Possible Hack, Hijacking or Virus

[EmpressPhoenix]

I think it's running ok. I'm wondering if one problem I had is something normal for windows 8. There are times, if I have to restart, it takes forever to shut down, and then just as long to start up...and sends me to the temporary user profile for windows. I have to log out of that and log back into my actual windows profile. I have only ever encountered this on windows 8, and this is my first time using it or experiencing it since it's been out.

The other day it rebooted at random, however, I cannot recall what error message I got, I apologize.

Also.....I have 12 different Microsoft C++ listings in my program and features, any idea as to why?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-06-2014
Ran by Owner at 2014-06-25 20:16:18 Run:1
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU4RBLBP\setup[1].exe
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQAE89WB\BiTool[1].dll
C:\Users\Owner\Desktop\PHOENIX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.2.507_0\APISupport\APISupport.dll
C:\Users\Owner\Desktop\PHOENIX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.2.507_0\nativeMessaging\TBMessagingHost.exe
C:\Users\Owner\Desktop\PHOENIX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpnbhfcphckpkbjoncbgkamddpnphieg\1\51eca413f39150.32987907.js
*****************

C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU4RBLBP\setup[1].exe => Moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TQAE89WB\BiTool[1].dll => Moved successfully.
C:\Users\Owner\Desktop\PHOENIX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.2.507_0\APISupport\APISupport.dll => Moved successfully.
C:\Users\Owner\Desktop\PHOENIX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.26.2.507_0\nativeMessaging\TBMessagingHost.exe => Moved successfully.
C:\Users\Owner\Desktop\PHOENIX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpnbhfcphckpkbjoncbgkamddpnphieg\1\51eca413f39150.32987907.js => Moved successfully.

==== End of Fixlog ====

 

[OCD]

Hi EmpressPhoenix,

I'm wondering if one problem I had is something normal for windows 8. There are times, if I have to restart, it takes forever to shut down, and then just as long to start up...and sends me to the temporary user profile for windows. I have to log out of that and log back into my actual windows profile. I have only ever encountered this on windows 8, and this is my first time using it or experiencing it since it's been out.

I don't have a Windows 8 machine so I am not very familiar with it, but I will do some research and see if I can come up with a solution.

=========================

Also.....I have 12 different Microsoft C++ listings in my program and features, any idea as to why?

Many applications require redistributable Visual C++ packages to function correctly. These packages are often installed independently of applications, allowing multiple applications to make use of the package while only having to install it once. These Visual C++ redistributable and runtime packages are mostly installed for standard libraries that many applications use.

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.

• • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

• FRST.txt
• Any remaining issues not addressed?

 

[EmpressPhoenix]

Sorry for not including what you ask, but I just ran here to make a post saying that my computer, again.."ran into a problem" and restarted itself. I was not sitting here when it happened, I had walked away from the keyboard..so I didn't see what error it was and not sure where..if anywhere, to look on my computer in the event it keeps track of that.

 

[EmpressPhoenix]

Ok, it just happened AGAIN..and I still cannot figure out how to get all of the damn info :/

I know it was something like this

Driver_IRQL_Not_Less_Or_Equal

And I could send a report to microsoft through w/e, but I do not know how to get a copy of the details to post it here for you x.x

 

[EmpressPhoenix]

And, I apologize for the spams...but yeah. 3 restarts all within like..10-15 minutes :/ NO idea what is going on.

Also. Malware Bytes keeps "blocking websites" I didn't get all of the errors, because, I wasn't thinking about it..but, this is one that keeps popping up.

http://oi59.tinypic.com/10qw747.jpg (I don't know if html or css is allowed or if links or such is allowed so, just posting the link).

I get a bit annoyed with MWB popping things up in the corner, so I shut it down..and the last 2 times I did that, is when my computer seemed to restart. It keeps popping up the above thing..and it's really irritating.....

 

[OCD]

Hi EmpressPhoenix,

Ok, it just happened AGAIN..and I still cannot figure out how to get all of the damn info :/

I know it was something like this

Driver_IRQL_Not_Less_Or_Equal

Have you updated any drivers recently?

Also. Malware Bytes keeps "blocking websites" I didn't get all of the errors, because, I wasn't thinking about it..but, this is one that keeps popping up.

The image you posted shows MBAM blocking an inbound attempt to access your computer. The IP address is out of the Netherlands. I don't know where you are located so I cannot verify if this is malicious or not but MBAM believes it is so that is why it was blocked. These pop-ups may be annoying, but they are blocking malware so the brief interruption might be tolerable. You may also be able to adjust a setting in MBAM to not display these pop-ups. The sites would still be prevented from accessing your computer, you would just not see the pop-ups.

Please post the FRST log when it is available.

 

[EmpressPhoenix]

No, I have not updated any drivers. I probably should, however, I have a rent to own computer..and on that I don't know exactly what I am doing so...I do not touch that stuff.

Also, I am in the US, nowhere near the Netherlands.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Owner (administrator) on 7360BE7 on 26-06-2014 19:31:24
Running from C:\Users\Owner\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe
(Dragon's Eye Productions, Inc.) C:\Program Files (x86)\Furcadia\furc_on.exe
(Dragon's Eye Productions, Inc.) C:\Program Files (x86)\Furcadia\Furcadia.exe
(mIRC Co. Ltd.) C:\Program Files (x86)\mIRC\mirc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-07-16] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-04] (Google Inc.)
HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Owner\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\Run: [Facebook Update] => C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-06-06] (Facebook Inc.)
HKU\S-1-5-21-4167589968-2693423342-2315446607-1002\...\MountPoints2: {b4418b01-b416-11e3-be74-082e5f79e668} - "F:\autorun.exe"
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=599486&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6BC8BD8D4D45CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {66F8021A-0B2E-4DE4-B753-12504A711C26} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default
FF Homepage: hxxp://www.aywas.com/news/
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=599486&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Owner\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\searchplugins\yahoo_ff.xml
FF Extension: ActiveGS - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\activegs@freetoolsassociation.com [2014-06-04]
FF Extension: LavaFox V2-Blue - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\djziggy@gmail.com [2014-06-19]
FF Extension: Blue Fox - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66} [2014-03-21]
FF Extension: Vendetta Online Theme - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\{3AF52343-6FC5-4f8e-AFE7-773054020BE9} [2014-03-21]
FF Extension: HP Detect - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2014-03-21]
FF Extension: DownloadHelper - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Strike - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\{021bfe80-a015-11de-8a39-0800200c9a66}.xpi [2014-03-21]
FF Extension: NoScript - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\1w5oxnrp.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-21]

Chrome:
=======
CHR HomePage:
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://search.yahoo.com/search?ei=utf-8&fr=chr-greentree_gc&type=599486&ilc=12&p={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (Universe) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkhmhnhknbjjggjfagcaaoimilkogcn [2014-04-18]
CHR Extension: (Website Logon) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2014-04-18]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245264 2012-07-09] (CyberLink)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-07-18] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-28] (Disc Soft Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-25] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 03:29 - 2014-06-26 09:51 - 00000040 _____ () C:\Users\Owner\Desktop\TALLCRAFTCOORDS.txt
2014-06-26 00:12 - 2014-06-26 00:12 - 00280592 _____ () C:\Windows\Minidump\062614-29374-01.dmp
2014-06-26 00:03 - 2014-06-26 00:03 - 00280592 _____ () C:\Windows\Minidump\062614-34788-01.dmp
2014-06-25 21:26 - 2014-06-25 21:26 - 00011452 _____ () C:\Users\Owner\Desktop\Unsupportive.txt
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\Users\Owner\Desktop\FRST-OlderVersion
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5158375.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5158297.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5155240.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5142838.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5142588.txt
2014-06-25 01:14 - 2014-06-25 01:14 - 00000117 _____ () C:\Windows\system32\netcfg-346821.txt
2014-06-25 01:13 - 2014-06-25 01:13 - 00000117 _____ () C:\Windows\system32\netcfg-332874.txt
2014-06-25 01:13 - 2014-06-25 01:13 - 00000117 _____ () C:\Windows\system32\netcfg-282517.txt
2014-06-25 01:10 - 2014-06-25 01:10 - 00000117 _____ () C:\Windows\system32\netcfg-106845.txt
2014-06-25 00:34 - 2014-06-25 00:34 - 00000117 _____ () C:\Windows\system32\netcfg-107213184.txt
2014-06-25 00:34 - 2014-06-25 00:34 - 00000117 _____ () C:\Windows\system32\netcfg-107211141.txt
2014-06-25 00:34 - 2014-06-25 00:34 - 00000117 _____ () C:\Windows\system32\netcfg-107205993.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107162063.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107158662.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107150877.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107150409.txt
2014-06-23 18:42 - 2014-06-26 00:12 - 441794445 _____ () C:\Windows\MEMORY.DMP
2014-06-23 18:42 - 2014-06-23 18:42 - 00280648 _____ () C:\Windows\Minidump\062314-34413-01.dmp
2014-06-23 18:42 - 2014-06-23 18:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-480233.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-480061.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-476988.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-457831.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-457098.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-425196.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-425133.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-425071.txt
2014-06-22 23:18 - 2014-06-22 23:18 - 00000117 _____ () C:\Windows\system32\netcfg-267385.txt
2014-06-22 23:18 - 2014-06-22 23:18 - 00000117 _____ () C:\Windows\system32\netcfg-267167.txt
2014-06-22 18:30 - 2014-06-22 18:30 - 00000980 _____ () C:\Users\Owner\Desktop\ESETscan.txt
2014-06-22 16:07 - 2014-06-22 16:07 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-21 19:11 - 2014-06-22 15:49 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2014-06-21 19:11 - 2014-06-21 19:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-20 23:00 - 2014-06-20 23:00 - 00005694 _____ () C:\Users\Owner\Desktop\STORM.txt
2014-06-20 16:49 - 2014-06-20 16:49 - 00000222 _____ () C:\Users\Owner\Desktop\One Way Heroics.url
2014-06-20 16:49 - 2014-06-20 16:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-20 16:05 - 2014-06-20 16:23 - 00000000 ____D () C:\Users\Owner\Documents\Euro Truck Simulator 2
2014-06-14 00:57 - 2014-06-14 00:57 - 00000000 ____D () C:\Users\Owner\Documents\PCSX2
2014-06-14 00:49 - 2014-06-14 00:55 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1
2014-06-14 00:49 - 2014-06-14 00:49 - 00001989 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-06-14 00:46 - 2014-06-14 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2014-06-13 23:33 - 2014-06-13 23:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-13 23:31 - 2014-06-13 23:31 - 15127264 _____ () C:\Users\Owner\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-06-13 23:27 - 2014-06-13 23:27 - 03702217 _____ () C:\Users\Owner\Downloads\pcsx2-1.2.1-r5875-binaries.7z
2014-06-13 23:27 - 2014-06-13 23:27 - 00000000 ____D () C:\Users\Owner\Downloads\pcsx2-1.2.1-r5875-binaries
2014-06-13 12:18 - 2014-06-26 00:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-13 12:17 - 2014-06-13 12:17 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-13 12:17 - 2014-06-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-13 12:17 - 2014-06-13 12:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-13 12:17 - 2014-06-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-13 12:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-13 12:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-13 12:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-13 12:16 - 2014-06-13 12:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-09 08:31 - 2014-06-09 08:31 - 00000630 ____H () C:\Windows\qmgmnt.for
2014-06-09 08:31 - 2014-06-09 08:31 - 00000012 ____H () C:\reachd.cz
2014-06-09 08:23 - 2014-06-09 08:23 - 07491048 _____ () C:\Users\Owner\Downloads\Start8_setup_sd.exe
2014-06-09 08:13 - 2014-06-09 08:13 - 00001125 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-06-09 08:06 - 2014-06-09 08:06 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 08:03 - 2014-06-09 08:03 - 01016261 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-06-06 21:17 - 2014-06-26 18:22 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002UA.job
2014-06-06 21:17 - 2014-06-25 21:22 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002Core.job
2014-06-06 21:17 - 2014-06-06 21:17 - 00003792 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002UA
2014-06-06 21:17 - 2014-06-06 21:17 - 00003442 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002Core
2014-06-06 21:17 - 2014-06-06 21:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\Facebook
2014-06-06 21:16 - 2014-06-06 21:16 - 00501248 _____ (Facebook Inc.) C:\Users\Owner\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-06-05 16:36 - 2014-06-05 16:36 - 00000983 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-06-05 16:36 - 2014-06-05 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-06-05 16:35 - 2014-06-05 16:36 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-06-05 16:34 - 2014-06-05 16:34 - 17163336 _____ (Nullsoft, Inc.) C:\Users\Owner\Downloads\winamp5666_full_all.exe
2014-06-05 13:45 - 2014-06-05 13:46 - 00039068 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-06-05 13:44 - 2014-06-26 19:31 - 00017284 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-06-05 13:44 - 2014-06-26 19:31 - 00000000 ____D () C:\FRST
2014-06-05 12:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-05 12:54 - 2014-06-09 07:59 - 00000000 ____D () C:\AdwCleaner
2014-06-05 12:53 - 2014-06-05 12:53 - 01333465 _____ () C:\Users\Owner\Desktop\adwcleaner_3.212.exe
2014-06-05 12:49 - 2014-06-05 12:49 - 00000542 _____ () C:\Users\Owner\Desktop\defogger_disable.log
2014-06-05 12:49 - 2014-06-05 12:49 - 00000168 _____ () C:\Users\Owner\defogger_reenable
2014-06-05 01:16 - 2014-06-05 01:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DarkSoulsII
2014-06-05 01:14 - 2014-06-05 01:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\Game Updater
2014-06-05 01:03 - 2014-06-05 01:03 - 00001737 _____ () C:\Users\Public\Desktop\Dark Souls 2.lnk
2014-06-05 01:03 - 2014-06-05 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls 2
2014-06-05 00:16 - 2014-06-05 00:16 - 00000000 ____D () C:\Games
2014-06-05 00:13 - 2014-06-05 00:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\Setup Integrity Check
2014-06-04 23:29 - 2014-06-25 20:16 - 02082816 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-06-04 23:28 - 2014-06-04 23:28 - 00854367 _____ () C:\Users\Owner\Desktop\SecurityCheck.exe
2014-06-04 23:24 - 2014-06-04 23:24 - 00050477 _____ () C:\Users\Owner\Desktop\Defogger.exe
2014-06-04 01:47 - 2014-06-04 01:47 - 00000000 ____D () C:\Users\Owner\Documents\ActiveGSLocalData
2014-06-03 15:43 - 2014-06-03 15:43 - 00001903 _____ () C:\Users\Owner\Desktop\aswMBR.txt
2014-06-03 15:43 - 2014-06-03 15:43 - 00000512 _____ () C:\Users\Owner\Desktop\MBR.dat
2014-06-03 15:36 - 2014-06-03 15:37 - 04745728 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2014-06-03 15:32 - 2014-06-03 15:32 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-06-03 15:32 - 2014-06-03 15:32 - 00000000 ____D () C:\Windows\ERDNT
2014-06-03 15:30 - 2014-06-03 15:31 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-03 15:30 - 2014-06-03 15:30 - 00000909 _____ () C:\Users\Owner\Desktop\ERUNT.lnk
2014-06-03 15:30 - 2014-06-03 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-03 15:29 - 2014-06-03 15:29 - 00791393 _____ (Lars Hederer ) C:\Users\Owner\Downloads\erunt-setup.exe
2014-06-03 00:27 - 2014-06-03 00:27 - 00000117 _____ () C:\Windows\system32\netcfg--925314703.txt
2014-06-03 00:26 - 2014-06-03 00:26 - 00000117 _____ () C:\Windows\system32\netcfg--925318884.txt
2014-06-03 00:26 - 2014-06-03 00:26 - 00000117 _____ () C:\Windows\system32\netcfg--925318400.txt
2014-06-03 00:26 - 2014-06-03 00:26 - 00000117 _____ () C:\Windows\system32\netcfg--925317964.txt
2014-06-02 03:13 - 2014-06-02 03:13 - 00001289 _____ () C:\Users\Owner\Desktop\Battle.net.lnk
2014-06-01 20:22 - 2014-06-01 20:22 - 00001678 _____ () C:\Users\Public\Desktop\Papers, Please.lnk
2014-06-01 20:22 - 2014-06-01 20:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\3909
2014-06-01 20:22 - 2014-06-01 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Papers, Please [GOG.com]
2014-06-01 20:22 - 2014-06-01 20:22 - 00000000 ____D () C:\GOG Games
2014-05-30 19:06 - 2014-06-20 03:22 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-30 19:06 - 2014-05-30 19:06 - 00000939 _____ () C:\Users\Owner\Desktop\Open Broadcaster Software.lnk
2014-05-30 19:06 - 2014-05-30 19:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\OBS
2014-05-30 19:06 - 2014-05-30 19:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-05-30 19:06 - 2014-05-30 19:06 - 00000000 ____D () C:\Program Files\OBS
2014-05-30 19:04 - 2014-05-30 19:04 - 08541018 _____ () C:\Users\Owner\Downloads\OBS_0_624b_Installer.exe
2014-05-30 13:01 - 2014-05-30 13:01 - 00814735 _____ () C:\Users\Owner\Downloads\OptiFine_1.7.9_HD_U_D2.jar
2014-05-30 00:19 - 2014-05-30 00:19 - 29014160 _____ (Mozilla) C:\Users\Owner\Downloads\Firefox Setup 29.0.1.exe
2014-05-29 23:29 - 2014-05-30 01:18 - 00000000 ____D () C:\Users\Owner\Desktop\D&D

==================== One Month Modified Files and Folders =======

2014-06-26 19:31 - 2014-06-05 13:44 - 00017284 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-06-26 19:31 - 2014-06-05 13:44 - 00000000 ____D () C:\FRST
2014-06-26 19:29 - 2014-04-04 17:12 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002UA.job
2014-06-26 19:22 - 2014-04-18 04:06 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 19:20 - 2014-03-21 16:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-06-26 19:15 - 2014-04-08 23:35 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.purple
2014-06-26 19:00 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-26 18:22 - 2014-06-06 21:17 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002UA.job
2014-06-26 17:29 - 2014-02-09 04:51 - 01820391 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 09:51 - 2014-06-26 03:29 - 00000040 _____ () C:\Users\Owner\Desktop\TALLCRAFTCOORDS.txt
2014-06-26 09:16 - 2014-03-21 22:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-06-26 06:48 - 2014-03-22 18:15 - 00000000 ____D () C:\Users\Owner\AppData\Local\Battle.net
2014-06-26 04:47 - 2012-07-26 02:28 - 00941050 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 03:26 - 2014-03-21 21:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.minecraft
2014-06-26 02:51 - 2014-03-21 19:05 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\mIRC
2014-06-26 02:47 - 2014-03-21 22:38 - 00000000 ___RD () C:\Users\Owner\Desktop\VIDEO
2014-06-26 02:29 - 2014-04-04 17:12 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002Core.job
2014-06-26 00:54 - 2014-03-21 22:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\uTorrent
2014-06-26 00:17 - 2014-02-09 04:59 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4167589968-2693423342-2315446607-1002
2014-06-26 00:13 - 2014-06-13 12:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 00:12 - 2014-06-26 00:12 - 00280592 _____ () C:\Windows\Minidump\062614-29374-01.dmp
2014-06-26 00:12 - 2014-06-23 18:42 - 441794445 _____ () C:\Windows\MEMORY.DMP
2014-06-26 00:12 - 2014-06-23 18:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-26 00:12 - 2014-04-18 04:06 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 00:12 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 00:03 - 2014-06-26 00:03 - 00280592 _____ () C:\Windows\Minidump\062614-34788-01.dmp
2014-06-25 21:26 - 2014-06-25 21:26 - 00011452 _____ () C:\Users\Owner\Desktop\Unsupportive.txt
2014-06-25 21:22 - 2014-06-06 21:17 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002Core.job
2014-06-25 20:16 - 2014-06-25 20:16 - 00000000 ____D () C:\Users\Owner\Desktop\FRST-OlderVersion
2014-06-25 20:16 - 2014-06-04 23:29 - 02082816 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-06-25 20:15 - 2014-04-19 03:23 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-25 20:13 - 2014-03-22 16:32 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-25 06:22 - 2014-03-21 22:00 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TS3Client
2014-06-25 02:36 - 2014-04-07 17:19 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5158375.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5158297.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5155240.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5142838.txt
2014-06-25 02:34 - 2014-06-25 02:34 - 00000117 _____ () C:\Windows\system32\netcfg-5142588.txt
2014-06-25 01:14 - 2014-06-25 01:14 - 00000117 _____ () C:\Windows\system32\netcfg-346821.txt
2014-06-25 01:13 - 2014-06-25 01:13 - 00000117 _____ () C:\Windows\system32\netcfg-332874.txt
2014-06-25 01:13 - 2014-06-25 01:13 - 00000117 _____ () C:\Windows\system32\netcfg-282517.txt
2014-06-25 01:10 - 2014-06-25 01:10 - 00000117 _____ () C:\Windows\system32\netcfg-106845.txt
2014-06-25 01:08 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-25 00:34 - 2014-06-25 00:34 - 00000117 _____ () C:\Windows\system32\netcfg-107213184.txt
2014-06-25 00:34 - 2014-06-25 00:34 - 00000117 _____ () C:\Windows\system32\netcfg-107211141.txt
2014-06-25 00:34 - 2014-06-25 00:34 - 00000117 _____ () C:\Windows\system32\netcfg-107205993.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107162063.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107158662.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107150877.txt
2014-06-25 00:33 - 2014-06-25 00:33 - 00000117 _____ () C:\Windows\system32\netcfg-107150409.txt
2014-06-24 19:45 - 2014-03-21 22:26 - 00000000 ____D () C:\Program Files\Team Speak 3
2014-06-24 17:29 - 2014-03-21 22:26 - 00000925 _____ () C:\Users\Owner\Desktop\TeamSpeak 3 Client.lnk
2014-06-24 17:26 - 2014-03-21 22:24 - 29498592 _____ (TeamSpeak Systems GmbH) C:\Users\Owner\Downloads\TeamSpeak3-Client-win64-3.0.14.exe
2014-06-23 20:46 - 2014-03-22 16:29 - 00000000 ____D () C:\ProgramData\Origin
2014-06-23 20:45 - 2014-03-22 16:29 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-23 18:42 - 2014-06-23 18:42 - 00280648 _____ () C:\Windows\Minidump\062314-34413-01.dmp
2014-06-23 18:41 - 2012-08-03 17:23 - 00007596 _____ () C:\Windows\PFRO.log
2014-06-23 18:13 - 2014-04-27 18:38 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-480233.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-480061.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-476988.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-457831.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-457098.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-425196.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-425133.txt
2014-06-22 23:21 - 2014-06-22 23:21 - 00000117 _____ () C:\Windows\system32\netcfg-425071.txt
2014-06-22 23:18 - 2014-06-22 23:18 - 00000117 _____ () C:\Windows\system32\netcfg-267385.txt
2014-06-22 23:18 - 2014-06-22 23:18 - 00000117 _____ () C:\Windows\system32\netcfg-267167.txt
2014-06-22 18:30 - 2014-06-22 18:30 - 00000980 _____ () C:\Users\Owner\Desktop\ESETscan.txt
2014-06-22 16:07 - 2014-06-22 16:07 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-06-22 15:49 - 2014-06-21 19:11 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2014-06-22 02:24 - 2014-04-04 17:12 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002UA
2014-06-22 02:24 - 2014-04-04 17:12 - 00003490 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002Core
2014-06-21 19:11 - 2014-06-21 19:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-21 09:38 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-20 23:00 - 2014-06-20 23:00 - 00005694 _____ () C:\Users\Owner\Desktop\STORM.txt
2014-06-20 19:18 - 2014-03-21 22:39 - 00000000 ___RD () C:\Users\Owner\Desktop\MY GAMES
2014-06-20 17:11 - 2014-03-21 19:05 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-06-20 17:00 - 2014-03-22 05:43 - 00446325 _____ () C:\Windows\DirectX.log
2014-06-20 16:49 - 2014-06-20 16:49 - 00000222 _____ () C:\Users\Owner\Desktop\One Way Heroics.url
2014-06-20 16:49 - 2014-06-20 16:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-20 16:23 - 2014-06-20 16:05 - 00000000 ____D () C:\Users\Owner\Documents\Euro Truck Simulator 2
2014-06-20 03:22 - 2014-05-30 19:06 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-06-18 20:17 - 2014-04-18 04:06 - 00003884 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 20:17 - 2014-04-18 04:06 - 00003648 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-14 00:57 - 2014-06-14 00:57 - 00000000 ____D () C:\Users\Owner\Documents\PCSX2
2014-06-14 00:55 - 2014-06-14 00:49 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1
2014-06-14 00:49 - 2014-06-14 00:49 - 00001989 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-06-14 00:49 - 2014-03-22 05:50 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-14 00:46 - 2014-06-14 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2014-06-13 23:33 - 2014-06-13 23:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-13 23:31 - 2014-06-13 23:31 - 15127264 _____ () C:\Users\Owner\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-06-13 23:27 - 2014-06-13 23:27 - 03702217 _____ () C:\Users\Owner\Downloads\pcsx2-1.2.1-r5875-binaries.7z
2014-06-13 23:27 - 2014-06-13 23:27 - 00000000 ____D () C:\Users\Owner\Downloads\pcsx2-1.2.1-r5875-binaries
2014-06-13 20:41 - 2014-03-22 05:50 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-13 12:17 - 2014-06-13 12:17 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-13 12:17 - 2014-06-13 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-13 12:17 - 2014-06-13 12:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-13 12:17 - 2014-06-13 12:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-13 12:16 - 2014-06-13 12:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-11 13:20 - 2014-04-18 04:06 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-09 08:31 - 2014-06-09 08:31 - 00000630 ____H () C:\Windows\qmgmnt.for
2014-06-09 08:31 - 2014-06-09 08:31 - 00000012 ____H () C:\reachd.cz
2014-06-09 08:24 - 2014-03-21 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-06-09 08:23 - 2014-06-09 08:23 - 07491048 _____ () C:\Users\Owner\Downloads\Start8_setup_sd.exe
2014-06-09 08:22 - 2014-03-21 19:12 - 00000000 ___RD () C:\Users\Owner\Desktop\PHOENIX
2014-06-09 08:21 - 2014-04-29 18:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-06-09 08:20 - 2014-04-29 17:44 - 00000000 ____D () C:\AeriaGames
2014-06-09 08:13 - 2014-06-09 08:13 - 00001125 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-06-09 08:06 - 2014-06-09 08:06 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 08:03 - 2014-06-09 08:03 - 01016261 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-06-09 07:59 - 2014-06-05 12:54 - 00000000 ____D () C:\AdwCleaner
2014-06-08 13:25 - 2014-03-21 16:34 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Mozilla
2014-06-07 12:49 - 2014-04-08 23:36 - 00000000 ____D () C:\Users\Owner\AppData\Local\gtk-2.0
2014-06-06 21:17 - 2014-06-06 21:17 - 00003792 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002UA
2014-06-06 21:17 - 2014-06-06 21:17 - 00003442 _____ () C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4167589968-2693423342-2315446607-1002Core
2014-06-06 21:17 - 2014-06-06 21:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\Facebook
2014-06-06 21:16 - 2014-06-06 21:16 - 00501248 _____ (Facebook Inc.) C:\Users\Owner\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2014-06-05 16:36 - 2014-06-05 16:36 - 00000983 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-06-05 16:36 - 2014-06-05 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-06-05 16:36 - 2014-06-05 16:35 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-06-05 16:35 - 2014-03-21 22:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Winamp
2014-06-05 16:34 - 2014-06-05 16:34 - 17163336 _____ (Nullsoft, Inc.) C:\Users\Owner\Downloads\winamp5666_full_all.exe
2014-06-05 13:46 - 2014-06-05 13:45 - 00039068 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-06-05 12:53 - 2014-06-05 12:53 - 01333465 _____ () C:\Users\Owner\Desktop\adwcleaner_3.212.exe
2014-06-05 12:49 - 2014-06-05 12:49 - 00000542 _____ () C:\Users\Owner\Desktop\defogger_disable.log
2014-06-05 12:49 - 2014-06-05 12:49 - 00000168 _____ () C:\Users\Owner\defogger_reenable
2014-06-05 12:49 - 2014-02-09 04:52 - 00000000 ____D () C:\Users\Owner
2014-06-05 01:16 - 2014-06-05 01:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DarkSoulsII
2014-06-05 01:14 - 2014-06-05 01:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\Game Updater
2014-06-05 01:03 - 2014-06-05 01:03 - 00001737 _____ () C:\Users\Public\Desktop\Dark Souls 2.lnk
2014-06-05 01:03 - 2014-06-05 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls 2
2014-06-05 00:16 - 2014-06-05 00:16 - 00000000 ____D () C:\Games
2014-06-05 00:13 - 2014-06-05 00:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\Setup Integrity Check
2014-06-05 00:08 - 2014-03-22 18:32 - 00000000 ___RD () C:\Users\Owner\Desktop\MINECRAFT STUFF
2014-06-04 23:28 - 2014-06-04 23:28 - 00854367 _____ () C:\Users\Owner\Desktop\SecurityCheck.exe
2014-06-04 23:24 - 2014-06-04 23:24 - 00050477 _____ () C:\Users\Owner\Desktop\Defogger.exe
2014-06-04 01:47 - 2014-06-04 01:47 - 00000000 ____D () C:\Users\Owner\Documents\ActiveGSLocalData
2014-06-03 17:25 - 2014-03-21 22:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-03 15:43 - 2014-06-03 15:43 - 00001903 _____ () C:\Users\Owner\Desktop\aswMBR.txt
2014-06-03 15:43 - 2014-06-03 15:43 - 00000512 _____ () C:\Users\Owner\Desktop\MBR.dat
2014-06-03 15:40 - 2014-03-21 22:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-06-03 15:37 - 2014-06-03 15:36 - 04745728 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2014-06-03 15:32 - 2014-06-03 15:32 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-06-03 15:32 - 2014-06-03 15:32 - 00000000 ____D () C:\Windows\ERDNT
2014-06-03 15:31 - 2014-06-03 15:30 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-03 15:30 - 2014-06-03 15:30 - 00000909 _____ () C:\Users\Owner\Desktop\ERUNT.lnk
2014-06-03 15:30 - 2014-06-03 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-03 15:29 - 2014-06-03 15:29 - 00791393 _____ (Lars Hederer ) C:\Users\Owner\Downloads\erunt-setup.exe
2014-06-03 15:22 - 2014-03-21 17:41 - 00007597 _____ () C:\Users\Owner\AppData\Local\resmon.resmoncfg
2014-06-03 00:35 - 2014-03-21 16:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-03 00:35 - 2014-03-21 16:39 - 00000000 ____D () C:\ProgramData\Skype
2014-06-03 00:30 - 2014-03-21 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 00:30 - 2012-07-26 02:19 - 00292720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-03 00:29 - 2014-03-21 16:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-03 00:27 - 2014-06-03 00:27 - 00000117 _____ () C:\Windows\system32\netcfg--925314703.txt
2014-06-03 00:26 - 2014-06-03 00:26 - 00000117 _____ () C:\Windows\system32\netcfg--925318884.txt
2014-06-03 00:26 - 2014-06-03 00:26 - 00000117 _____ () C:\Windows\system32\netcfg--925318400.txt
2014-06-03 00:26 - 2014-06-03 00:26 - 00000117 _____ () C:\Windows\system32\netcfg--925317964.txt
2014-06-02 03:13 - 2014-06-02 03:13 - 00001289 _____ () C:\Users\Owner\Desktop\Battle.net.lnk
2014-06-01 20:22 - 2014-06-01 20:22 - 00001678 _____ () C:\Users\Public\Desktop\Papers, Please.lnk
2014-06-01 20:22 - 2014-06-01 20:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\3909
2014-06-01 20:22 - 2014-06-01 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Papers, Please [GOG.com]
2014-06-01 20:22 - 2014-06-01 20:22 - 00000000 ____D () C:\GOG Games
2014-06-01 13:52 - 2014-03-21 18:48 - 00000000 ____D () C:\ProgramData\Stardock
2014-05-30 19:06 - 2014-05-30 19:06 - 00000939 _____ () C:\Users\Owner\Desktop\Open Broadcaster Software.lnk
2014-05-30 19:06 - 2014-05-30 19:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\OBS
2014-05-30 19:06 - 2014-05-30 19:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-05-30 19:06 - 2014-05-30 19:06 - 00000000 ____D () C:\Program Files\OBS
2014-05-30 19:04 - 2014-05-30 19:04 - 08541018 _____ () C:\Users\Owner\Downloads\OBS_0_624b_Installer.exe
2014-05-30 13:01 - 2014-05-30 13:01 - 00814735 _____ () C:\Users\Owner\Downloads\OptiFine_1.7.9_HD_U_D2.jar
2014-05-30 01:18 - 2014-05-29 23:29 - 00000000 ____D () C:\Users\Owner\Desktop\D&D
2014-05-30 00:22 - 2014-03-21 16:34 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-30 00:22 - 2014-03-21 16:34 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-30 00:19 - 2014-05-30 00:19 - 29014160 _____ (Mozilla) C:\Users\Owner\Downloads\Firefox Setup 29.0.1.exe
2014-05-29 14:50 - 2014-04-19 03:28 - 00000000 ____D () C:\Program Files (x86)\Hearthstone

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\_isA1AF.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-12 06:27

==================== End Of Log ============================

 

[OCD]

Hi EmpressPhoenix,

Your last log looks good. But I am still concerned about the random rebooting.

Chkdsk in Windows 8

You must run the command prompt as an administrator or in an "elevated mode".

• Launch the Start Screen by pressing the Windows key or clicking the lower left corner of the Taskbar.
• From the Start Screen, search for the Windows Command Prompt by typing “cmd”.

• Right-click on the Command Prompt and choose “Run as Administrator” from the bar at the bottom of the screen.

• 
  Then type in "chkdsk /f /r /x" (make note of the space between chkdsk and each of the /)

=========================

Report back the results.

 

[EmpressPhoenix]

Ok, did what you said...twice..first time I got this

http://oi59.tinypic.com/svm6ib.jpg

So, I restarted my computer. It did a Scanning and Repairing of drive/disc C thing (just woke up so..yea) and I thought that's what it was supposed to do. So, I left it alone. I came back, looked for some kind of log to be saved somewhere....something to open..nothing. Did what you said....again...and the same thing happened. I'm not restarting my computer again -_- took too long the first time...

What to do now?

 

[OCD]

Hi EmpressPhoenix,

Restart your computer normally and see how it performs.

How to locate chkdsk log - tutorial

To view results log:

• Open the Start Menu, and type eventvwr.msc in the search box and press enter.
• If prompted by UAC, then click on Yes (Windows 7) or Continue (Vista).
• In the left pane of Event Viewer, double click on Windows Logs to expand it, then right click on Application and click on Find.
• Copy and paste Chkdsk into the line, and click on Find Next.
• You will now see the system log for the scan results of Check Disk (chkdsk).
• In the right had menu select copy, open notepad and paste the chkdsk results into notepad
• Post in your next reply.

=========================

 

[EmpressPhoenix]

Hey, I'll try to get to this in the next couple days. Sorry again for the delay.

 

[OCD]

:bigthumb:

 

[OCD]

Hi EmpressPhoenix,

Just checking in to see if you still need help?

 

[OCD]

This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.

If you still require help, please start a new topic and include fresh DDS and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.

----------------------
Admin Edit
Thank you OCD.