Hi I am not sure if I have any malware on here or not but it was suggested that I come here and find out. I originally posted in the Microsoft windows forum here is my
link: http://forums.whatth...howtopic=128258
The blue screens and freezing has seemed to stop for the most part occasionally i will get a couple freezes but, it has not been as bad as it was before.
I am having trouble trying to do the Auslogics defrag i think it was not installed correctly.
One other thing about a day after I started my topic when I start my computer it starts but then it goes to a black screen saying it needs to check the file system c because one of the disk needs to be checked for consistency and it seems to take about 5-10 minutes doing checking it before I get to the log on page.
Anyway just wanted to let you know and thanks in advance
ETA: Sorry I was in a hurry to post this topic and I forgot to do the logs but here you go and, just wanted to let you know there was a problem that came up with all of them. For OTL it said something about a corrupt file .000 in C I believe and said i should use CHKDSK to check it out, for HiJackthis something about it could not run but it did give me a log, and for D.D.S.. Windows could not open this file: PEV.DAT and ask what program it should use. I didn't do anything so I have no log for that not sure what I should do for it.
ETA I was able to D.D,S. with the second link I posted them on down.
OTL Extras logfile created on: 6/8/2014 10:29:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Family.User-PC\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 76.19% Memory free
5.72 Gb Paging File | 4.25 Gb Available in Paging File | 74.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.70 Gb Total Space | 58.07 Gb Free Space | 48.52% Space Free | Partition Type: NTFS
Drive D: | 103.42 Gb Total Space | 103.20 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive H: | 1.89 Gb Total Space | 1.35 Gb Free Space | 71.55% Space Free | Partition Type: FAT
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F039C34-56E5-4C23-A0F9-241C1F112BA4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1BC41A91-5633-402D-BCAE-3694F37BF5E1}" = lport=138 | protocol=17 | dir=in | app=system |
"{2F7F4435-373D-41FF-9663-98332626EF21}" = rport=445 | protocol=6 | dir=out | app=system |
"{34CCA815-67F6-42C9-B07E-BEF569E3D108}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5B5AFB8E-C137-47C4-B1F9-A1DDB3DDD818}" = rport=138 | protocol=17 | dir=out | app=system |
"{5BBDFDC2-5DE4-4E5A-AB8B-025F754897AD}" = lport=139 | protocol=6 | dir=in | app=system |
"{5DC78142-5C3C-4840-81AD-2986D396390F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7127F03F-1FCE-48EE-8A8F-8C6B8D7C91F8}" = rport=139 | protocol=6 | dir=out | app=system |
"{7C4CF7C3-01B9-40A6-BEC9-2968CD22D4C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7DA809EE-2CDC-44C1-8F11-A17DB6905B1D}" = rport=137 | protocol=17 | dir=out | app=system |
"{89EDA2CB-72B1-4758-AD19-1FB87829AFA1}" = lport=445 | protocol=6 | dir=in | app=system |
"{913528BC-1F95-49C0-8347-51E1F22B6F7F}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{981B21D8-8F14-4D44-9DDA-4A804B7EA378}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A2F8D20E-B7A7-4FAA-917D-89B25E289259}" = lport=137 | protocol=17 | dir=in | app=system |
"{AD9C1CB7-C5C7-4F0A-AFD5-FE7C3C592441}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE53EE72-598E-4E2D-9DC5-7DC336B63662}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDB40C69-1FD8-4054-A25D-C396F87FA03B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E35070D3-E603-42D5-A59C-148156A7845B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F69DEC9D-10C9-4287-A8D9-65F875DFBA3D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B4998B-5924-450F-AEF9-4BDA12EFD12F}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{10CDB30A-84CF-4DA3-835E-BC1692B24E47}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{19B4CE13-048A-4191-BD57-D7E32FD79815}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1D77E521-D2DF-43B7-AE81-574AA49F7CD5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{1FE901D8-D7A9-4281-9428-AFBF435BFC9D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2E9A4533-1359-46B6-B326-2B899D73FD10}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3B669851-018A-4040-9571-5404D19BD764}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4159B829-1096-46FB-954D-B187B7B0252D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{505ED723-A2BA-473E-AEAE-3BD5181A5754}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{6299EEE5-1856-4B10-9916-798B1C1AEF89}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{6383B295-BB65-4F28-8CE6-87852904AFC6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{708ABF94-8F1B-4663-99CB-CBDE0C7A8EB0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7B6B3B53-9D2B-40C9-B91F-FE85E1D6A25A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{7BB3097A-3125-4981-9834-679B5636377D}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{7D1CE16D-8631-458E-8382-54CE0C38BDEB}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{81B6CD0B-8F08-4C12-8532-E56DF5350339}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{8BCD640B-594A-465F-8A9E-E5A6C07DC081}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{8FFE3A8A-4C75-43A0-BFF3-95FDFDA33BE2}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{948000F3-8719-4206-B4C5-6506B663184F}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{ADE9CF49-7A0E-4076-9B85-7648EC5E7736}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B0FC188F-249E-43D9-859D-89A0F334AEDC}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{CB9791DA-21DC-43B2-AB15-F686C82A082C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D430641B-178B-4C39-B53C-F6B3221DB01A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{D487D8E1-D633-424C-A312-3EEAE09D757D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{EDAD7C9C-2B42-422A-A171-019C0C88A98B}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{F3CFA48D-AE6A-482E-96D7-2390C5C0FDF5}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"TCP Query User{5E3B79FF-3FC8-4C18-8575-9573A9498629}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{EF28F392-0934-4ED4-A4F3-2894DF0DB4DF}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{63EC79FD-A794-4B5E-B99E-460459D8788E}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{73FB1A43-FD1B-48E2-ABA5-5DD0AB6D0334}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01358C56-44F4-B8B3-8757-06F2A864A863}" = ATI Catalyst Install Manager
"{0556F885-2415-4666-B53E-33727E46AEA1}" = The Movies
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CC9C896-21C0-4F9F-AEB8-EB3BF9B0AD36}" = ActivInspire v1
"{3D8C96C4-CEB6-4B97-BA4C-9BB7DF083224}" = ActivInspire HWR Resources (ENU) v1
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARD_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARD_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B0CB0468-17F6-4D83-8D44-7B9CB66D4D1B}" = ActivDriver x86 v5.9
"{B0FA2C62-A4DA-4805-96CC-C6B42CBB5CC1}" = ActivInspire Help (USA) v1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FCD243AC-C4FF-48B5-AE57-7B91EDD2EE90}" = ActivInspire Core Resources (ENU) v1
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"ESET Online Scanner" = ESET Online Scanner v3
"Finale 2012" = Finale 2012
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyPC Backup" = MyPC Backup
"NTI Open File Manager" = NTI Open File Manager (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"STANDARD" = Microsoft Office Standard 2007
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/6/2014 2:02:00 PM | Computer Name = User-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 6/6/2014 2:02:00 PM | Computer Name = User-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 6/6/2014 3:00:58 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2014 3:31:14 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2014 4:53:23 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2014 5:54:41 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18639 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 10ec Start Time: 01cf81d0b283388e Termination Time: 15
Error - 6/6/2014 6:56:07 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2014 11:00:04 PM | Computer Name = User-PC | Source = Perflib | ID = 1008
Description =
Error - 6/6/2014 11:00:04 PM | Computer Name = User-PC | Source = Perflib | ID = 1010
Description =
Error - 6/6/2014 11:00:08 PM | Computer Name = User-PC | Source = Perflib | ID = 1008
Description =
[ System Events ]
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume ACER.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume ACER.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume ACER.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume ACER.
Error - 6/8/2014 10:42:51 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume ACER.
Error - 6/8/2014 10:50:18 PM | Computer Name = User-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
< End of report >
OTL logfile created on: 6/8/2014 10:29:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Family.User-PC\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 76.19% Memory free
5.72 Gb Paging File | 4.25 Gb Available in Paging File | 74.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.70 Gb Total Space | 58.07 Gb Free Space | 48.52% Space Free | Partition Type: NTFS
Drive D: | 103.42 Gb Total Space | 103.20 Gb Free Space | 99.79% Space Free | Partition Type: NTFS
Drive H: | 1.89 Gb Total Space | 1.35 Gb Free Space | 71.55% Space Free | Partition Type: FAT
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Family.User-PC\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe ()
PRC - C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe (Promethean)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\SysMonitor.exe ()
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
PRC - C:\Program Files\Acer Assist\AcerAssist.exe (Acer Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e3180b4230f052996adb81da3dc64ad0\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c933fd5d1d27f268331890d7ddba8fec\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Windows\libactivboardex.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Acer\Empowering Technology\SysMonitor.exe ()
MOD - C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll ()
MOD - C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll ()
MOD - C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll ()
MOD - C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll ()
MOD - C:\Acer\Empowering Technology\eSettings\eSettings.View.dll ()
MOD - C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll ()
MOD - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll ()
MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll ()
MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll ()
MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll ()
MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll ()
MOD - C:\Acer\Empowering Technology\MemCheck.Interface.dll ()
MOD - C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll ()
========== Services (SafeList) ==========
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (0216941402117894mcinstcleanup) -- C:\Users\User\AppData\Local\Temp\021694~1.EXE (McAfee, Inc.)
SRV - (BackupStack) -- C:\Program Files\MyPC Backup\BackupStack.exe (Just Develop It)
SRV - (ActivControl) -- C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe (Promethean)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
========== Driver Services (SafeList) ==========
DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\User\AppData\Local\Temp\catchme.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswsnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswsp.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswrdr.sys (AVAST Software)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
DRV - (aswHwid) -- C:\Windows\System32\drivers\aswHwid.sys ()
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (FAMv4) -- C:\Windows\System32\drivers\FAMv4.sys (FAMv4)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (zntport) -- C:\Windows\System32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (tvicport) -- C:\Windows\System32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Users\Guest\AppData\Local\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Users\Guest\AppData\Local\Mozilla Firefox\plugins
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Google Wallet = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
O1 HOSTS File: ([2014/03/02 08:56:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [ActivManager] C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKCU..\RunOnce: [JRTcleanup] C:\Users\User\AppData\Local\Temp\jrt\JRT.bat ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{429534DA-931A-4D7E-8EC3-75992BA2B5E7}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\ACERDV~2\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: wave2 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/06/08 14:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/06/08 14:51:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/06/08 13:19:12 | 000,000,000 | ---D | C] -- C:\Course Technology
[2014/06/07 01:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/06/07 01:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/06/07 01:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/06/07 00:59:14 | 036,818,984 | ---- | C] (Dropbox, Inc.) -- C:\Users\Public\Desktop\DropboxInstallerAvast.exe
[2014/06/07 00:58:58 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/06/07 00:58:57 | 000,777,488 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/06/07 00:58:57 | 000,776,976 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys.1402117467588
[2014/06/07 00:58:57 | 000,411,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/06/07 00:58:57 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/06/07 00:58:57 | 000,054,832 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswrdr.sys.1402117467588
[2014/06/07 00:58:57 | 000,054,832 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswrdr.sys
[2014/06/07 00:58:56 | 000,271,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/06/07 00:58:43 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/06/07 00:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/06/07 00:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/06/07 00:01:31 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/06/07 00:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/07 00:00:37 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/06/07 00:00:37 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/06/07 00:00:37 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/06/07 00:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/06/07 00:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/04 18:21:26 | 000,000,000 | ---D | C] -- C:\Users\User\Option
[2014/06/04 12:19:59 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2014/06/04 12:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2014/05/28 14:28:10 | 000,000,000 | -HSD | C] -- C:\Users\User\AppData\Roaming\.#
[2014/05/16 08:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
========== Files - Modified Within 30 Days ==========
[2014/06/08 22:24:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf68a7b8fbbce6.job
[2014/06/08 22:19:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/08 22:09:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/08 20:41:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/08 20:41:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/08 19:38:08 | 000,607,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/06/08 19:38:08 | 000,104,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/06/08 17:24:01 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/08 14:51:30 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/08 08:41:14 | 2951,946,240 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/07 01:04:54 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/06/07 01:04:27 | 000,777,488 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/06/07 01:04:27 | 000,411,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/06/07 01:04:27 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswrdr.sys
[2014/06/07 01:04:03 | 036,818,984 | ---- | M] (Dropbox, Inc.) -- C:\Users\Public\Desktop\DropboxInstallerAvast.exe
[2014/06/07 00:58:44 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys.1402117467588
[2014/06/07 00:58:44 | 000,180,632 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/06/07 00:58:44 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/06/07 00:58:44 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/06/07 00:58:44 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswrdr.sys.1402117467588
[2014/06/07 00:58:44 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/06/07 00:58:44 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/06/07 00:58:43 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/06/07 00:58:43 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/06/07 00:02:46 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/06/04 18:21:50 | 000,001,024 | RH-- | M] () -- C:\Windows\System32\NTIOFM4.dll
[2014/05/30 14:55:04 | 000,001,999 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/05/29 13:06:20 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{68CFDBC1-2EA6-4D14-9144-1989C235FBCA}.job
[2014/05/23 21:31:07 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/05/13 16:21:57 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/05/13 16:21:57 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/05/12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/05/12 07:25:58 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2014/06/08 14:51:30 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/08 14:51:30 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/07 01:04:54 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/06/07 00:58:57 | 000,180,632 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/06/07 00:58:57 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/06/07 00:58:57 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/05/29 12:59:23 | 2951,946,240 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/28 05:15:27 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/02/28 05:15:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/02/27 11:53:06 | 000,186,192 | ---- | C] () -- C:\Windows\libactivboardex.dll
[2012/10/12 12:14:53 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2012/10/12 12:14:53 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2012/10/12 12:12:32 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\INT15_DETECT.EXE
[2012/10/12 12:11:32 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2012/10/12 12:11:32 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
========== ZeroAccess Check ==========
[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 22:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/05/28 14:29:37 | 000,000,000 | -HSD | M] -- C:\Users\User\AppData\Roaming\.#
[2012/10/12 12:17:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acer
[2008/02/05 15:54:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acer GameZone Console
[2013/05/23 18:34:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ACTIV Software
[2013/02/17 17:36:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\eSobi
[2012/10/12 12:17:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2014/02/11 18:32:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Lionhead Studios
[2013/04/29 19:39:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MusE
[2014/04/17 13:05:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Optimizer Pro
[2014/05/29 16:39:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Promethean
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\erdnt\cache\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: EXPLORER.EXE.HU.KDMP >
[2014/02/12 09:04:54 | 052,402,949 | ---- | M] () MD5=907072276C31F7B51E28F3642F55D04D -- C:\Users\Family\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report132dbebc\Explorer.EXE.hu.kdmp
< MD5 for: EXPLORER.EXE.MUI >
[2006/11/02 08:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\en-US\explorer.exe.mui
[2006/11/02 08:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_03bbc52176b6ba20\explorer.exe.mui
< MD5 for: EXPLORER.EXE.XML >
[2014/02/12 09:04:54 | 000,003,412 | ---- | M] () MD5=5F8C3516EF389D5AE78BF3624503E7EA -- C:\Users\Family\AppData\Local\Microsoft\Windows\WER\ReportQueue\Report132dbebc\Explorer.EXE.xml
< MD5 for: IEXPLORE.BAT >
[2014/04/06 01:13:18 | 000,031,401 | ---- | M] () MD5=335DFF8F23E5EC02B5426362F0F8509B -- C:\Users\User\AppData\Local\temp\jrt\iexplore.bat
< MD5 for: IEXPLORE.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
[2009/04/11 02:27:44 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[2008/01/20 22:23:50 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
[2011/04/21 10:34:57 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=6C93AC7C0A8718E2A1543DB1B1B3B19F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22905_none_2ff0ad763317887e\iexplore.exe
[2011/04/21 11:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=77B9A891222FB46B13E414B99E1AF842 -- C:\Program Files\Internet Explorer\iexplore.exe
[2011/04/21 11:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=77B9A891222FB46B13E414B99E1AF842 -- C:\Windows\erdnt\cache\iexplore.exe
[2011/04/21 11:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=77B9A891222FB46B13E414B99E1AF842 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18639_none_2f4a9e431a0ea795\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2006/11/02 08:41:15 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2006/11/02 08:41:15 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_3b55b11a57da5590\iexplore.exe.mui
< MD5 for: SERVICES >
[2006/09/18 17:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 17:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
< MD5 for: SERVICES.DAT >
[2014/04/06 00:32:27 | 000,004,173 | ---- | M] () MD5=ED018DB6916ACAB46011A330B4B116AA -- C:\Users\User\AppData\Local\temp\jrt\services.dat
< MD5 for: SERVICES.DOCX >
[2010/01/19 21:59:04 | 000,019,237 | ---- | M] () MD5=9046C486AA4E53FE25090C454149E5A7 -- C:\Course Technology\New Perspectives\NP on Microsoft Office 2010 First Course\Data Files\Data Files for Text\Word2\Review\Services.docx
[2010/01/19 21:59:04 | 000,019,237 | ---- | M] () MD5=9046C486AA4E53FE25090C454149E5A7 -- C:\Users\Family.User-PC\Desktop\CIS 110\Word2\Review\Services.docx
< MD5 for: SERVICES.EXE >
[2008/01/20 22:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\erdnt\cache\services.exe
[2008/01/20 22:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008/01/20 22:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 08:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 08:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
< MD5 for: SERVICES.LNK >
[2008/01/20 22:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 22:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 17:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
< MD5 for: SERVICES.MSC >
[2006/11/02 08:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 08:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 17:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
< MD5 for: WINLOGON.EXE >
[2014/05/12 07:24:30 | 000,750,392 | ---- | M] (MalwareBytes) MD5=09882E8EDD1144E6EF1AF6D1F98305EE -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\bcfed137e95e2bc1b83ef80262a82b16\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\erdnt\cache\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2008/01/20 22:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2008/01/20 22:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui
[2006/11/02 08:40:50 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui
< MD5 for: WINLOGON.MOF >
[2006/09/18 17:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\System32\wbem\winlogon.mof
[2006/09/18 17:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/20 22:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/02/05 14:07:22 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2014/03/05 08:32:52 | 000,001,369 | ---- | M] () -- C:\DelFix.txt
[2014/06/08 08:41:14 | 2951,946,240 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/07 17:35:20 | 000,000,090 | ---- | M] () -- C:\MDisc.log
[2007/06/28 04:44:50 | 000,000,512 | ---- | M] () -- C:\MDR.iss
[2014/06/07 17:36:27 | 000,000,090 | ---- | M] () -- C:\MDR.log
[2014/06/08 08:41:12 | 3265,802,240 | -HS- | M] () -- C:\pagefile.sys
[2008/02/05 15:27:11 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log
< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 08:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 17:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/01/20 22:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 23:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2006/10/19 10:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Normal).scr
[2006/10/19 10:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Wide).scr
[2014/06/07 00:58:43 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2008/01/20 22:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is ACER
Volume Serial Number is 2021-A846
Directory of C:\
11/02/2006 09:02 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
< %systemroot%\System32\config\*.sav >
[2008/02/05 14:07:13 | 012,820,480 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/02/05 14:07:09 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/02/05 14:07:13 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008/02/05 14:07:19 | 017,186,816 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008/02/05 14:07:20 | 006,639,616 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/02/16 16:48:55 | 000,000,286 | -HS- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2014/04/19 14:41:53 | 027,761,056 | ---- | M] (Microsoft Corporation) -- C:\Users\User\Desktop\ZooTycoon.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2014-06-07 21:22:52
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:131C0EE9
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:EC2246A6
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:9F683177
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:FC420CE6
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:FEBEC560
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:3E7393FC
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:193426B4
< End of report >
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:58 PM, on 6/8/2014
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Family.User-PC\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ActivManager] C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0216941402117894) (0216941402117894mcinstcleanup) - Unknown owner - C:\Users\User\AppData\Local\Temp\021694~1.EXE (file missing)
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: ActivControl - Promethean - C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 10302 bytes
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18639 BrowserJavaVersion: 10.55.2
Run by User at 22:48:03 on 2014-06-09
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2815.1779 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Activ Software\ActivDriver\ActivControlsvc.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\Explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe -k wdisvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [JRTcleanup] c:\users\user\appdata\local\temp\jrt\JRT.bat
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"
mRun: [Acer Empowering Technology Monitor] c:\acer\empowering technology\SysMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [PCMMediaSharing] c:\program files\acer arcade live\acer homemedia connect\kernel\dms\PCMMediaSharing.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [Acer Product Registration] "c:\program files\acer registration\ACE1.exe" /startup
mRun: [Acer Assist Launcher] c:\program files\acer assist\launcher.exe
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ActivManager] c:\program files\activ software\activdriver\ActivMgr.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRunOnce: [*WerKernelReporting] c:\windows\system32\WerFault.exe -k -rq
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} - hxxp://zone.msn.com/bingame/cnma/default/cinematycoon.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{429534DA-931A-4D7E-8EC3-75992BA2B5E7} : DHCPNameServer = 192.168.1.254
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.114\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-6-7 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-6-7 180632]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-6-7 777488]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-6-7 411680]
R1 FAMv4;FAMv4;c:\windows\system32\drivers\FAMv4.sys [2007-12-14 132120]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2008-2-5 269448]
R2 ActivControl;ActivControl;c:\program files\activ software\activdriver\ActivControlsvc.exe [2013-2-27 21328]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-6-7 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-6-7 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-6-7 50344]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2007-12-30 21752]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-6-7 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-6-7 860472]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2007-12-30 54520]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2007-12-30 136440]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-6-7 23256]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-6-7 51928]
S2 0216941402117894mcinstcleanup;McAfee Application Installer Cleanup (0216941402117894);c:\users\user\appdata\local\temp\021694~1.exe -cleanup -nolog --> c:\users\user\appdata\local\temp\021694~1.EXE -cleanup -nolog [?]
S2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2014-2-18 36392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-6-7 110296]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-06-10 01:54:45 -------- d-----w- c:\program files\Dropbox
2014-06-10 01:54:43 -------- d-----w- c:\users\user\appdata\roaming\Dropbox
2014-06-08 18:51:29 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-06-08 17:19:12 -------- d-----w- C:\Course Technology
2014-06-07 05:40:44 -------- d-----w- c:\program files\CCleaner
2014-06-07 04:58:57 777488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-07 04:58:57 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-07 04:58:57 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-06-07 04:58:57 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-07 04:58:57 180632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-07 04:58:43 43152 ----a-w- c:\windows\avastSS.scr
2014-06-07 04:57:24 -------- d-----w- c:\program files\AVAST Software
2014-06-07 04:54:08 -------- d-----w- c:\programdata\AVAST Software
2014-06-07 04:01:31 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-07 04:00:37 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-07 04:00:37 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-07 04:00:37 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-07 04:00:36 -------- d-----w- c:\programdata\Malwarebytes
2014-06-07 04:00:36 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-06-06 13:23:56 8073384 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0ea3c426-ee5e-4a79-b4a4-cb95f51b3da6}\mpengine.dll
2014-06-04 22:21:26 -------- d-----w- c:\users\user\Option
2014-06-04 16:19:59 -------- d-----w- c:\programdata\iolo
2014-06-04 16:19:59 -------- d-----w- c:\program files\iolo
2014-05-28 18:28:10 -------- d-sh--w- c:\users\user\appdata\roaming\.#
.
==================== Find3M ====================
.
2014-06-07 04:58:44 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1402117467588
2014-06-07 04:58:44 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1402117467588
2014-06-04 22:21:50 1024 ---h--r- c:\windows\system32\NTIOFM4.dll
2014-05-13 20:21:57 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 20:21:57 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-23 21:11:44 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-01 02:46:48 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-04-01 02:46:48 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-31 13:35:10 231584 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 22:49:08.78 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/12/2012 4:02:53 PM
System Uptime: 6/9/2014 5:10:23 PM (5 hours ago)
.
Motherboard: ACER | | MCP73
Processor: Intel® Pentium® Dual CPU E2160 @ 1.80GHz | SOCKET775 M/B | 1803/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 120 GiB total, 57.668 GiB free.
D: is FIXED (NTFS) - 103 GiB total, 103.201 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0002
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0002
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0003
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0003
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0004
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0004
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0005
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0005
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0006
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0006
Service: tunmp
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0007
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0007
Service: tunmp
.
==== System Restore Points ===================
.
RP306: 5/31/2014 6:47:05 PM - Scheduled Checkpoint
RP307: 6/1/2014 8:50:49 PM - Scheduled Checkpoint
RP308: 6/3/2014 1:22:37 PM - Scheduled Checkpoint
RP309: 6/3/2014 2:26:56 PM - Windows Update
RP310: 6/4/2014 11:50:22 AM - Scheduled Checkpoint
RP311: 6/4/2014 11:56:15 AM - Windows Update
RP312: 6/5/2014 11:16:48 AM - Windows Update
RP313: 6/6/2014 9:22:41 AM - Windows Update
RP315: 6/7/2014 12:56:56 AM - avast! antivirus system restore point
RP316: 6/7/2014 2:34:23 PM - Scheduled Checkpoint
RP317: 6/7/2014 5:14:16 PM - Windows Update
RP319: 6/7/2014 11:28:31 PM - Removed Bee Movie Game Demo
RP320: 6/8/2014 10:31:59 PM - OTL Restore Point - 6/8/2014 10:31:58 PM
RP321: 6/9/2014 11:46:41 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Acer Arcade Live Main Page
Acer Assist
Acer DV Magician
Acer eDataSecurity Management
Acer Empowering Technology
Acer ePerformance Management
Acer eSettings Management
Acer HomeMedia
Acer HomeMedia Connect
Acer HomeMedia Trial Creator
Acer Registration
Acer ScreenSaver
Acer SlideShow DVD
Acer VideoMagician
Activation Assistant for the 2007 Microsoft Office suites
ActivDriver x86 v5.9
ActivInspire Core Resources (ENU) v1
ActivInspire Help (USA) v1
ActivInspire HWR Resources (ENU) v1
ActivInspire v1
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader 8.1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
avast! Free Antivirus
Bonjour
CCleaner
ESET Online Scanner v3
eSobi v2
Finale 2012
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java 7 Update 55
Java Auto Updater
LightScribe 1.4.142.1
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Motorola SM56 Speakerphone Modem
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyPC Backup
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NTI Open File Manager (remove only)
NVIDIA Control Panel 307.83
NVIDIA Drivers
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Update 1.10.8
NVIDIA Update Components
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition
The Movies
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/6/2014 9:07:43 AM, Error: EventLog [6008] - The previous system shutdown at 9:02:08 AM on 6/6/2014 was unexpected.
6/6/2014 8:56:27 AM, Error: EventLog [6008] - The previous system shutdown at 8:51:25 AM on 6/6/2014 was unexpected.
6/6/2014 4:52:37 PM, Error: EventLog [6008] - The previous system shutdown at 4:09:14 PM on 6/6/2014 was unexpected.
6/6/2014 3:51:54 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect.
6/6/2014 3:51:54 PM, Error: Service Control Manager [7000] - The McAfee Home Network service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/6/2014 3:51:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Proxy Service service to connect.
6/6/2014 3:51:09 PM, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/6/2014 3:31:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Malware Core service to connect.
6/6/2014 3:31:46 PM, Error: Service Control Manager [7000] - The McAfee Anti-Malware Core service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/6/2014 3:30:29 PM, Error: EventLog [6008] - The previous system shutdown at 3:06:59 PM on 6/6/2014 was unexpected.
6/6/2014 12:26:58 PM, Error: EventLog [6008] - The previous system shutdown at 12:20:40 PM on 6/6/2014 was unexpected.
6/6/2014 12:17:19 PM, Error: EventLog [6008] - The previous system shutdown at 12:10:52 PM on 6/6/2014 was unexpected.
6/6/2014 12:11:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
6/6/2014 1:58:44 PM, Error: EventLog [6008] - The previous system shutdown at 1:52:44 PM on 6/6/2014 was unexpected.
6/6/2014 1:41:59 PM, Error: EventLog [6008] - The previous system shutdown at 1:33:37 PM on 6/6/2014 was unexpected.
6/6/2014 1:13:54 PM, Error: EventLog [6008] - The previous system shutdown at 1:08:44 PM on 6/6/2014 was unexpected.
6/5/2014 9:56:27 AM, Error: EventLog [6008] - The previous system shutdown at 9:53:37 AM on 6/5/2014 was unexpected.
6/5/2014 9:51:45 AM, Error: EventLog [6008] - The previous system shutdown at 8:45:21 PM on 6/4/2014 was unexpected.
6/5/2014 5:58:49 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.5 for the Network Card with network address 001D9246A9D4 has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
6/5/2014 4:26:25 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
6/5/2014 4:26:24 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume ACER.
6/5/2014 4:22:10 PM, Error: EventLog [6008] - The previous system shutdown at 4:16:12 PM on 6/5/2014 was unexpected.
6/5/2014 4:14:25 PM, Error: EventLog [6008] - The previous system shutdown at 3:47:17 PM on 6/5/2014 was unexpected.
6/5/2014 3:47:17 PM, Error: EventLog [6008] - The previous system shutdown at 3:45:29 PM on 6/5/2014 was unexpected.
6/5/2014 11:02:26 AM, Error: EventLog [6008] - The previous system shutdown at 10:38:31 AM on 6/5/2014 was unexpected.
6/5/2014 10:31:11 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
6/5/2014 10:31:11 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/5/2014 10:27:38 AM, Error: EventLog [6008] - The previous system shutdown at 10:23:47 AM on 6/5/2014 was unexpected.
6/5/2014 10:20:55 AM, Error: EventLog [6008] - The previous system shutdown at 10:19:57 AM on 6/5/2014 was unexpected.
6/5/2014 10:15:05 AM, Error: EventLog [6008] - The previous system shutdown at 10:12:36 AM on 6/5/2014 was unexpected.
6/5/2014 10:06:43 AM, Error: EventLog [6008] - The previous system shutdown at 9:57:20 AM on 6/5/2014 was unexpected.
6/4/2014 8:36:29 PM, Error: EventLog [6008] - The previous system shutdown at 8:30:51 PM on 6/4/2014 was unexpected.
6/4/2014 6:20:26 PM, Error: EventLog [6008] - The previous system shutdown at 6:05:24 PM on 6/4/2014 was unexpected.
6/4/2014 5:52:55 PM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.175.864.0 Loading engine version: 1.1.10600.0
6/4/2014 5:31:13 PM, Error: EventLog [6008] - The previous system shutdown at 5:26:52 PM on 6/4/2014 was unexpected.
6/4/2014 5:19:00 PM, Error: EventLog [6008] - The previous system shutdown at 5:16:32 PM on 6/4/2014 was unexpected.
6/4/2014 5:12:40 PM, Error: EventLog [6008] - The previous system shutdown at 5:10:43 PM on 6/4/2014 was unexpected.
6/4/2014 5:05:51 PM, Error: EventLog [6008] - The previous system shutdown at 5:02:57 PM on 6/4/2014 was unexpected.
6/4/2014 3:26:02 PM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.175.864.0 Loading engine version: 1.1.10600.0
6/4/2014 3:02:21 PM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.175.864.0 Loading engine version: 1.1.10600.0
6/4/2014 2:38:06 PM, Error: EventLog [6008] - The previous system shutdown at 2:32:52 PM on 6/4/2014 was unexpected.
6/4/2014 2:30:00 PM, Error: EventLog [6008] - The previous system shutdown at 2:27:48 PM on 6/4/2014 was unexpected.
6/4/2014 2:21:56 PM, Error: EventLog [6008] - The previous system shutdown at 2:19:41 PM on 6/4/2014 was unexpected.
6/4/2014 2:16:16 PM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/4/2014 2:16:16 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/4/2014 2:16:16 PM, Error: Service Control Manager [7031] - The McAfee Platform Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/4/2014 2:16:16 PM, Error: Service Control Manager [7031] - The McAfee Home Network service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
6/4/2014 10:22:09 AM, Error: Microsoft-Windows-Windows Defender [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.175.864.0 Loading engine version: 1.1.10600.0
6/4/2014 10:06:23 AM, Error: EventLog [6008] - The previous system shutdown at 10:04:45 AM on 6/4/2014 was unexpected.
6/4/2014 10:02:53 AM, Error: EventLog [6008] - The previous system shutdown at 10:02:09 AM on 6/4/2014 was unexpected.
6/4/2014 1:25:27 PM, Error: EventLog [6008] - The previous system shutdown at 1:24:20 PM on 6/4/2014 was unexpected.
6/3/2014 9:51:28 AM, Error: EventLog [6008] - The previous system shutdown at 9:46:51 AM on 6/3/2014 was unexpected.
6/3/2014 9:50:46 PM, Error: EventLog [6008] - The previous system shutdown at 9:49:21 PM on 6/3/2014 was unexpected.
6/3/2014 9:37:27 PM, Error: EventLog [6008] - The previous system shutdown at 9:32:38 PM on 6/3/2014 was unexpected.
6/3/2014 6:03:34 PM, Error: EventLog [6008] - The previous system shutdown at 6:01:15 PM on 6/3/2014 was unexpected.
6/3/2014 5:52:46 PM, Error: EventLog [6008] - The previous system shutdown at 5:38:09 PM on 6/3/2014 was unexpected.
6/3/2014 12:52:02 PM, Error: EventLog [6008] - The previous system shutdown at 12:43:12 PM on 6/3/2014 was unexpected.
6/3/2014 12:40:16 PM, Error: EventLog [6008] - The previous system shutdown at 12:37:41 PM on 6/3/2014 was unexpected.
6/3/2014 11:46:58 AM, Error: EventLog [6008] - The previous system shutdown at 11:33:00 AM on 6/3/2014 was unexpected.
6/3/2014 11:25:08 AM, Error: EventLog [6008] - The previous system shutdown at 11:22:16 AM on 6/3/2014 was unexpected.
6/3/2014 11:17:24 AM, Error: EventLog [6008] - The previous system shutdown at 11:11:02 AM on 6/3/2014 was unexpected.
6/3/2014 11:07:10 AM, Error: EventLog [6008] - The previous system shutdown at 11:05:34 AM on 6/3/2014 was unexpected.
6/3/2014 10:09:06 PM, Error: EventLog [6008] - The previous system shutdown at 10:05:48 PM on 6/3/2014 was unexpected.
6/3/2014 10:02:55 PM, Error: EventLog [6008] - The previous system shutdown at 10:00:38 PM on 6/3/2014 was unexpected.
6/2/2014 8:10:31 PM, Error: EventLog [6008] - The previous system shutdown at 8:08:17 PM on 6/2/2014 was unexpected.
6/2/2014 7:59:25 PM, Error: EventLog [6008] - The previous system shutdown at 7:58:02 PM on 6/2/2014 was unexpected.
6/2/2014 7:45:09 PM, Error: EventLog [6008] - The previous system shutdown at 7:33:57 PM on 6/2/2014 was unexpected.
6/2/2014 6:24:05 PM, Error: EventLog [6008] - The previous system shutdown at 5:52:49 PM on 6/2/2014 was unexpected.
6/2/2014 5:23:12 PM, Error: EventLog [6008] - The previous system shutdown at 5:21:53 PM on 6/2/2014 was unexpected.
6/2/2014 5:10:00 PM, Error: EventLog [6008] - The previous system shutdown at 5:02:36 PM on 6/2/2014 was unexpected.
6/2/2014 4:54:44 PM, Error: EventLog [6008] - The previous system shutdown at 4:52:45 PM on 6/2/2014 was unexpected.
6/2/2014 4:51:53 PM, Error: EventLog [6008] - The previous system shutdown at 3:57:11 PM on 6/2/2014 was unexpected.
6/2/2014 3:48:18 PM, Error: EventLog [6008] - The previous system shutdown at 3:45:58 PM on 6/2/2014 was unexpected.
6/2/2014 3:44:06 PM, Error: EventLog [6008] - The previous system shutdown at 3:42:41 PM on 6/2/2014 was unexpected.
6/2/2014 3:37:48 PM, Error: EventLog [6008] - The previous system shutdown at 3:32:14 PM on 6/2/2014 was unexpected.
6/2/2014 3:30:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
6/2/2014 3:30:13 PM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/2/2014 3:24:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
6/2/2014 3:23:37 PM, Error: ACPI [5] - AMLI: ACPI BIOS is attempting to write to an illegal IO port address (0x70), which lies in the 0x70 - 0x71 protected address range. This could lead to system instability. Please contact your system vendor for technical assistance.
6/2/2014 3:23:37 PM, Error: ACPI [4] - AMLI: ACPI BIOS is attempting to read from an illegal IO port address (0x71), which lies in the 0x70 - 0x71 protected address range. This could lead to system instability. Please contact your system vendor for technical assistance.
.
==== End Of File ===========================
Edited by HMH22, 09 June 2014 - 08:57 PM.