rundll32.exe running under username, not under system?

batb · February 23, 2015

Hello,

I will explain this from the very moment this started.

2/22/2015, at right about midnight, my laptop screen started flickering black, back to the screen, black etc. (Like someone kept plugging and unplugging an HDMI/VGA cable). When this happened, I immediately forced shut down my laptop (by holding the power button). When I booted it back up, I ran a scan with both Malwareybytes and SuperANTISPyware, but both didn't find anything.

I went to sleep, and on the same day, around 10 PM, the laptop screen suddenly faded to black (just like when you were not using the laptop for a while).

But, I was playing a game, AND I was listening to Spotify. So I was using the laptop.

Again, when it happened, forced shut down the laptop and booted it back up, started searching for suspicious behavior (and running scans, again). Again, nothing.

After I cooled down a bit, I started watching Netflix, and after a while I decided to watch Netflix on my Chromecast. I clicked on the Chromecast icon on Netflix and went to the livingroom. When I got back, the screen was black again, and the CPU light was constantly on. When I clicked with my mouse, the screen turned back on.

Today, 2/23/2015, I booted the laptop again, and now I saw rundll32.exe running under MY username. I kind of panicked and I killed the process. This was about 20 minutes ago, and the process didn't pop up again yet.

When I looked back at task manager, I saw dllhost.exe running TWICE. I never saw that happening before, too.

I google searched some things, and the Symantec site came up. Multiple dllhost.exe processes could be Trojan.Poweliks. So I downloaded the removal tool, but no results.

Trojan.Poweliks has not been found on the system

What can I do? I'm afraid my computer is infected with some kind of malware... I use this laptop daily and I do stuff like banking on it...

Again, what can I do?

I guess I'll boot into safemode now and run a scan with Malwarebytes.

Thanks,

Mike.

Windows 7 Home Premium SP1, 64-Bit.

TwinHeadedEagle · February 23, 2015

Hello,

They call me TwinHeadedEagle around here, and I'll try to help your with your issue.

Before we start please read and note the following:

We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

Rules and policies

We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

batb · February 23, 2015

Hi,

(Posting in 2 different posts because it's too long.)

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015

Ran by Mike (administrator) on MIKE-PC on 23-02-2015 16:43:06

Running from C:\Users\Mike\Desktop

Loaded Profiles: Mike (Available profiles: Mike & Diana)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe

(Akamai Technologies, Inc.) C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe

(Akamai Technologies, Inc.) C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Spotify Ltd) C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe

(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe

(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Spotify Ltd) C:\Users\Mike\AppData\Roaming\Spotify\spotify.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)

HKLM-x32\...\Run: [blueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [847576 2015-02-03] (BlueStack Systems, Inc.)

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Run: [HP Deskjet 3070 B611 series (NET)] => C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Run: [spotify Web Helper] => C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-13] (Spotify Ltd)

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

ProxyServer: [s-1-5-21-3073272561-30202821-3334549261-1000] => http=127.0.0.1:8887;https=127.0.0.1:8887

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/nl-nl/?ocid=iehp

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\Software\Microsoft\Internet Explorer\Main,Start Page =

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 195.121.1.34 195.121.1.66

FireFox:

========

FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ilaeya6w.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKU\S-1-5-21-3073272561-30202821-3334549261-1000: @nsroblox.roblox.com/launcher -> C:\Users\Mike\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKU\S-1-5-21-3073272561-30202821-3334549261-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Mike\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy64.dll ( ROBLOX Corporation)

FF Extension: NoScript - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ilaeya6w.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-06]

FF Extension: Adblock Plus - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\ilaeya6w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-06]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-24]

Chrome:

=======

CHR HomePage: Default -> hxxp://cbopt.com/install-ubuntu-or-linux-mint-inside-windows-using-mint4win-or-wubi/

CHR StartupUrls: Default -> "hxxp://0223.startpagina.nl/"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-23]

CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-23]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-23]

CHR Extension: (WOT) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-11-23]

CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-23]

CHR Extension: (Google Cast) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-02-21]

CHR Extension: (Adblock Plus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-23]

CHR Extension: (Google Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-23]

CHR Extension: (Morpheon Dark - Aero) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpnbbonpgadmkipdlclghcekaklebdpi [2014-11-23]

CHR Extension: (Google Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-23]

CHR Extension: (EditThisCookie) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2015-01-04]

CHR Extension: (Google Wallet) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23]

CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-23]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-11-24]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-24] (AVAST Software)

R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2015-02-03] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-02-03] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-02-03] (BlueStack Systems, Inc.)

R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)

S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580416 2015-02-06] (Echobit LLC)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)

R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-10-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-24] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-24] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-24] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-24] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-24] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-24] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-24] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-24] ()

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-02-03] (BlueStack Systems)

R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-12-06] (Echobit, LLC)

R3 k57nd; C:\Windows\System32\DRIVERS\k57amd64.sys [333864 2014-11-23] (Broadcom Corporation)

R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)

S3 catchme; \??\C:\cambafax\catchme.sys [X]

S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]

S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 16:43 - 2015-02-23 16:43 - 00018285 _____ () C:\Users\Mike\Desktop\FRST.txt

2015-02-23 16:42 - 2015-02-23 16:43 - 00000000 ____D () C:\FRST

2015-02-23 16:41 - 2015-02-23 16:42 - 02087424 _____ (Farbar) C:\Users\Mike\Desktop\FRST64.exe

2015-02-23 16:38 - 2015-02-23 16:38 - 00074856 _____ () C:\Users\Mike\AppData\Local\GDIPFONTCACHEV1.DAT

2015-02-23 16:35 - 2015-02-23 16:35 - 00000056 _____ () C:\Windows\setupact.log

2015-02-23 16:35 - 2015-02-23 16:35 - 00000000 _____ () C:\Windows\setuperr.log

2015-02-23 12:38 - 2015-02-23 12:38 - 00330456 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-02-23 12:20 - 2015-02-23 12:22 - 00000050 _____ () C:\Users\Mike\Desktop\FixPoweliks64.log

2015-02-23 12:19 - 2015-02-23 12:19 - 02747488 _____ (Symantec Corporation) C:\Users\Mike\Desktop\FixPoweliks64.exe

2015-02-23 11:41 - 2015-02-23 11:41 - 00214315 _____ () C:\Users\Mike\Desktop\10970679_723279644471436_1353171313_n.mp4

2015-02-22 22:06 - 2015-02-22 22:06 - 00000000 ____D () C:\Users\Mike\Desktop\Untitled

2015-02-22 22:04 - 2015-02-22 22:04 - 21107990 _____ () C:\Users\Mike\Desktop\Fire Flames Green Screen.avi

2015-02-22 21:51 - 2015-02-22 21:53 - 53334722 _____ () C:\Users\Mike\Desktop\aaa (01).avi

2015-02-22 21:46 - 2015-02-22 21:49 - 48101761 _____ () C:\Users\Mike\Desktop\aaa (01).mp4

2015-02-22 19:24 - 2015-02-22 19:24 - 00002878 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel

2015-02-22 18:44 - 2015-02-22 18:44 - 00639400 _____ (Oracle Corporation) C:\Users\Mike\Downloads\chromeinstall-8u31.exe

2015-02-22 16:53 - 2015-02-22 16:53 - 00023295 _____ () C:\Users\Mike\Downloads\[kickass.to]bruce.springsteen.live.in.dublin.dvd.torrent

2015-02-22 14:34 - 2015-02-22 14:34 - 00000319 _____ () C:\Users\Mike\Downloads\Playlist.m3u

2015-02-22 13:32 - 2015-02-22 13:32 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk

2015-02-22 13:32 - 2015-02-22 13:32 - 00001780 _____ () C:\Users\Public\Desktop\Apps.lnk

2015-02-22 13:30 - 2015-02-22 13:31 - 00000000 ____D () C:\ProgramData\BlueStacks

2015-02-22 13:30 - 2015-02-22 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2015-02-22 13:30 - 2015-02-22 13:30 - 00000000 ____D () C:\Program Files (x86)\BlueStacks

2015-02-22 13:27 - 2015-02-23 12:16 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2015-02-22 13:27 - 2015-02-22 13:27 - 00000000 ____D () C:\Users\Mike\AppData\Local\Bluestacks

2015-02-22 13:25 - 2015-02-22 13:25 - 13555456 _____ (BlueStack Systems Inc.) C:\Users\Mike\Downloads\BlueStacks-SplitInstaller_native.exe

2015-02-22 11:26 - 2015-02-22 11:28 - 21915065 _____ () C:\Users\Mike\Desktop\aaa.mp4

2015-02-22 11:06 - 2015-02-22 11:06 - 00000000 ____D () C:\Users\Mike\Documents\BeamNG.drive

2015-02-22 11:04 - 2015-02-22 11:04 - 00000000 ____D () C:\Users\Mike\Downloads\BeamNG-Techdemo-v2.1

2015-02-22 11:03 - 2015-02-22 11:04 - 181003643 _____ () C:\Users\Mike\Downloads\BeamNG-Techdemo-v2.1.zip

2015-02-22 01:03 - 2015-02-22 01:03 - 00000796 _____ () C:\Users\Public\Desktop\Speccy.lnk

2015-02-22 01:03 - 2015-02-22 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2015-02-22 01:03 - 2015-02-22 01:03 - 00000000 ____D () C:\Program Files\Speccy

2015-02-22 00:57 - 2015-02-22 00:58 - 05135288 _____ (Piriform Ltd) C:\Users\Mike\Downloads\spsetup128.exe

2015-02-21 23:58 - 2015-02-21 23:59 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Mike\Downloads\mbam-setup-2.0.4.1028.exe

2015-02-21 21:50 - 2015-02-21 21:50 - 00000000 ____D () C:\Program Files\TAP-Windows

2015-02-21 16:47 - 2015-02-21 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-02-21 16:46 - 2015-02-21 16:47 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2015-02-15 20:49 - 2015-02-15 20:50 - 00639856 _____ (ROBLOX Corporation) C:\Users\Mike\Downloads\RobloxPlayerLauncher.exe

2015-02-15 19:32 - 2015-02-15 19:32 - 00000000 ____D () C:\Users\Mike\Documents\StarCraft II

2015-02-15 19:32 - 2015-02-15 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II

2015-02-15 19:31 - 2015-02-15 20:00 - 00000000 ____D () C:\Program Files (x86)\StarCraft II

2015-02-15 19:30 - 2015-02-15 21:56 - 00000000 ____D () C:\Users\Mike\AppData\Local\Battle.net

2015-02-15 19:30 - 2015-02-15 19:31 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Battle.net

2015-02-15 19:30 - 2015-02-15 19:30 - 00000000 ____D () C:\Users\Mike\AppData\Local\Blizzard Entertainment

2015-02-15 19:07 - 2015-02-15 19:32 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2015-02-15 19:07 - 2015-02-15 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2015-02-15 19:04 - 2015-02-15 19:04 - 00000000 ____D () C:\ProgramData\Battle.net

2015-02-15 19:03 - 2015-02-15 19:03 - 03184696 _____ (Blizzard Entertainment) C:\Users\Mike\Downloads\StarCraft-II-Setup-enGB.exe

2015-02-14 23:52 - 2015-02-14 23:52 - 00000000 ____D () C:\Users\Mike\Downloads\PopcornTime

2015-02-14 23:51 - 2015-02-14 23:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time

2015-02-14 23:51 - 2015-02-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Popcorn Time

2015-02-14 23:50 - 2015-02-14 23:50 - 50844420 _____ (Popcorn Time ) C:\Users\Mike\Downloads\PopcornTime-latest.exe

2015-02-14 19:41 - 2015-02-14 19:41 - 00000000 ____D () C:\Users\Mike\AppData\Local\TurboDismount

2015-02-14 15:05 - 2015-02-14 15:36 - 3179022336 _____ () C:\Users\Mike\Downloads\Windows10_TechnicalPreview_x32_NL-NL_9926.iso

2015-02-14 14:57 - 2015-02-14 14:57 - 00000000 ____D () C:\Users\Mike\AppData\Local\CrystalDiskMark

2015-02-14 14:55 - 2015-02-14 14:55 - 01659040 _____ (Crystal Dew World ) C:\Users\Mike\Downloads\CrystalDiskMark3_0_3b-en.exe

2015-02-14 12:47 - 2015-02-14 12:47 - 00000000 ____D () C:\SUPERDelete

2015-02-13 19:06 - 2015-02-13 19:08 - 34186751 _____ () C:\Users\Mike\Downloads\0127 - Phoenix Wright - Ace Attorney (U)(Legacy).7z

2015-02-13 18:54 - 2015-02-13 18:54 - 01096820 _____ () C:\Users\Mike\Downloads\desmume-0.9.10-win32.zip

2015-02-12 13:26 - 2015-02-12 13:26 - 00000000 ____D () C:\Users\Mike\Documents\My Virtual Machines

2015-02-12 13:25 - 2015-02-12 13:53 - 00000000 ____D () C:\Users\Mike\Downloads\VM

2015-02-12 13:23 - 2015-02-12 13:23 - 00002025 _____ () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk

2015-02-12 13:23 - 2015-02-12 13:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Virtual PC

2015-02-12 13:22 - 2015-02-12 13:22 - 32005504 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\setup (1).exe

2015-02-12 13:21 - 2015-02-12 13:21 - 31884672 _____ (Microsoft Corporation) C:\Users\Mike\Downloads\setup.exe

2015-02-12 13:20 - 2015-02-12 13:20 - 16070039 _____ () C:\Users\Mike\Downloads\Windows6.1-KB958559-x86-RefreshPkg.msu

2015-02-12 12:35 - 2015-02-12 12:35 - 00000000 ____D () C:\Users\Mike\Downloads\FamiTracker-v0.4.6

2015-02-12 12:34 - 2015-02-12 12:35 - 01604814 _____ () C:\Users\Mike\Downloads\FamiTracker-v0.4.6.zip

2015-02-12 12:10 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-02-12 12:10 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-02-12 12:10 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-02-12 12:10 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-02-12 11:37 - 2015-02-12 14:18 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line

2015-02-12 11:37 - 2015-02-12 14:18 - 00000000 ____D () C:\Program Files\Image-Line

2015-02-12 11:37 - 2015-02-12 11:37 - 00000000 ____D () C:\Users\Mike\Documents\Image-Line

2015-02-12 11:37 - 2015-02-12 11:37 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics

2015-02-12 11:07 - 2015-02-12 11:37 - 00000000 ____D () C:\Program Files (x86)\Image-Line

2015-02-12 11:03 - 2015-02-12 11:05 - 370000160 _____ (Image-Line) C:\Users\Mike\Downloads\flstudio_11.1.1.exe

2015-02-11 18:00 - 2015-02-11 18:00 - 00000000 ____D () C:\Users\Mike\AppData\Local\backburner

2015-02-11 15:22 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-02-11 15:22 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-02-11 15:22 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-02-11 15:22 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-02-11 15:22 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-02-11 15:22 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-02-11 15:22 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-02-11 15:22 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2015-02-11 15:22 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-02-11 15:22 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-02-11 15:22 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-02-11 15:22 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-02-11 15:22 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-02-11 15:22 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-02-11 15:22 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-02-11 15:22 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-02-11 15:22 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-02-11 15:22 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-02-11 15:22 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-02-11 15:22 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-02-11 15:22 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-02-11 15:22 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-02-11 15:22 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-02-11 15:22 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-02-11 15:22 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-02-11 15:22 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-02-11 15:22 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-02-11 15:22 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-02-11 15:22 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-02-11 15:22 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-02-11 15:22 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-02-11 15:22 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-02-11 15:22 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-02-11 15:22 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-02-11 15:22 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-02-11 15:22 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-02-11 15:22 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-02-11 15:22 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-02-11 15:22 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-02-11 15:21 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-02-11 15:21 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-02-11 15:21 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-02-11 15:21 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-02-11 15:21 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-02-11 15:21 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-02-11 15:21 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-02-11 15:21 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-02-11 15:21 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-02-11 15:21 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-02-11 15:21 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-02-11 15:21 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-02-11 15:21 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-02-11 15:21 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-02-11 15:21 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-02-11 15:21 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-02-11 15:21 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-02-11 15:21 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2015-02-11 15:21 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2015-02-11 15:21 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2015-02-11 15:21 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-02-11 15:21 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-02-11 15:21 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-02-11 15:21 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-02-11 15:21 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-02-11 15:21 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-02-11 15:21 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-02-11 15:21 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-02-11 15:21 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-02-11 15:21 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-02-11 15:21 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-02-11 15:21 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-02-11 15:21 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-02-11 15:21 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-02-11 15:21 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-02-11 15:21 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-02-11 15:21 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-02-11 15:21 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-02-11 15:21 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-02-11 15:21 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-02-11 15:21 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-02-11 15:21 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-02-11 15:21 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-02-11 15:20 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-02-11 15:20 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-02-11 15:20 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2015-02-11 15:20 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2015-02-11 15:20 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-02-11 15:20 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-02-11 15:20 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-02-11 15:20 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-02-11 15:18 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-02-11 15:18 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-02-11 15:18 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-02-11 15:18 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-02-11 15:18 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-02-11 15:18 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-02-11 15:18 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-02-11 15:18 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2015-02-11 15:18 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

2015-02-11 15:16 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-02-10 18:34 - 2015-02-10 18:36 - 00000000 ____D () C:\Users\Mike\AppData\Local\PAYDAY 2

2015-02-10 18:34 - 2015-02-10 18:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2015-02-10 18:34 - 2015-02-10 18:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2015-02-09 21:52 - 2015-02-09 21:52 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck

2015-02-09 21:48 - 2015-02-09 21:48 - 29261824 _____ () C:\Users\Mike\Downloads\TweetDeck.msi

2015-02-09 21:47 - 2015-02-23 16:43 - 01262962 _____ () C:\Windows\WindowsUpdate.log

2015-02-08 20:46 - 2015-02-08 20:46 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\FileZilla Server

2015-02-08 20:44 - 2015-02-08 20:44 - 02092229 _____ (FileZilla Project) C:\Users\Mike\Downloads\FileZilla_Server-0_9_49 [1].exe

2015-02-08 20:43 - 2015-02-08 20:44 - 00765232 _____ (Web ) C:\Users\Mike\Downloads\FileZilla_Server-0_9_49.exe

2015-02-08 19:18 - 2015-02-08 19:18 - 03401864 _____ (Check Point Software Technologies Ltd.) C:\Users\Mike\Downloads\zafwSetupWeb_133_209_000.exe

2015-02-08 19:18 - 2015-02-08 19:18 - 00000000 ____D () C:\ProgramData\CheckPoint

2015-02-08 19:06 - 2015-02-08 19:07 - 27410776 _____ (OpenVPN Technologies) C:\Users\Mike\Downloads\privatetunnel-win-2.4 (1).exe

2015-02-08 18:48 - 2015-02-08 18:49 - 27410776 _____ (OpenVPN Technologies) C:\Users\Mike\Downloads\privatetunnel-win-2.4.exe

2015-02-08 18:23 - 2015-02-08 18:47 - 00000000 ____D () C:\Users\Mike\VirtualBox VMs

2015-02-08 18:14 - 2015-02-08 18:27 - 1412431872 _____ () C:\Users\Mike\Downloads\linuxmint-17.1-cinnamon-32bit.iso

2015-02-08 18:02 - 2015-02-08 18:11 - 818937856 _____ () C:\Users\Mike\Downloads\Amahi-7.1-x86_64-DVD.iso

2015-02-08 18:01 - 2015-02-08 20:20 - 00000000 ____D () C:\Users\Mike\.VirtualBox

2015-02-08 18:00 - 2014-11-24 12:07 - 00916024 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys

2015-02-08 18:00 - 2014-11-24 12:07 - 00128080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

2015-02-08 17:49 - 2015-02-08 17:51 - 110587080 _____ (Oracle Corporation) C:\Users\Mike\Downloads\VirtualBox-4.3.20-96997-Win.exe

2015-02-07 16:28 - 2015-02-07 16:32 - 00000000 ____D () C:\Users\Mike\Documents\RCT3

2015-02-07 16:28 - 2015-02-07 16:28 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Atari

2015-02-07 10:12 - 2015-02-07 10:12 - 00000000 ____D () C:\Users\Mike\Documents\Criterion Games

2015-02-06 19:52 - 2015-02-06 19:52 - 00000000 ____D () C:\Users\Mike\Downloads\1361023764_trainerv65

2015-02-06 19:42 - 2015-02-06 19:44 - 02641537 _____ () C:\Users\Mike\Downloads\1361023764_trainerv65.rar

2015-02-06 19:42 - 2015-02-06 19:42 - 02955616 _____ () C:\Users\Mike\Downloads\1309190199_iCEnhancer12.rar

2015-02-06 19:42 - 2015-02-06 19:42 - 00000000 ____D () C:\Users\Mike\Downloads\1309190199_iCEnhancer12

2015-02-04 14:29 - 2015-02-04 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2015-02-04 14:26 - 2015-02-04 14:27 - 42096984 _____ (Apple Inc.) C:\Users\Mike\Downloads\QuickTimeInstaller.exe

2015-02-04 11:12 - 2015-02-04 14:29 - 00000000 ____D () C:\Program Files (x86)\QuickTime

2015-02-04 11:12 - 2015-02-04 11:12 - 00001168 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk

2015-02-04 11:12 - 2015-02-04 11:12 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith

2015-02-04 11:12 - 2015-02-04 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith

2015-02-04 11:11 - 2015-02-04 11:11 - 00000000 ____D () C:\ProgramData\TechSmith

2015-02-04 11:11 - 2015-02-04 11:11 - 00000000 ____D () C:\Program Files (x86)\TechSmith

2015-02-04 10:10 - 2015-02-22 18:10 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 504d664f-2ff0-42a6-b317-c5e057126886.job

2015-02-04 10:10 - 2015-02-15 02:00 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task bde3fca5-6b3e-4d21-bda8-cb4c2ad3fd42.job

2015-02-04 10:10 - 2015-02-04 10:10 - 00003578 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task bde3fca5-6b3e-4d21-bda8-cb4c2ad3fd42

2015-02-04 10:10 - 2015-02-04 10:10 - 00003504 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 504d664f-2ff0-42a6-b317-c5e057126886

2015-02-04 10:10 - 2015-02-04 10:10 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\SUPERAntiSpyware.com

2015-02-04 10:09 - 2015-02-23 16:39 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2015-02-04 10:09 - 2015-02-04 10:10 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-02-04 10:09 - 2015-02-04 10:09 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2015-02-04 10:08 - 2015-02-04 10:08 - 21242208 _____ (SUPERAntiSpyware) C:\Users\Mike\Downloads\SUPERAntiSpyware.exe

2015-02-03 20:18 - 2015-02-22 19:24 - 00000000 ____D () C:\Users\Mike\Documents\MyPaint

2015-02-03 17:20 - 2015-02-03 17:20 - 00000000 ____D () C:\Users\Diana\AppData\Local\HP

2015-02-02 20:17 - 2015-02-07 19:43 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Bloody Trapland

2015-02-02 19:26 - 2015-02-02 19:26 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-02-02 19:26 - 2015-02-02 19:26 - 00000000 ____D () C:\ProgramData\Mozilla

2015-02-02 19:26 - 2015-02-02 19:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-02-02 19:23 - 2015-02-02 19:24 - 00243440 _____ () C:\Users\Mike\Downloads\Firefox Setup Stub 35.0.1.exe

2015-02-02 19:14 - 2015-02-02 19:23 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\FileZilla

2015-02-02 19:13 - 2015-02-02 19:13 - 06372800 _____ (Tim Kosse) C:\Users\Mike\Downloads\FileZilla_3.10.1.1_win32-setup [1].exe

2015-02-02 19:13 - 2015-02-02 19:13 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

2015-02-02 19:13 - 2015-02-02 19:13 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client

2015-02-02 19:12 - 2015-02-02 19:12 - 00742056 _____ ( ) C:\Users\Mike\Downloads\FileZilla_3.10.1.1_win32-setup.exe

2015-02-01 01:27 - 2015-02-01 01:27 - 00000000 ____D () C:\Windows\pss

2015-02-01 01:08 - 2015-02-01 01:22 - 00000000 ___SD () C:\ComboFix

2015-02-01 01:07 - 2015-02-01 01:07 - 05611408 ____R (Swearware) C:\Users\Mike\Downloads\ComboFix.exe

2015-01-29 15:32 - 2015-01-29 15:48 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\.minecraft

2015-01-29 15:32 - 2015-01-29 15:32 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\java

2015-01-29 15:28 - 2015-01-29 15:32 - 00000000 ____D () C:\Program Files (x86)\Minecraft

2015-01-29 15:28 - 2015-01-29 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft

2015-01-29 15:27 - 2015-01-29 15:27 - 02314240 _____ () C:\Users\Mike\Downloads\MinecraftInstaller.msi

2015-01-28 18:29 - 2015-01-28 18:29 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\LibreOffice

2015-01-28 18:29 - 2015-01-28 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3

2015-01-28 18:27 - 2015-01-28 18:29 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4

2015-01-28 18:19 - 2015-01-28 18:20 - 225890304 _____ () C:\Users\Mike\Downloads\LibreOffice_4.3.5_Win_x86.msi

2015-01-28 18:17 - 2015-01-28 18:17 - 02128166 _____ () C:\Users\Mike\Downloads\Rondje cultuur 2015.pptx

2015-01-28 13:31 - 2015-01-28 13:31 - 00015991 _____ () C:\Users\Diana\Downloads\NL51INGB0002831793_01-12-2014_31-12-2014 (2).csv

2015-01-28 13:30 - 2015-01-28 13:30 - 00019113 _____ () C:\Users\Diana\Downloads\NL51INGB0002831793_01-12-2014_31-12-2014.asc

2015-01-28 13:30 - 2015-01-28 13:30 - 00015879 _____ () C:\Users\Diana\Downloads\NL51INGB0002831793_01-12-2014_31-12-2014 (1).csv

2015-01-28 13:29 - 2015-01-28 13:29 - 00015991 _____ () C:\Users\Diana\Downloads\NL51INGB0002831793_01-12-2014_31-12-2014.csv

2015-01-28 13:29 - 2015-01-28 13:29 - 00015991 _____ () C:\Users\Diana\Downloads\NL51INGB0002831793_01-12-2014_31-12-2014 (1).txt

2015-01-28 13:29 - 2015-01-28 13:29 - 00015879 _____ () C:\Users\Diana\Downloads\NL51INGB0002831793_01-12-2014_31-12-2014.txt

2015-01-25 17:15 - 2015-01-25 17:15 - 10566624 _____ () C:\Users\Mike\Downloads\Autodesk_Maya_2015_R1_wi_en-US_Setup.exe

2015-01-25 17:15 - 2015-01-25 17:15 - 00000000 ____D () C:\Autodesk

2015-01-25 17:07 - 2015-01-25 17:08 - 00000000 ____D () C:\Users\Mike\AppData\Local\Akamai

2015-01-25 15:43 - 2015-01-25 15:43 - 13672053 _____ () C:\Users\Mike\Downloads\LandslideMcQueenWindows.zip

2015-01-25 15:42 - 2015-01-25 15:42 - 00000000 ____D () C:\Users\Mike\Downloads\BesiegeAlpha_Win_v0_01

2015-01-25 15:39 - 2015-01-25 15:41 - 133342637 _____ () C:\Users\Mike\Downloads\BesiegeAlpha_Win_v0_01.zip

2015-01-25 13:46 - 2015-01-28 15:23 - 00000000 ____D () C:\Users\Mike\Desktop\Useless screenshots and stuff

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 16:41 - 2014-12-01 19:27 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Spotify

2015-02-23 16:40 - 2014-12-01 19:27 - 00000000 ____D () C:\Users\Mike\AppData\Local\Spotify

2015-02-23 16:39 - 2014-12-17 16:34 - 00000000 ____D () C:\Users\Mike\AppData\Local\LogMeIn Hamachi

2015-02-23 16:36 - 2014-11-23 20:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-23 16:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-23 12:41 - 2014-12-09 21:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-02-23 12:29 - 2014-11-23 20:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-23 12:16 - 2014-11-23 20:34 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-02-23 12:15 - 2014-12-17 15:54 - 00000000 ____D () C:\Users\Mike\AppData\Local\CrashDumps

2015-02-23 12:06 - 2014-11-30 16:07 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-02-23 11:30 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-23 11:30 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-22 23:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2015-02-22 22:19 - 2014-11-23 19:33 - 00000000 ____D () C:\Users\Mike

2015-02-22 22:10 - 2015-01-06 16:52 - 00001456 _____ () C:\Users\Mike\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-02-22 22:03 - 2014-12-11 17:03 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\OBS

2015-02-22 20:22 - 2014-11-23 20:43 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Skype

2015-02-22 13:32 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries

2015-02-22 10:59 - 2014-11-23 20:43 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-02-22 10:59 - 2014-11-23 20:43 - 00000000 ____D () C:\ProgramData\Skype

2015-02-22 00:04 - 2015-01-19 18:13 - 00000000 ____D () C:\Users\Mike\Desktop\mbar

2015-02-22 00:04 - 2015-01-19 18:13 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-02-21 23:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-02-21 23:47 - 2014-12-09 21:19 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-02-21 23:45 - 2014-12-06 01:12 - 00000000 ____D () C:\Users\Mike\Desktop\stuff

2015-02-21 23:44 - 2014-11-24 16:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2015-02-21 16:54 - 2014-11-24 21:25 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

2015-02-16 18:20 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-02-16 16:20 - 2014-12-02 16:28 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

2015-02-11 20:07 - 2014-12-13 14:20 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Tropico 5

2015-02-11 18:22 - 2014-12-11 12:46 - 00000000 ____D () C:\Windows\system32\appraiser

2015-02-11 18:22 - 2014-10-26 18:16 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-02-11 18:11 - 2015-01-18 20:35 - 00000000 ____D () C:\Windows\system32\MRT

2015-02-11 18:05 - 2014-02-14 09:22 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-02-11 18:02 - 2014-12-17 16:52 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios

2015-02-11 18:02 - 2014-12-17 16:52 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios

2015-02-11 18:02 - 2014-11-23 20:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2015-02-11 18:00 - 2014-12-07 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk

2015-02-08 19:48 - 2014-12-14 20:12 - 00000000 ____D () C:\Users\Mike\Desktop\tweeter meemzololol!!111

2015-02-08 00:27 - 2014-11-30 15:30 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Audacity

2015-02-05 16:11 - 2014-11-29 07:49 - 00000000 ____D () C:\Users\Mike\AppData\Local\Steam

2015-02-04 21:06 - 2014-11-30 16:07 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-02-04 21:06 - 2014-11-30 16:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-02-04 21:06 - 2014-11-30 16:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-02-04 15:24 - 2014-11-23 20:17 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-02-04 15:24 - 2014-11-23 20:17 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-02-04 14:34 - 2014-11-24 18:13 - 00000000 ____D () C:\Users\Mike\AppData\Local\Apple Computer

2015-02-04 10:05 - 2015-01-19 18:53 - 00000000 ____D () C:\Users\Mike\AppData\Local\Windows Live

2015-02-02 19:55 - 2014-11-24 21:06 - 00000000 ____D () C:\Program Files (x86)\OBS

2015-02-02 19:26 - 2014-12-20 18:56 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-02-02 19:26 - 2014-12-20 18:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-02-01 01:08 - 2014-12-15 21:39 - 00000000 ____D () C:\Qoobox

2015-01-31 01:20 - 2014-12-20 01:45 - 00000000 ____D () C:\Users\Mike\Documents\Euro Truck Simulator 2

2015-01-30 23:31 - 2015-01-06 16:12 - 00002582 _____ () C:\Windows\Sandboxie.ini

2015-01-30 12:05 - 2014-12-17 15:56 - 00074856 _____ () C:\Users\Diana\AppData\Local\GDIPFONTCACHEV1.DAT

2015-01-30 12:04 - 2014-12-17 15:56 - 00000000 ____D () C:\Users\Diana\AppData\Local\LogMeIn Hamachi

2015-01-28 12:29 - 2014-12-17 15:56 - 00000000 ____D () C:\Users\Diana\AppData\Local\Google

2015-01-25 17:24 - 2014-12-07 18:08 - 00000000 ____D () C:\Program Files\Autodesk

==================== Files in the root of some directories =======

2014-12-11 21:45 - 2014-12-11 21:45 - 0000112 _____ () C:\Users\Mike\AppData\Roaming\JP2K CS6 Prefs

2014-12-27 16:17 - 2014-12-27 16:17 - 0000268 ___RH () C:\Users\Mike\AppData\Roaming\Sampler Files

2014-12-27 15:48 - 2014-12-28 11:15 - 0000000 _____ () C:\Users\Mike\AppData\Roaming\Screen Saver

2014-12-27 15:48 - 2014-12-28 11:16 - 0000000 _____ () C:\Users\Mike\AppData\Roaming\Scripts Menu

2014-12-06 01:25 - 2014-12-06 01:25 - 0001181 _____ () C:\Users\Mike\AppData\Roaming\trace_FilterInstaller.1.txt

2014-12-06 01:25 - 2014-12-06 01:35 - 0000919 _____ () C:\Users\Mike\AppData\Roaming\trace_FilterInstaller.txt

2014-12-06 01:25 - 2014-12-06 01:35 - 0000000 _____ () C:\Users\Mike\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt

2015-01-06 16:52 - 2015-02-22 22:10 - 0001456 _____ () C:\Users\Mike\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-02-22 19:24 - 2015-02-22 19:24 - 0002878 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel

2014-12-05 17:41 - 2015-01-18 20:27 - 0007601 _____ () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg

2014-12-06 10:49 - 2014-12-06 10:49 - 0000057 _____ () C:\ProgramData\Ament.ini

2014-12-27 16:15 - 2014-12-27 16:35 - 0000020 ____H () C:\ProgramData\PKP_DLdy.DAT

2014-12-27 15:49 - 2014-12-28 11:17 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT

2014-12-27 15:48 - 2014-12-28 11:15 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT

2014-12-27 15:48 - 2014-12-28 11:16 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT

2014-12-28 11:15 - 2014-12-28 11:15 - 0000000 _____ () C:\ProgramData\Sci-Fi

2014-12-27 16:17 - 2014-12-27 16:17 - 0000012 ___RH () C:\ProgramData\Spacious

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-14 11:26

==================== End Of Log ============================

batb · February 23, 2015

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015

Ran by Mike at 2015-02-23 16:44:17

Running from C:\Users\Mike\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)

8BitMMO (HKLM-x32\...\Steam App 250420) (Version: - Archive Entertainment)

Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (32 Bit) (HKLM-x32\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Akamai NetSession Interface (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Akamai) (Version: - Akamai Technologies, Inc)

AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)

Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)

Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Bejeweled 3 (HKLM-x32\...\Steam App 78000) (Version: - PopCap Games, Inc.)

Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)

Big Money! Deluxe (HKLM-x32\...\Steam App 3360) (Version: - PopCap Games, Inc.)

Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)

Bloody Trapland (HKLM-x32\...\Steam App 257750) (Version: - 2Play)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{E78B4959-B348-4913-874B-FF982378E035}) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BookWorm Deluxe (HKLM-x32\...\Steam App 3370) (Version: - PopCap Games, Inc.)

Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)

Cabela's Big Game Hunter Pro Hunts (HKLM-x32\...\Steam App 247770) (Version: - Cauldron)

Camtasia Studio 8 (HKLM-x32\...\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}) (Version: 8.4.1.1745 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)

City Life 2008 (HKLM-x32\...\Steam App 4460) (Version: - Monte Cristo)

Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version: - EA Los Angeles)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)

Cradle of Rome (HKLM-x32\...\Steam App 38170) (Version: - Awem Studio)

CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Defy Gravity (HKLM-x32\...\Steam App 96100) (Version: - Fish Factory Games)

Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version: - Double Action Factory)

Estranged: Act I (HKLM-x32\...\Steam App 261820) (Version: - Alan Edwardes)

Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)

Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.10 - Echobit, LLC)

FileZilla Client 3.10.1.1 (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)

Fireworks Simulator (HKLM-x32\...\Steam App 323780) (Version: - Reality Twist GmbH)

Freemake Video Converter version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)

Galcon 2 (HKLM-x32\...\Steam App 294160) (Version: - Hassey Enterprises, Inc.)

Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)

Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)

Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)

GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)

Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)

HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )

HP Deskjet 3070 B611 series Basic Device Software (HKLM\...\{B08ED12B-F101-45D1-B13C-B203EA67AD6B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)

Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)

Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)

LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)

Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)

MyPaint 1.0.0 (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\MyPaint) (Version: 1.0.0 - Martin Renold & MyPaint Development Team)

Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)

Need for Speed: SHIFT (HKLM-x32\...\Steam App 24870) (Version: - Slightly Mad Studios)

Need for Speed: Undercover (HKLM-x32\...\Steam App 17430) (Version: - EA Black Box)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.)

paint.net (HKLM\...\{141BA46D-2D1F-4DA6-9448-B847334585C0}) (Version: 4.0.4 - dotPDN LLC)

Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)

PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)

Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version: - Zen Studios)

Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)

Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version: - PopCap Games, Inc.)

Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version: - Telltale Games)

Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)

Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)

POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version: - Running With Scissors)

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

ROBLOX Player for Mike (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)

ROBLOX Studio for Mike (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)

Robot Roller-Derby Disco Dodgeball (HKLM-x32\...\Steam App 270450) (Version: - Erik Asmussen)

RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)

SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)

Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)

Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)

Shift 2 Unleashed (HKLM-x32\...\Steam App 47920) (Version: - Slightly Mad Studios)

SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)

Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)

Solar 2 (HKLM-x32\...\Steam App 97000) (Version: - Murudai)

Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)

Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)

SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)

Spotify (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)

StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)

System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)

Tabletop Simulator (HKLM-x32\...\Steam App 286160) (Version: - Berserk Games)

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)

TeamSpeak 3 Client (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)

The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)

Town of Salem (HKLM-x32\...\Steam App 334230) (Version: - BlankMediaGames)

Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)

Turbo Dismount (HKLM-x32\...\Steam App 263760) (Version: - Secret Exit Ltd.)

TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)

Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)

Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

Wireshark 1.12.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.2 - The Wireshark developer community, http://www.wireshark.org)

World of Tanks (HKU\S-1-5-21-3073272561-30202821-3334549261-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)

Zuma's Revenge (HKLM-x32\...\Steam App 3620) (Version: - PopCap Games, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3073272561-30202821-3334549261-1000_Classes\CLSID\{8932AEFE-9DB6-4f43-AFB2-5682F55E773A}\InprocServer32 -> C:\Program Files (x86)\Microsoft Virtual PC\VPCShExH.DLL (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3073272561-30202821-3334549261-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

CustomCLSID: HKU\S-1-5-21-3073272561-30202821-3334549261-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Roblox\Versions\version-708f91f0ad924d5c\RobloxProxy64.dll (ROBLOX Corporation)

==================== Restore Points =========================

12-02-2015 22:16:33 Windows Update

21-02-2015 16:31:45 Windows Update

21-02-2015 23:53:38 Removed Java 8 Update 25

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-02-04 14:25 - 00000069 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

127.0.0.1 activation.cloud.techsmith.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {476476BF-3EAD-4E10-9A32-57526C87BC58} - System32\Tasks\Shutdown => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)

Task: {5B263116-F7F7-4FCD-B6B7-AD8FB610578E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)

Task: {6EC8A1C4-E3B1-42C3-B039-FDE72D6C1DA4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-24] (AVAST Software)

Task: {73E22607-9D91-41F2-A95D-A3CD862AB737} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)

Task: {761FCF0D-D5C6-4F51-B043-CBF010D4549F} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()

Task: {A829D358-89AC-4542-A57B-B57F8CA7EB4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)

Task: {AACE4FE6-1751-4AA4-9B68-37097963C6FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)

Task: {B10F7F09-20BA-44A6-B768-8544ECFB7BEC} - System32\Tasks\SUPERAntiSpyware Scheduled Task bde3fca5-6b3e-4d21-bda8-cb4c2ad3fd42 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

Task: {DF953641-CAEE-4480-8FD8-A2EA1EC95592} - System32\Tasks\SUPERAntiSpyware Scheduled Task 504d664f-2ff0-42a6-b317-c5e057126886 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 504d664f-2ff0-42a6-b317-c5e057126886.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task bde3fca5-6b3e-4d21-bda8-cb4c2ad3fd42.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-20 21:23 - 2014-11-20 21:23 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2014-12-08 11:10 - 2014-12-08 11:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2014-12-01 19:27 - 2014-12-13 01:45 - 00374840 _____ () C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyHelper.exe

2015-02-23 12:23 - 2015-02-23 12:23 - 02911232 _____ () C:\Program Files\AVAST Software\Avast\defs\15022300\algo.dll

2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-11-24 16:09 - 2014-11-24 16:09 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2015-02-01 12:17 - 2015-02-01 12:17 - 00039200 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll

2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll

2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll

2015-02-21 16:35 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll

2015-02-21 16:35 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll

2015-02-21 16:35 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll

2014-12-01 19:27 - 2014-12-13 01:45 - 36966968 _____ () C:\Users\Mike\AppData\Roaming\Spotify\Data\libcef.dll

2014-12-01 19:27 - 2014-12-13 01:45 - 00867896 _____ () C:\Users\Mike\AppData\Roaming\Spotify\Data\ffmpegsumo.dll

2014-12-01 19:27 - 2014-12-13 01:45 - 00886840 _____ () C:\Users\Mike\AppData\Roaming\Spotify\Data\libglesv2.dll

2014-12-01 19:27 - 2014-12-13 01:45 - 00108600 _____ () C:\Users\Mike\AppData\Roaming\Spotify\Data\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3073272561-30202821-3334549261-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 195.121.1.34 - 195.121.1.66

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: FileZilla Server => 2

MSCONFIG\Services: VMAuthdService => 2

MSCONFIG\Services: VMUSBArbService => 2

MSCONFIG\startupfolder: C:^Users^Mike^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3070 B611 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3070 B611 series (Network).lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Mike\AppData\Local\Akamai\netsession_win.exe"

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart

MSCONFIG\startupreg: EvolveClient => C:\Program Files\Echobit\Evolve\EvolveClient.exe -autorun

MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"

MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Spotify => "C:\Users\Mike\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Mike\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-3073272561-30202821-3334549261-500 - Administrator - Disabled)

Diana (S-1-5-21-3073272561-30202821-3334549261-1003 - Administrator - Enabled) => C:\Users\Diana

Guest (S-1-5-21-3073272561-30202821-3334549261-501 - Limited - Disabled)

Mike (S-1-5-21-3073272561-30202821-3334549261-1000 - Administrator - Enabled) => C:\Users\Mike

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description: The index cannot be initialized.

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: The application cannot be initialized.

Context: Windows Application

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:

Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (02/23/2015 04:38:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:

The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description: The Windows Search Service cannot open the Jet property store.

Details:

0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (02/23/2015 04:38:43 PM) (Source: ESENT) (EventID: 455) (User: )

Description: Windows (3416) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0008D.log.

System errors:

=============

Error: (02/23/2015 04:44:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Update service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/23/2015 04:44:13 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (02/23/2015 04:44:13 PM) (Source: atapi) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (02/23/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1053

Error: (02/23/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (02/23/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1053

Error: (02/23/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (02/23/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1053

Error: (02/23/2015 04:38:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (02/23/2015 04:38:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1053

Microsoft Office Sessions:

=========================

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 7010) (User: )

Description:

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 3058) (User: )

Description: Context: Windows Application

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 3028) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/23/2015 04:38:50 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

Element not found. (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer

Error: (02/23/2015 04:38:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Search.JetPropStore

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 9002) (User: )

Description: Context: Windows Application, SystemIndex Catalog

Details:

The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description:

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 7040) (User: )

Description:

Details:

The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

4700

Error: (02/23/2015 04:38:47 PM) (Source: Windows Search Service) (EventID: 9000) (User: )

Description:

Details:

0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))

Error: (02/23/2015 04:38:43 PM) (Source: ESENT) (EventID: 455) (User: )

Description: Windows3416Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0008D.log-1811

CodeIntegrity Errors:

===================================

Date: 2014-12-15 22:00:26.466

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\cambafax\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-15 22:00:26.356

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\cambafax\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Phenom II N970 Quad-Core Processor

Percentage of memory in use: 46%

Total physical RAM: 6142.17 MB

Available physical RAM: 3284.87 MB

Total Pagefile: 12282.53 MB

Available Pagefile: 8967.45 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:312.07 GB) (Free:209.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 83BE0517)

Partition 1: (Not Active) - (Size=13.2 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=312.1 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=140.4 GB) - (Type=05)

==================== End Of Log ============================

TwinHeadedEagle · February 23, 2015

Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.

batb · February 23, 2015

Addition.txt FRST.txt

AdvancedSetup · February 23, 2015

C:\Users\Mike\Downloads\[kickass.to]bruce.springsteen.live.in.dublin.dvd.torrent

127.0.0.1 activation.cloud.techsmith.com

AdvancedSetup · February 23, 2015

This topic will now be closed due to evidence of cracked or pirated software on this system.

Piracy Policy

rundll32.exe running under username, not under system?

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information