27 21:26:15 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\NVIDIA
[2014/08/27 19:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/08/27 19:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2014/08/18 09:28:28 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\My Games
[2014/08/18 09:28:13 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\My Games
[2014/08/12 04:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/12 04:13:03 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/08/12 04:13:03 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/08/12 04:13:03 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/08/12 04:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/08/10 23:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Sid Meiers Civilization V
[2014/08/10 22:57:35 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Music
[2014/08/10 22:57:30 | 000,000,000 | ---D | C] -- C:\Users\admin\Desktop\Books
[2014/08/10 19:24:28 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Oracle
[2014/08/10 19:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/08/05 15:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/08/05 15:03:17 | 000,061,728 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

========== Files - Modified Within 30 Days ==========

[2014/09/04 05:53:01 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/04 05:53:01 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/04 05:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/04 04:35:43 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/09/04 03:52:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/03 17:47:07 | 000,000,216 | ---- | M] () -- C:\Users\admin\Desktop\Wargame Red Dragon.url
[2014/09/03 17:47:07 | 000,000,216 | ---- | M] () -- C:\Users\admin\Desktop\Wargame AirLand Battle.url
[2014/09/03 17:47:07 | 000,000,215 | ---- | M] () -- C:\Users\admin\Desktop\Wargame European Escalation.url
[2014/09/03 17:18:41 | 000,000,215 | ---- | M] () -- C:\Users\admin\Desktop\Empire Total War.url
[2014/09/03 15:56:34 | 000,076,800 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/28 15:38:43 | 000,421,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/08/28 03:47:37 | 000,054,495 | ---- | M] () -- C:\Windows\System32\epfwdata.bin
[2014/08/27 19:07:33 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/08/13 08:15:03 | 000,642,084 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/08/13 08:15:03 | 000,119,276 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/08/11 00:14:21 | 000,002,056 | ---- | M] () -- C:\Users\admin\Desktop\Civilization V.lnk
[2014/08/10 23:46:51 | 000,001,717 | ---- | M] () -- C:\Users\admin\Desktop\Hearts of Iron III.lnk

========== Files Created - No Company Name ==========

[2014/09/03 17:47:07 | 000,000,216 | ---- | C] () -- C:\Users\admin\Desktop\Wargame Red Dragon.url
[2014/09/03 17:47:07 | 000,000,216 | ---- | C] () -- C:\Users\admin\Desktop\Wargame AirLand Battle.url
[2014/09/03 17:47:07 | 000,000,215 | ---- | C] () -- C:\Users\admin\Desktop\Wargame European Escalation.url
[2014/09/03 17:18:41 | 000,000,215 | ---- | C] () -- C:\Users\admin\Desktop\Empire Total War.url
[2014/08/28 03:47:37 | 000,054,495 | ---- | C] () -- C:\Windows\System32\epfwdata.bin
[2014/08/27 19:07:33 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/08/11 00:14:21 | 000,002,056 | ---- | C] () -- C:\Users\admin\Desktop\Civilization V.lnk
[2014/08/05 15:11:21 | 003,826,628 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2014/08/05 14:52:27 | 000,021,215 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2014/05/07 15:27:25 | 000,030,976 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro37.sys
[2014/05/02 17:34:02 | 000,000,680 | ---- | C] () -- C:\Users\admin\AppData\Local\d3d9caps.dat
[2013/11/14 15:04:38 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2013/11/14 15:04:36 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012/07/05 18:58:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/10 14:29:57 | 000,001,057 | ---- | C] () -- C:\Users\admin\AppData\Roaming\vso_ts_preview.xml
[2012/04/29 16:23:17 | 000,076,800 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/07/29 18:03:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2013/03/05 00:37:35 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\ESET
[2014/08/10 19:24:28 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Oracle
[2014/07/17 16:14:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\The Creative Assembly
[2014/07/17 15:41:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Total War - Rome II
[2012/05/01 02:49:23 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\TuneUp Software
[2014/09/04 06:28:21 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2014/07/29 18:03:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Vso

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2014/08/11 00:11:36 | 239,267,491 | ---- | M] ()(C:\Users\admin\Desktop\? Game Of Thrones - Complete Soundtrack Season 1-3 - YouTube [240p].flv) -- C:\Users\admin\Desktop\▶ Game Of Thrones - Complete Soundtrack Season 1-3 - YouTube [240p].flv
[2014/08/10 22:51:26 | 050,957,441 | ---- | M] ()(C:\Users\admin\Desktop\? Game of Thrones Season 4 soundtrack - YouTube [360p].mp4) -- C:\Users\admin\Desktop\▶ Game of Thrones Season 4 soundtrack - YouTube [360p].mp4
[2014/08/10 22:51:23 | 239,267,491 | ---- | C] ()(C:\Users\admin\Desktop\? Game Of Thrones - Complete Soundtrack Season 1-3 - YouTube [240p].flv) -- C:\Users\admin\Desktop\▶ Game Of Thrones - Complete Soundtrack Season 1-3 - YouTube [240p].flv
[2014/08/10 22:50:46 | 050,957,441 | ---- | C] ()(C:\Users\admin\Desktop\? Game of Thrones Season 4 soundtrack - YouTube [360p].mp4) -- C:\Users\admin\Desktop\▶ Game of Thrones Season 4 soundtrack - YouTube [360p].mp4

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -&gt; C:\Users\admin\Desktop\Joe Rogan Experience #501 - Randall Carlson - YouTube [360p].mp4:TOC.WMV

&lt; End of report &gt;
  • 0

Advertisements

#2
Nick Garcia
Posted 05 September 2014 - 05:21 PM

Nick Garcia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
OTL Extras logfile created on: 9/4/2014 5:46:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\admin\Pictures
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 28.43% Memory free
7.22 Gb Paging File | 4.69 Gb Available in Paging File | 64.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 683.58 Gb Total Space | 182.14 Gb Free Space | 26.64% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 58.36 Gb Free Space | 12.53% Space Free | Partition Type: NTFS
Drive F: | 1862.98 Gb Total Space | 912.91 Gb Free Space | 49.00% Space Free | Partition Type: NTFS

Computer Name: XPS420 | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.ini [@ = Ini File] -- c:\GetDiz\GetDiz.exe (Outertech - http://www.outertech.com)

[HKEY_CURRENT_USER\SOFTWARE\Classes\ ]
.exe [@ = exe_auto_file] -- "C:\Program Files\CCleaner\CCleaner.exe" "%1"
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08EB193E-4A42-431C-8B21-71CB3F270EFC}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{0A9483D9-3B13-4E3E-B3E7-16C7D11C24C9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BF65E52-4208-408B-B18E-BADA7FE5AD8B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1C516343-C34D-43D7-88F8-112FED233CC9}" = rport=10244 | protocol=6 | dir=out | app=system |
"{1E33EC3C-F63D-4EAB-A5CB-393D99AD311B}" = lport=80 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{22B155DF-A61C-48CC-B32E-12D8ED524996}" = lport=2869 | protocol=6 | dir=in | app=system |
"{357A717A-1FEF-4C97-A37F-F945EA9A7AE1}" = lport=443 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\netservice\nvnetworkservice.exe |
"{3D54345A-0712-47CA-A77B-BD10580B6C6A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4761C441-E883-4B85-8421-89E1010F796D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{49441A8E-A0A8-4C1E-9FB3-738491C0AB0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4A421FEB-2843-4E90-8E5F-824F789897B1}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{4EF31830-FC93-4D94-BB19-B1F6CB44D279}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{565226BB-D043-4E76-A5A9-CA6AFECA2359}" = lport=3390 | protocol=6 | dir=in | app=system |
"{57E4DE52-846E-41D2-BA18-BD19E41601CB}" = lport=10244 | protocol=6 | dir=in | app=system |
"{59C23284-F769-4362-9789-E7ED46C27903}" = lport=3390 | protocol=6 | dir=in | app=system |
"{5E22358F-20B8-4949-9D9A-AE986D11FAB5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60252EB2-E128-4568-B7C1-99CC560B7178}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{80B487DF-F1BA-409B-8986-CC1BE0C151E1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9193AF99-91F5-445F-919E-8A991A2AA973}" = rport=10244 | protocol=6 | dir=out | app=system |
"{92AA4232-337F-4B10-9C0B-75AC3AD08302}" = rport=10243 | protocol=6 | dir=out | app=system |
"{93BEE442-2878-4065-B565-022547B8D911}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A1A56DD8-4DC2-4B74-81D3-B8BB2C4E4BAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A586D3CC-CD87-41DC-BC63-9AD7FFCB3A4B}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv™ media server discovery |
"{B3BDEB37-4EE1-4F51-83B3-3023C22C6DF8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B488DA1A-812A-4BB8-B08E-47471B3DC374}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CAA62101-44CB-4007-BB7A-8A70D3E028B6}" = lport=10244 | protocol=6 | dir=in | app=system |
"{CEBF2A5F-EBD8-42E9-8A9D-9A532329E828}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{CFEFDCEF-5499-4943-93D9-AAD8616412E9}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D2108E80-C68D-4A06-A83B-D7AF8C8CD5FF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DCCD0C77-11CF-4DDF-AB16-94119DF24DD6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E4736A1E-FEBE-420D-8F59-AC4F356ACDC0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5027394-25DE-43E6-9A38-5432349D2915}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA170E23-CB6F-4E12-908A-E3D2314F82B7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F708737A-F96B-4393-80EC-5D35AB1B3820}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F72F31B3-2D2E-4EC6-8FD3-1246CF1C55C3}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv™ media server upnp discovery |
"{F896409E-44EE-4250-9EC5-66E9D81D905F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05709C54-0505-41DF-BF87-281D2F8AAF95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{072843F4-4F14-4B3A-9A34-914C72A61BE3}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{07DB0438-87C7-44C0-BD21-02E0A8F8C126}" = protocol=6 | dir=out | app=system |
"{0FF0162D-263C-40E6-85C0-6B60F8C8EE29}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\empire total war\empire.exe |
"{2BC0D9A7-BEBB-457B-AEE2-A06B690FA9B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{372ABDE1-D305-4C35-8231-2C84CB1110F7}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{42B29069-2A86-4571-BFDD-0E1007488333}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{46B714A5-4E09-4652-9F19-555C402F0677}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{4FF0E491-2874-459A-8761-7561CE860C34}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{50870194-4224-4793-8473-75589C29B691}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{525E4329-FE7C-4FE1-ACE5-1EB74AA05E4C}" = protocol=17 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe |
"{53B61168-6C0D-4EDC-ACA8-3B0C42BD0A32}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5B41BBA2-0374-4585-9261-8C8F65186015}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{61D2F9A6-7CF6-464F-A216-2D7526684ABE}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{6493F092-E555-4F09-AA98-F3F7AB41C40E}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{6671BB9E-CBAE-4AF0-AB54-B24F4CE21B41}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{669FEB8D-8041-43B1-9D08-487E281AFCF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6DA80777-3AB2-4DEE-AB6B-FE11A24A522A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E62D825-E1CB-48CD-A351-8FEE8641C3C0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{70DC5222-D51F-4D9C-B316-E12DF5921523}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{725C7D35-2EB9-4593-A229-A260AEDAADF6}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{77B5D5FC-C9C5-40CB-BE0B-EDB5B3BBF6D8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\empire total war\empire.exe |
"{7AAF5160-554B-4376-A432-6DC80A2EB7EB}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{7E61BD3C-0568-4038-8143-4F92C8383EF0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8C4D0A8E-926E-4A9B-997B-BC65BC528F6E}" = protocol=6 | dir=in | app=c:\program files\steam\bin\steamwebhelper.exe |
"{9023A00E-991D-4AC9-95BE-D3921A01F2A4}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{975E6794-AB5E-491E-96CD-90C115877DD1}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{9BA7B593-8332-4FE0-B4B8-9A0388AD73D3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A18BB738-CD3C-4C75-8BB7-5C58611C7DFE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1B9979F-F20D-465D-B71E-C7A5F2A3657A}" = protocol=17 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"{A6A5A0C7-17FC-4E85-A2E3-0FC3338ECC5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD99D4EA-E38F-41FA-9DB6-3E03E595AF46}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B8B82A42-4DCB-45A1-A693-5A74AA504B8D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{B943A47F-30F7-4444-AFD7-3E7A7BFA57F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BBBA2E30-00C5-4F11-A149-5D95C4E4518F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C6DD7D66-DE94-4EC3-85A8-23250A5D2D9D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CA2DFB78-CEE4-4CA0-8620-D9250F706563}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{CA85F489-590F-4D27-B71E-E9A3895CD397}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D37E6299-EC03-436B-9147-5325E4D904E9}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E8C75AB0-3124-4EC4-9FA0-D9F1BB0E8EEE}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{E93E47F9-2331-4948-9149-AD303CA182FB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F6529E7F-DFF9-45BA-B9D2-8571C3000FC8}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FB8974C2-B297-4D35-9A07-ADFC52661043}" = protocol=6 | dir=in | app=c:\users\admin\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{3D1E2D2F-7774-47AF-86E0-CDCB774ADBFD}C:\program files\r.g. mechanics\total war - rome ii\rome2.exe" = protocol=6 | dir=in | app=c:\program files\r.g. mechanics\total war - rome ii\rome2.exe |
"UDP Query User{BF0DA671-3725-420A-A723-533E2BD5ACD3}C:\program files\r.g. mechanics\total war - rome ii\rome2.exe" = protocol=17 | dir=in | app=c:\program files\r.g. mechanics\total war - rome ii\rome2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.2 (r693)
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{040D2B36-8425-4072-B8C6-3E705EEA4027}" = ESET Smart Security
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio EasyArchive
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 67
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.12.4
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{84D58782-A2F0-47D4-A557-3041363893CF}" = Adobe Setup
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{92A300C0-E97B-48CC-9702-AB1AAED167E1}" = Adobe Soundbooth CS3 Scores
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War
"{A6813E19-244A-476E-8AE5-A1176739EEE5}" = WD SmartWare
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A73BDB2A-E4A7-4FE8-960E-6A5C8BF76FCB}" = XPS MiniView Gadget
"{A7472CEE-6E85-4D43-9C71-BDFC0D471F70}" = Intel® Viiv™ Software
"{AAC90D5F-B8B1-4A06-B888-F3A241124D0D}" = Roxio MyDVD Premier
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Premier
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}" = Hearts of Iron III
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{E01AE623-07FB-4E38-8CCA-8E10B86BE851}" = Rome - Total War
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Adobe_19c4ee81f9cc4b3dffb9a17d9b648b2" = Adobe Soundbooth CS3
"CDisplay_is1" = CDisplay 1.8
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"For the Motherland_is1" = For the Motherland version 3.2
"GetDiz" = GetDiz
"GOGPACKHOTLINEMIAMI_is1" = Hotline Miami
"Hearts of Iron III Sprite Packs" = Hearts of Iron III Sprite Packs
"Intel® Configuration Center" = Intel® Viiv™ Software
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 31.0 (x86 en-US)" = Mozilla Firefox 31.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"PROSetDX" = Intel® PRO Network Connections 12.1.12.4
"Semper Fi_is1" = Semper Fi 1.0
"Steam" = Steam
"Steam App 10500" = Empire: Total War
"Steam App 222750" = Wargame: AirLand Battle
"Steam App 251060" = Wargame: Red Dragon
"Steam App 58610" = Wargame: European Escalation
"Total War - Rome II_R.G. Mechanics_is1" = Total War - Rome II
"VLC media player" = VLC media player
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/2/2014 3:34:02 PM | Computer Name = XPS420 | Source = Windows Search Service | ID = 3013
Description =

Error - 7/2/2014 3:34:04 PM | Computer Name = XPS420 | Source = Windows Search Service | ID = 3013
Description =

Error - 7/2/2014 3:34:04 PM | Computer Name = XPS420 | Source = Windows Search Service | ID = 3013
Description =

Error - 7/17/2014 4:37:28 PM | Computer Name = XPS420 | Source = VSS | ID = 8194
Description =

Error - 7/17/2014 4:38:06 PM | Computer Name = XPS420 | Source = System Restore | ID = 8193
Description =

Error - 7/17/2014 4:40:49 PM | Computer Name = XPS420 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 7/17/2014 4:40:49 PM | Computer Name = XPS420 | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 7/24/2014 4:18:38 AM | Computer Name = XPS420 | Source = EventSystem | ID = 4621
Description =

Error - 7/24/2014 10:27:38 AM | Computer Name = XPS420 | Source = EventSystem | ID = 4621
Description =

Error - 7/27/2014 3:32:38 AM | Computer Name = XPS420 | Source = EventSystem | ID = 4621
Description =

[ IntelDH Events ]
Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 4/29/2012 2:50:34 PM | Computer Name = XPS420 | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
with reason: XML document must have a top level element.

Error - 5/1/2012 12:55:19 AM | Computer Name = XPS420 | Source = AlertService | ID = 17
Description = A CCU interface function returned an error: DataManager::GetData failed
to retrieve the data

Error - 5/10/2012 8:01:44 PM | Computer Name = XPS420 | Source = TrayIcon | ID = 27
Description = Unexpected Code Path: StpoServices failed

[ Media Center Events ]
Error - 10/18/2012 8:39:41 PM | Computer Name = XPS420 | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/26/2012 8:34:24 AM | Computer Name = XPS420 | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/30/2012 5:02:24 AM | Computer Name = XPS420 | Source = ehReplay | ID = 701
Description =

Error - 10/30/2012 5:02:24 AM | Computer Name = XPS420 | Source = ehReplay | ID = 700
Description =

Error - 10/30/2012 5:02:37 AM | Computer Name = XPS420 | Source = ehReplay | ID = 701
Description =

Error - 5/22/2013 8:12:39 AM | Computer Name = XPS420 | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/8/2013 8:06:26 AM | Computer Name = XPS420 | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/8/2013 8:49:38 PM | Computer Name = XPS420 | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/7/2013 11:18:47 PM | Computer Name = XPS420 | Source = ehReplay | ID = 701
Description =

Error - 12/7/2013 11:18:47 PM | Computer Name = XPS420 | Source = ehReplay | ID = 700
Description =

[ System Events ]
Error - 9/4/2014 6:44:33 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 6:47:42 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 6:51:04 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 6:54:14 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 6:57:25 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 7:00:37 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 7:03:49 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 7:21:59 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 7:25:09 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/4/2014 7:28:20 AM | Computer Name = XPS420 | Source = WMPNetworkSvc | ID = 866333
Description =


< End of report >

  • 0

#3
Nick Garcia
Posted 05 September 2014 - 05:34 PM

Nick Garcia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
My computer was acting very peculiar, Slow response speeds, won't pull up msconfig, task-manger. Takes way to long, to do simple opening of small files and folders, The processes don't seem to be running weird or odd at all. I know this to be something software related. I just had my computer in the repaired and upgraded in April and I haven't been using this PC for more than a month. I trust the person very much so. I think this has to do with something I downloaded two, three weeks ago. Sometimes when I open things the screen turns to black. Program icons all turned to ccleaner and lost their paths. Clicking on icons and files does nothing. Then out of the blue today all went back to fine.

Edited by Nick Garcia, 05 September 2014 - 05:36 PM.

  • 0

#4
DonnaB
Posted 07 September 2014 - 04:54 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi Nick Garcia,

I do apologize for the delay in responding. We do get a bit overwhelmed here at times. You were not overlooked intentionally.

Could you please post the ESET and MBAM completed scan logs in your next reply.

WARNING!

P2P Program installed:

I see that you have uTorrent installed. I must warn you that this type of program is of the highest nature that infections are invited into your Computer. I suggest that you remove it. Though the programs themselves are not malicious, the chance of downloading a malicious file is like playing russian roulette. Any file could be the one that will turn your computer into a very expensive door stop.

P2P Programs can invite spyware, viruses, Trojan horses, or worms into your computer. When the files are downloaded, your computer becomes infected. If you share these files with others, their computer becomes infected as well. You also invite the possibilities of others stealing your personal information such as passwords, online banking accounts, personal files, etc.

Please read the following link for more information:

P2P File-Sharing: Evaluate the Risks

While I await your next reply, I will be taking a close look at the logs you have already posted.

Thank you,
Donna :)
  • 0

#5
Nick Garcia
Posted 07 September 2014 - 08:24 PM

Nick Garcia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Eset nod 32
Scan Log
Version of virus signature database: 10368 (20140904)
Date: 9/4/2014 Time: 9:15:20 PM
Scanned disks, folders and files: Operating memory;Boot sector;C:\Boot sector;C:\;D:\Boot sector;D:\;E:\Boot sector;E:\;F:\Boot sector;F:\;G:\Boot sector;G:\
C:\pagefile.sys - error opening [4]
C:\$Recycle.Bin\S-1-5-21-3048772100-800801945-351770560-1001\$R5ZQTL5\Civilization V complete nosTEAM.part1.exe - error opening [4]
C:\Program Files\WinRAR\Default.SFX » WINRARSFX - archive damaged
C:\Program Files\WinRAR\Zip.SFX » WINRARSFX - archive damaged
C:\ProgramData\SupportSoft\DellSupportCenter\SYSTEM\data\manifest.zip » ZIP » - archive damaged
C:\RECOVERD\Desktop\Downloads\Needs to be filed\Music\The_Lost_Children_of_Babylon-The_Triangle_of_Babylon_Chapter_1-Bootleg-2010-CLX.rar » RAR » The_Lost_Children_of_Babylon-The_Triangle_of_Babylon_Chapter_1-Bootleg-2010-CLX\01-rasul_allah_decipher_and_si-klon-world_of_glass-clx.mp3 - incorrect CRC checksum, the file may be damaged
C:\Users\admin\AppData\Local\NVIDIA\NvBackend\Packages\00005971\vops-wargame_airland_battles.18139982.exe » NSIS » manifest.xml - archive damaged - the file could not be extracted.
C:\Users\admin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Users\admin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Users\admin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Users\admin\Desktop\Books\Freemasonry.rar » RAR » Global Freemasonry.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\Freemasonry.rar » RAR » Morals And Dogma - By Albert Pike.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\Freemasonry.rar » RAR » Morals and Dogma of the Ancient and Accepted Scottish Rite of Freemasonry.rar » RAR » Morals And Dogma - By Albert Pike.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\Freemasonry.rar » RAR » Order.Out.of.Chaos.-.By.Paul.Joseph.Watson.rar » RAR » Order Out of Chaos - By Paul Joseph Watson.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\Freemasonry.rar » RAR » the hidden gears of freemasonry.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\inosanto.dan.-.the.filipino.martial.arts.rar » RAR » Inosanto, Dan - The Filipino Martial Arts.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-South Dakota.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Tennessee.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Texas.1.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Texas.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Utah.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Vermont.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Virginia.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Washington.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-West Virginia.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Wisconsin.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Desktop\Books\The.Bush.Record.RAR » RAR » Bush Record-Wyoming.pdf - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Creative Science & Research Documents\Free Energy Motors and Generators files and pics.rar » RAR » Free Energy Motors and Generators_files\Creative_logo4.jpg - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Key Blank Directories.zip » ZIP » Catalog 60 - 2004 International Cylinder.pdf - archive damaged - the file could not be extracted.
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\American Tension Tool\American Tension Tool.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Assorted & Misc\Assorted & Misc.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Brockhage DSL\Brockhage DSL.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Falle Safe Dial UP\Falle Safe Dial UP.zip » ZIP » falle safe 024.JPE - archive damaged - the file could not be extracted.
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Falle Safe DSL\Falle Safe DSL.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\HPC - Standard\HPC - Standard.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\HPC Regal Series DSL\HPC Regal Series DSL.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\LAB DSL\LAB DSL.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Peterson DSL\Peterson DSL.zip » ZIP » Picture 013.jpg - archive damaged - the file could not be extracted.
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Pick Images\Pick Images.zip » ZIP » sets/30140_w.jpg - archive damaged - the file could not be extracted.
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Pick Images\Pick Images.zip » ZIP » sets/s-lab-torque.jpg - archive damaged - the file could not be extracted.
C:\Users\admin\Documents\Books\Lockpicking Information Collection\Pick Templates.rar » RAR » Pick Templates\Southord Slim Line DSL\Southord Slim Line DSL.zip - incorrect CRC checksum, the file may be damaged
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Audio/00_Public Enemy #1_Eminem.wma - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Audio/Click1.ogg - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Audio/High1.ogg - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/autorun.cdd - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Buttons/11.Btn - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Buttons/9.Btn - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Buttons/Acik Mavi1.Btn - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Buttons/Grey_Pill.Btn - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Buttons/Mavi Acik.Btn - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Buttons/Soru.Btn - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Docs/CloneDVD v2.9.2.2.exe - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Docs/KeyMaker.exe - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Icons/Icon.ico - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Images/Capture 1.PNG - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Images/Capture 2.PNG - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » AutoPlay/Plugins/IRDissolveTransition.tns - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » autorun.exe - error - password-protected file
C:\Users\admin\Documents\Software\DVD.Cloner.VII.v7.10.992.Cracked-EAT\CloneDVD v2.9.2.2 + Keygen Setup\CloneDVD v2.9.2.2 + Keygen SETUP.exe » ZIP » Icon.ico - error - password-protected file
C:\Users\admin\Documents\Software\WinRAR v4.20 x86-x64 bit\32-Bit\wrar420.exe » RAR » Default.SFX » WINRARSFX - archive damaged
C:\Users\admin\Documents\Software\WinRAR v4.20 x86-x64 bit\32-Bit\wrar420.exe » RAR » Zip.SFX » WINRARSFX - archive damaged
C:\Users\admin\Downloads\[ www.Speed.Cd ] - Guitar.Center.Sessions.S01E08.Megadeth.720p.HDTV.x264-QCF\guitar.center.sessions.s01e08.megadeth.720p.hdtv.x264-qcf.part01.rar » RAR » Guitar.Center.Sessions.S01E08.Megadeth.720p.HDTV.x264-QCF.mkv - next archive volume not found
C:\Users\admin\Downloads\[ www.Speed.Cd ] - Guitar.Center.Sessions.S01E15.Janes.Addiction.720p.HDTV.x264-QCF\guitar.center.sessions.s01e15.janes.addiction.720p.hdtv.x264-qcf.part01.rar » RAR » Guitar.Center.Sessions.S01E15.Janes.Addiction.720p.HDTV.x264-QCF.mkv - next archive volume not found
C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\data\manifest.zip » ZIP » - archive damaged
Boot sector of disk E: - error opening [4]
E:\ - error opening [4]
F:\Comics\Batman\Sword Of Azrael\Sword of Azrael 03 - Direct Action.cbr » RAR » Batman - Sword Of Azrael #3 pg17.jpg - archive damaged
F:\Comics\Sleeper\Sleeper (v1)\Sleeper v1 03.cbr » RAR » Sleeper #03\Sleeper - 29.jpg - archive damaged
F:\Comics\Spawn #1-175\Spawn 007.cbr » RAR » Spawn #007\Spawn_#007_-_dl.rar » RAR » Spawn #007\Spawn#007-02.jpg - archive damaged
F:\Comics\Spawn #1-175\Spawn 095.cbr » RAR » pic1184766.jpeg - archive damaged
F:\Movies\Motorcycle Mania 4 - The History of The Chopper.xvid.K4RM4\Motorcycle Mania 4 - The History of The Chopper.xvid.K4RM4.rar » RAR » Motorcycle Mania 4 - The History of The Chopper.xvid.K4RM4.avi - next archive volume not found
F:\Rosetta stone - Excel - Programs\Rosetta Stone 2.0.8.1.iso » ISO » AUTORUN.APM » ZIP » amsdata.dat - error - password-protected file
F:\Video Games\Hearts of Iron 3\Hearts.of.Iron.III\sr-hoi3.rar » RAR » sr-hoi3.bin - next archive volume not found
F:\Video Games\Hearts of Iron 3\Hearts.of.Iron.III.Semper.Fi\t-hoi3sf.rar » RAR » t-hoi3sf.bin - next archive volume not found
Boot sector of disk G: - error opening [4]
G:\ - error opening [4]
Number of scanned objects: 922413
Number of threats found: 0
Time of completion: 12:36:35 AM Total scanning time: 12075 sec (03:21:15)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.
  • 0

#6
Nick Garcia
Posted 07 September 2014 - 08:25 PM

Nick Garcia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/4/2014
Scan Time: 5:07:47 PM
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.04.09
Rootkit Database: v2014.08.21.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: admin

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 676126
Time Elapsed: 3 hr, 1 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Warn

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Edited by Nick Garcia, 07 September 2014 - 08:25 PM.

  • 0

#7
DonnaB
Posted 07 September 2014 - 09:11 PM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts
Hi Nick,

Thank you for the logs. I see that ESET found the illegal files on your HDD(s). Under normal circumstances, it is strictly forbidden to help anyone with illegal software, ketgens etc, on their system as pointed out in our Terms of Use found under section 3.) rules p and q.

It appears that your problems might be of the hardware nature since I see no infections present. Let's run a chkdsk and see what it finds. This "test" will only scan your C:\ drive. We may have to check the other drives as well, but let's see what the condition of the main drive is in first.
  • Click on Start > Run and type in cmd
  • Press Enter
  • In the Command Prompt window type chkdsk c:/r (or copy and paste) and press Enter.
    Please Note the space between k c:/r
  • The next dialog box will now show the following:

    Chkdsk cannot run because the volume is in use by another
    process. Would you like to schedule this volume to be
    checked the next time the system restarts? <Y/N>
  • Type Y and reboot the computer.
  • Checkdisk will start once the computer reboots. It can take up to an hour or more to complete as it goes through the stages. Allow it to run uninterrupted till complete.
To find the log that is produced please do the following:

Please download ListChkdskResult by SleepyDude to the desktop.
  • Double click on the icon and click Run
  • The log will appear on your desktop as a .txt file and the notepad will open.
Please copy and paste the results in your next reply.

Thank you,

Donna :)
  • 0

#8
Nick Garcia
Posted 08 September 2014 - 02:38 AM

Nick Garcia

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
Thank you Donna, so very much. I honestly didn't know the rules, But I expected it and respect it. Will there be anything happening to my account here because of it?

Log Name: Application
Source: Microsoft-Windows-Wininit
Date: 9/8/2014 3:06:03 AM
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: XPS420
Description:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.
355200 file records processed.

790 large file records processed.

0 bad file records processed.

0 EA records processed.

76 reparse records processed.

430214 index entries processed.

0 unindexed files processed.

355200 security descriptors processed.

Cleaning up 6196 unused index entries from index $SII of file 0x9.
Cleaning up 6196 unused index entries from index $SDH of file 0x9.
Cleaning up 6196 unused security descriptors.
37508 data files processed.

CHKDSK is verifying Usn Journal...
36994392 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Read failure with status 0xc000009c at offset 0x84c3f1c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x84c3f1e000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x83b201d000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x83b202a000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x83b202b000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x83b202b000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x83b202c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x8422d2c000 for 0x10000 bytes.
Windows replaced bad clusters in file 13304
of name \SYSTEM~1\{D7B72~1.
Read failure with status 0xc000009c at offset 0x6a688d8000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x6a688de000 for 0x1000 bytes.
Windows replaced bad clusters in file 176644
of name \SYSTEM~1\{D7B72~3.
Read failure with status 0xc000009c at offset 0x7aa13a0000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x7aa13af000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x7aa13b0000 for 0x10000 bytes.
Windows replaced bad clusters in file 301845
of name \PROGRA~1\Steam\STEAMA~1\common\WARGAM~2\Maps\wargame\PC\CARTE_~3.DAT.
355184 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
49355202 free clusters processed.

Free space verification is complete.
Adding 7 bad clusters to the Bad Clusters File.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

716787711 KB total disk space.
518718500 KB in 303367 files.
158268 KB in 37509 indexes.
28 KB in bad sectors.
490111 KB in use by the system.
65536 KB occupied by the log file.
197420804 KB available on disk.

4096 bytes in each allocation unit.
179196927 total allocation units on disk.
49355201 allocation units available on disk.

Internal Info:
80 6b 05 00 98 33 05 00 fb 48 09 00 00 00 00 00 .k...3...H......
49 73 00 00 4c 00 00 00 00 00 00 00 00 00 00 00 Is..L...........
42 00 00 00 e2 73 7f 77 68 86 0d 00 68 7e 0d 00 B....s.wh...h~..

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.micro.../events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2014-09-08T08:06:03.000Z" />
<EventRecordID>15552</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>XPS420</Computer>
<Security />
</System>
<EventData>
<Data>

Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.
355200 file records processed.

790 large file records processed.

0 bad file records processed.

0 EA records processed.

76 reparse records processed.

430214 index entries processed.

0 unindexed files processed.

355200 security descriptors processed.

Cleaning up 6196 unused index entries from index $SII of file 0x9.
Cleaning up 6196 unused index entries from index $SDH of file 0x9.
Cleaning up 6196 unused security descriptors.
37508 data files processed.

CHKDSK is verifying Usn Journal...
36994392 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Read failure with status 0xc000009c at offset 0x84c3f1c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x84c3f1e000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x83b201d000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x83b202a000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x83b202b000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x83b202b000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x83b202c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x8422d2c000 for 0x10000 bytes.
Windows replaced bad clusters in file 13304
of name \SYSTEM~1\{D7B72~1.
Read failure with status 0xc000009c at offset 0x6a688d8000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x6a688de000 for 0x1000 bytes.
Windows replaced bad clusters in file 176644
of name \SYSTEM~1\{D7B72~3.
Read failure with status 0xc000009c at offset 0x7aa13a0000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x7aa13af000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0x7aa13b0000 for 0x10000 bytes.
Windows replaced bad clusters in file 301845
of name \PROGRA~1\Steam\STEAMA~1\common\WARGAM~2\Maps\wargame\PC\CARTE_~3.DAT.
355184 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
49355202 free clusters processed.

Free space verification is complete.
Adding 7 bad clusters to the Bad Clusters File.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

716787711 KB total disk space.
518718500 KB in 303367 files.
158268 KB in 37509 indexes.
28 KB in bad sectors.
490111 KB in use by the system.
65536 KB occupied by the log file.
197420804 KB available on disk.

4096 bytes in each allocation unit.
179196927 total allocation units on disk.
49355201 allocation units available on disk.

Internal Info:
80 6b 05 00 98 33 05 00 fb 48 09 00 00 00 00 00 .k...3...H......
49 73 00 00 4c 00 00 00 00 00 00 00 00 00 00 00 Is..L...........
42 00 00 00 e2 73 7f 77 68 86 0d 00 68 7e 0d 00 B....s.wh...h~..

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
</EventData>
</Event>
  • 0

#9
DonnaB
Posted 08 September 2014 - 05:34 AM

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 8,529 posts

Thank you Donna, so very much. I honestly didn't know the rules, But I expected it and respect it. Will there be anything happening to my account here because of it?


Good morning Nick,

You're most welcome. :)

Your account here is fine at the moment. We do frown upon those who tend to continue with their illicit practices after we have pointed out that stealing is wrong. Nobody wants to put their heart and soul into something only to have someone else come along and "crack" the code to get it for free. Now that I have pointed you in the right direction, please refrain from such illicit practices from now on. We would be ecstatic if you chose to delete all the "stolen" files and purchased them like the majority of the good people of the world have.

As I suspected, there are some bad sectors (as shown below) on your hard drive (HDD), meaning that at any time your HDD could crash and you could lose all your personal data. Your HDD will need to be replaced.

716787711 KB total disk space.
518718500 KB in 303367 files.
158268 KB in 37509 indexes.
28 KB in bad sectors.
490111 KB in use by the system.
65536 KB occupied by the log file.
197420804 KB available on disk.

This test only checked the C:\ drive, though the ESET log showed that drives E:\, F:\ and G:\ are having issues as well. I'm not sure if this is due to the C:\ drive going bad or the file corruption found on the drive and can not read the externals. You could check those drives as well by following the instructions in the link below:

How to use the Windows Disk Error Checking feature on an external drive

Feel free to post the results found in a reply.

If you have any questions at all on the instructions in the link, do not hesitate to ask.

Thank you,
Donna :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP