Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Downloaded .src file from stream link


  • Please log in to reply
16 replies to this topic

#1 rhayne

rhayne

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 May 2015 - 02:18 AM

I mindlessly clicked on a link that caused me to download a .src file while watching a twitch stream.  The link opened up a page that immediately closed itself and started a download of a file by the name of screenshot and some numbers with a .src extension.  I did not proceed to open this file, and deleted it immediately.  I am afraid that it automatically ran a script and did some bad stuff to my computer.  I am using windows 7 ultimate 64bit.

 

I searched the internet and found another poster with a relatively similar problem: http://www.bleepingcomputer.com/forums/t/575508/steam-scr-file-hidden-keylogger-on-pc/

I proceeded to follow similar instructions as suggested, to try to investigate and fix my problem.

 

I have completed the following steps to try to fix my problem:

1.Downloaded and run wipe  and system ninja,

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

2. Ran ccleaner

 

3. Rebooted my machine, disabled my antivirus, downloaded and updated eScanAV.  I am currently scanning.  My second post will contain the log.  I will run Zemana, JRT, and Adware Cleaner as InadequateInfirmity suggests and post those logs as well.

 

Please let me know how else I can proceed to secure my computer and make sure it's clean.  Should I change all my passwords? I would prefer not to if I can avoid it, but understand if that is advisable.  Thank you sincerely for your help!

-Evan


Edited by rhayne, 09 May 2015 - 02:30 AM.


BC AdBot (Login to Remove)

 


m

#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:10 AM

Posted 09 May 2015 - 02:25 AM

Hi there,

I see that there was a mistake.

Have you run the tools? If you haven't, I will give you instructions for a checkup.

Regards,
Alex

Edited by Alexstrasza, 09 May 2015 - 02:32 AM.


#3 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 May 2015 - 02:31 AM

I do not currently have an active topic.  This is my first post and I believe there to be a misunderstanding, the other post is a similar post but it does not belong to me.  Can we please re-evaluate closing this topic?  

 

Thank you,

Evan



#4 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 May 2015 - 02:35 AM

Which tools are you referring to, Alexstrasza?



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:10 AM

Posted 09 May 2015 - 02:39 AM

Hi there,

I see you have already ran eScanAV.

After it finishes, please run these.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Regards,
Alex

#6 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 May 2015 - 10:01 AM

I will post the logs for Minitoolbox and security check after they finish, here is the eScanAV Log:

 

09 May 2015 01:54:43 [02ec] - **********************************************************
09 May 2015 01:54:43 [02ec] - MWAV - eScanAV AntiVirus Toolkit.
09 May 2015 01:54:43 [02ec] - Copyright © MicroWorld Technologies
09 May 2015 01:54:43 [02ec] - **********************************************************
09 May 2015 01:54:43 [02ec] - Source: D:\Users\ET\Downloads\mwav.exe
09 May 2015 01:54:43 [02ec] - Version 14.0.178 (D:\USERS\ET\APPDATA\LOCAL\TEMP\MEXE.COM)
09 May 2015 01:54:43 [02ec] - Log File: D:\Users\ET\AppData\Local\Temp\MWAV.LOG
09 May 2015 01:54:43 [02ec] - MWAV Registered: TRUE
09 May 2015 01:54:43 [02ec] - User Account: ET (Administrator Mode)
09 May 2015 01:54:43 [02ec] - OS Type: Windows Workstation [InstallType: Client]
09 May 2015 01:54:43 [02ec] - OS: Windows 7 64-Bit [OS Install Date: 10 Jun 2013 16:51:45]
09 May 2015 01:54:43 [02ec] - Ver: Professional Service Pack 1 (Build 7601)
09 May 2015 01:54:43 [02ec] - System Up Time: 22 Minutes, 40 Seconds
 
 
09 May 2015 01:54:43 [02ec] - Parent Process Name : D:\Users\ET\Downloads\mwav.exe
09 May 2015 01:54:43 [02ec] - Windows Root  Folder: D:\Windows
09 May 2015 01:54:43 [02ec] - Windows Sys32 Folder: D:\Windows\system32
09 May 2015 01:54:43 [02ec] - DHCP NameServer: 75.75.76.76 75.75.75.75
09 May 2015 01:54:43 [02ec] - Interface0 DHCPNameServer: 75.75.76.76 75.75.75.75
09 May 2015 01:54:43 [02ec] - Interface1 DHCPNameServer: 75.75.76.76 75.75.75.75
09 May 2015 01:54:43 [02ec] - Local Fixed Drives: c:\,d:\,e:\,f:\,g:\
09 May 2015 01:54:43 [02ec] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
09 May 2015 01:54:43 [02ec] - [CREATED ZIP FILE: D:\Users\ET\AppData\Local\Temp\pinfect.zip]
09 May 2015 01:54:43 [02ec] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
09 May 2015 01:54:45 [02ec] - ** Changed Value of "Path"
09 May 2015 01:54:45 [02ec] - ** Changed Value of "HKEY_CLASSES_ROOT\.htm" from "ChromeHTML" to "htmlfile"
09 May 2015 01:54:45 [02ec] - ** Changed Value of "HKEY_CLASSES_ROOT\.html" from "ChromeHTML" to "htmlfile"
09 May 2015 01:54:45 [02ec] - Loading/Creating FileScan Cache Database D:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: D:\Users\ET\AppData\Local\Temp\ESCANDB.LOG]
09 May 2015 01:54:47 [02ec] - Loaded/Created FileScan Cache Database...
09 May 2015 01:54:47 [02ec] - Loading AV Library [DB]...
09 May 2015 01:55:08 [02ec] - ArchiveScan: DISABLED
09 May 2015 01:55:09 [02ec] - AV Library Loaded - MultiThreaded - 4 : [DB-DIRECT].
09 May 2015 01:55:09 [02ec] - MWAV doing self scanning...
09 May 2015 01:55:09 [02ec] - MWAV files are clean.
09 May 2015 01:55:15 [02ec] - ArchiveScan: DISABLED
09 May 2015 01:55:15 [02ec] - Virus Database Date: 02 Mar 2015
09 May 2015 01:55:15 [02ec] - Virus Database Count: 6701505
09 May 2015 01:55:15 [02ec] - Sign Version: 7.59505 [518257]
09 May 2015 01:55:23 [02ec] - Downloading AntiVirus and Anti-Spyware Databases...
09 May 2015 02:14:39 [02ec] - Update Successful...
09 May 2015 02:14:56 [02ec] - Indexed Spyware Databases Successfully Created...
09 May 2015 02:14:56 [02ec] - Old Sign Version: 7.59505 New Sign Version: 7.60489
09 May 2015 02:15:59 [02ec] - Reload of AntiVirus Signatures successfully done.
09 May 2015 02:15:59 [02ec] - Virus Database Date: 09 May 2015
09 May 2015 02:15:59 [02ec] - Virus Database Count: 6066331
09 May 2015 02:15:59 [02ec] - Sign Version: 7.60489 [519241]
 
09 May 2015 02:16:37 [02ec] - **********************************************************
09 May 2015 02:16:37 [02ec] - MWAV - eScanAV AntiVirus Toolkit.
09 May 2015 02:16:37 [02ec] - Copyright © MicroWorld Technologies
09 May 2015 02:16:37 [02ec] - 
09 May 2015 02:16:37 [02ec] - Support: support@escanav.com
09 May 2015 02:16:37 [02ec] - Web: http://www.escanav.com
09 May 2015 02:16:37 [02ec] - **********************************************************
09 May 2015 02:16:37 [02ec] - Version 14.0.178[DB] (D:\USERS\ET\APPDATA\LOCAL\TEMP\MEXE.COM)
09 May 2015 02:16:37 [02ec] - Log File: D:\Users\ET\AppData\Local\Temp\MWAV.LOG
09 May 2015 02:16:37 [02ec] - User Account: ET (Administrator Mode)
09 May 2015 02:16:37 [02ec] - Parent Process Name : D:\Users\ET\Downloads\mwav.exe
09 May 2015 02:16:37 [02ec] - Windows Root  Folder: D:\Windows
09 May 2015 02:16:37 [02ec] - Windows Sys32 Folder: D:\Windows\system32
09 May 2015 02:16:37 [02ec] - OS: Windows 7 64-Bit [OS Install Date: 10 Jun 2013 16:51:45]
09 May 2015 02:16:37 [02ec] - Ver: Professional Service Pack 1 (Build 7601)
09 May 2015 02:16:37 [02ec] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
 
09 May 2015 02:16:37 [038c] - Options Selected by User:
09 May 2015 02:16:37 [038c] - Memory Check: Enabled
09 May 2015 02:16:37 [038c] - Registry Check: Enabled
09 May 2015 02:16:37 [038c] - StartUp Folder Check: Enabled
09 May 2015 02:16:37 [038c] - System Folder Check: Enabled
09 May 2015 02:16:37 [038c] - Services Check: Enabled
09 May 2015 02:16:37 [038c] - Scan Spyware: Enabled
09 May 2015 02:16:37 [038c] - Scan Archives: Disabled
09 May 2015 02:16:37 [038c] - Drive Check: Enabled
09 May 2015 02:16:37 [038c] - All Drive Check :Disabled
09 May 2015 02:16:37 [038c] - Drive Selected = D:\
09 May 2015 02:16:37 [038c] - Folder Check: Disabled
09 May 2015 02:16:37 [038c] - SCAN: All_Files [ANSI]
09 May 2015 02:16:37 [038c] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
09 May 2015 02:16:37 [038c] - Scanning DNS Records...
09 May 2015 02:16:37 [038c] - Scanning Master Boot Record (User)...
09 May 2015 02:16:37 [038c] - Scanning Logical Boot Records...
09 May 2015 02:16:43 [038c] - ScanFile (:BOOT:E) took 5336 ms
09 May 2015 02:16:43 [038c] - ***** Scanning For Hidden Rootkit Processes *****
09 May 2015 02:16:43 [038c] - ***** Scanning For Hidden Rootkit Services *****
 
09 May 2015 02:16:49 [038c] - ***** Scanning Memory Files *****
 
09 May 2015 02:17:00 [038c] - ***** Scanning Registry Files *****
09 May 2015 02:17:02 [038c] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 90 (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
09 May 2015 02:17:02 [038c] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 90 (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
 
09 May 2015 02:17:03 [038c] - ***** Scanning StartUp Folders *****
09 May 2015 02:17:20 [04f4] - ScanFile (D:\Users\ET\Desktop\Bing\BingRewards1.3c\phantomjs.exe) took 7395 ms
09 May 2015 02:17:50 [16d4] - ScanFile (D:\Users\ET\Desktop\Procurement\Procurement.exe) took 6100 ms
09 May 2015 02:17:51 [1630] - ScanFile (D:\Users\ET\Desktop\Procurement\Procurement 2\Procurement.exe) took 6459 ms
 
09 May 2015 02:24:36 [038c] - ***** Scanning Service Files *****
09 May 2015 02:24:36 [038c] - Scanning File D:\Windows\system32\drivers\1394ohci.sys
09 May 2015 02:24:36 [038c] - ERROR(2)!!! ScanFile Fails for D:\Windows\system32\drivers\1394ohci.sys...
09 May 2015 02:24:38 [038c] - ERROR(2)!!! Invalid Entry \??\D:\Users\ET\AppData\Local\Temp\ALSysIO64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\ALSysIO.
09 May 2015 02:24:42 [038c] - ERROR(2)!!! Invalid Entry \??\D:\Users\ET\AppData\Local\Temp\cpuz136\cpuz136_x64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\cpuz136.
09 May 2015 02:25:04 [038c] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
09 May 2015 02:25:08 [038c] - ERROR(2)!!! Invalid Entry System32\drivers\rdvgkmd.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\VGPU.
 
09 May 2015 02:25:13 [038c] - ***** Scanning Registry and File system for Adware/Spyware *****
09 May 2015 02:25:13 [038c] - Loading Spyware Signatures from new External Database [Name: D:\Users\ET\AppData\Local\Temp\spydb.avs, Size: 464724]...
09 May 2015 02:25:13 [038c] - Indexed Spyware Databases Successfully Created...
 
09 May 2015 02:25:29 [038c] - Offending file found: D:\Users\ET\Desktop\ABO Reading Books\Radiographic Cephalometry - A.Jacobson\Radiographic Cephalometry - A.Jacobson\Radiographic Cephalometry 2nd Ed-Tutorial CD\Data\IMAGES\temp1.jpg
09 May 2015 02:25:29 [038c] - System found infected with QQPass PSWTool (temp1.jpg)! Action taken: File Deleted.
09 May 2015 02:25:29 [038c] - Object "QQPass PSWTool" found in File System! Action Taken: File Deleted.
 
09 May 2015 02:25:29 [038c] - Offending file found: D:\Users\ET\Desktop\ABO Reading Books\Radiographic Cephalometry - A.Jacobson\Radiographic Cephalometry - A.Jacobson\Radiographic Cephalometry 2nd Ed-Tutorial CD\fscommand\html.exe
09 May 2015 02:25:29 [038c] - System found infected with WinHound Trojan (html.exe)! Action taken: File Deleted.
09 May 2015 02:25:29 [038c] - Object "WinHound Trojan" found in File System! Action Taken: File Deleted.
 
 
09 May 2015 02:25:41 [038c] - ***** Scanning Registry Files *****
09 May 2015 02:25:41 [038c] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 90 (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
09 May 2015 02:25:41 [038c] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 90 (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
09 May 2015 02:25:41 [038c] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
09 May 2015 02:25:41 [038c] - ** Deleted Value of "NoActiveDesktop" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:1.
09 May 2015 02:25:41 [038c] - ** Deleted Value of "ForceActiveDesktopOn" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:0.
09 May 2015 02:25:41 [038c] - ** Deleted Value of "NoComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
09 May 2015 02:25:41 [038c] - ** Deleted Value of "NoAddingComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
09 May 2015 02:25:41 [038c] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
09 May 2015 02:25:41 [038c] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
09 May 2015 02:25:41 [038c] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 
09 May 2015 02:25:41 [038c] - ***** Scanning System32 Folders *****
 
 
09 May 2015 02:27:30 [038c] - ***** Scanning Drive D:\ *****
09 May 2015 02:29:02 [16d4] - ScanFile (D:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\AdobePDFL.dll) took 5116 ms
09 May 2015 02:29:17 [1630] - ScanFile (D:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\AdobePDFL.dll) took 6256 ms
09 May 2015 02:32:40 [1630] - ScanFile (D:\Program Files\Microsoft Office\Office15\MSACCESS.EXE) took 17192 ms
09 May 2015 02:32:42 [0ff4] - ScanFile (D:\Program Files\Microsoft Office\Office15\MSPUB.EXE) took 11840 ms
09 May 2015 02:32:48 [16d4] - ScanFile (D:\Program Files\Microsoft Office\Office15\lync.exe) took 28080 ms
09 May 2015 02:32:48 [16d4] - Scanning of D:\Program Files\Microsoft Office\Office15\lync.exe Timed out!!!
09 May 2015 02:33:00 [1630] - ScanFile (D:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE) took 16224 ms
09 May 2015 02:33:34 [16d4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{01A558A1-7AC7-4238-8BC3-4426AA68207E}\nvd3dumx.dl_) took 5226 ms
09 May 2015 02:33:40 [1630] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{01A558A1-7AC7-4238-8BC3-4426AA68207E}\nvoglv32.dl_) took 7394 ms
09 May 2015 02:33:43 [0ff4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{01A558A1-7AC7-4238-8BC3-4426AA68207E}\nvoglv64.dl_) took 9547 ms
09 May 2015 02:33:46 [1630] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{01A558A1-7AC7-4238-8BC3-4426AA68207E}\nvwgf2um.dl_) took 5039 ms
09 May 2015 02:33:47 [16d4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{01A558A1-7AC7-4238-8BC3-4426AA68207E}\nvwgf2umx.dl_) took 6786 ms
09 May 2015 02:33:54 [04f4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4DC0C401-EE7A-47D9-9D78-8D22C9D015AF}\nvd3dumx.dl_) took 5663 ms
09 May 2015 02:33:58 [0ff4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4DC0C401-EE7A-47D9-9D78-8D22C9D015AF}\nvoglv32.dl_) took 5429 ms
09 May 2015 02:34:00 [16d4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4DC0C401-EE7A-47D9-9D78-8D22C9D015AF}\nvopencl64.dl_) took 5336 ms
09 May 2015 02:34:03 [1630] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4DC0C401-EE7A-47D9-9D78-8D22C9D015AF}\nvoglv64.dl_) took 8846 ms
09 May 2015 02:34:06 [0ff4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4DC0C401-EE7A-47D9-9D78-8D22C9D015AF}\nvwgf2um.dl_) took 6396 ms
09 May 2015 02:34:08 [04f4] - ScanFile (D:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{4DC0C401-EE7A-47D9-9D78-8D22C9D015AF}\nvwgf2umx.dl_) took 8065 ms
09 May 2015 02:36:10 [16d4] - ScanFile (D:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe) took 14696 ms
09 May 2015 02:36:27 [0ff4] - ScanFile (D:\Program Files (x86)\Adobe\Adobe Photoshop CS6\TFKGEOM.dll) took 5226 ms
09 May 2015 02:36:41 [0ff4] - ScanFile (D:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroExt\libcef.dll) took 5538 ms
09 May 2015 02:36:57 [04f4] - ScanFile (D:\Program Files (x86)\Age of Wonders III\AoW3.exe) took 8221 ms
09 May 2015 02:37:17 [04f4] - ScanFile (D:\Program Files (x86)\Align\ClinCheck\Application\Resources\UI\gfxfontlib_cn.swf) took 7379 ms
09 May 2015 02:41:10 [1630] - ScanFile (D:\Program Files (x86)\Battle for Wesnoth 1.10.7\wesnoth.exe) took 8580 ms
09 May 2015 02:43:28 [16d4] - ScanFile (D:\Program Files (x86)\Common Files\lpuninstall.exe) took 12667 ms
09 May 2015 02:44:57 [04f4] - ScanFile (D:\Program Files (x86)\Heroes of the Storm\Support\Battle.net.dll) took 13510 ms
09 May 2015 02:45:08 [0ff4] - ScanFile (D:\Program Files (x86)\Heroes of the Storm\Versions\Base32253\HeroesOfTheStorm.exe) took 18486 ms
09 May 2015 02:46:14 [04f4] - ScanFile (D:\Program Files (x86)\LastPass\lastpass.exe) took 7114 ms
09 May 2015 02:47:51 [04f4] - ScanFile (D:\Program Files (x86)\R.G. Games\Dragon Age Inquisition\__Installer\vc\vc2008sp1\redist\vcredist_x64.exe) took 5319 ms
09 May 2015 02:54:21 [0ff4] - ScanFile (D:\Program Files (x86)\Skype\Phone\Skype.exe) took 13900 ms
09 May 2015 02:54:25 [16d4] - ScanFile (D:\Program Files (x86)\StarCraft II\Support\Battle.net.dll) took 13494 ms
09 May 2015 03:11:48 [0ff4] - ScanFile (D:\R.G. Catalyst\King`s Bounty - Warriors of the North\berkelium.dll) took 8128 ms
09 May 2015 03:16:39 [1630] - ScanFile (D:\System Volume Information\_restore{99446415-7530-4BCD-9F2C-CE3A163F9B75}\RP569\A0079454.dll) took 5351 ms
09 May 2015 03:17:14 [0ff4] - Scanning File D:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
09 May 2015 03:17:14 [1630] - Scanning File D:\System Volume Information\{26fbc8cb-edef-11e4-b9a0-001a4d4c9d8f}{3808876b-c176-4e48-b7ae-04046e6cc752}
09 May 2015 03:17:18 [04f4] - ScanFile (D:\System Volume Information\_restore{99446415-7530-4BCD-9F2C-CE3A163F9B75}\RP590\A0082190.exe) took 5179 ms
09 May 2015 03:18:55 [16d4] - ScanFile (D:\Users\ET\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.796\_platform_specific\win_x86\widevinecdm.dll) took 7566 ms
09 May 2015 03:22:58 [038c] - INVALID ATTRIBUTES FOR FOLDER [D:\Users\ET\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\D\Users\ET\AppData\Roaming\Dropbox\shellext ]: LastErr: 2. IGNORING.
09 May 2015 03:27:07 [04f4] - ScanFile (D:\Users\ET\Downloads\lastpass_x64.exe) took 12527 ms
09 May 2015 03:27:18 [0ff4] - ScanFile (D:\Users\ET\Downloads\mbam-setup-2.1.6.1022 (1).exe) took 5116 ms
09 May 2015 03:27:18 [1630] - ScanFile (D:\Users\ET\Downloads\mbam-setup-2.1.6.1022.exe) took 5382 ms
09 May 2015 03:27:27 [04f4] - ScanFile (D:\Users\ET\Downloads\Mendeley-Desktop-1.12.4-win32.exe) took 13150 ms
09 May 2015 03:27:32 [0ff4] - ScanFile (D:\Users\ET\Downloads\ninja-setup-3.0.6.exe) took 6381 ms
09 May 2015 03:27:32 [16d4] - ScanFile (D:\Users\ET\Downloads\mwav.exe) took 7442 ms
09 May 2015 03:27:48 [04f4] - ScanFile (D:\Users\ET\Downloads\Online_OrthoCad_Setup_3_5038.exe) took 19813 ms
09 May 2015 03:27:57 [1630] - ScanFile (D:\Users\ET\Downloads\mumble-1.2.8.msi) took 32198 ms
09 May 2015 03:27:57 [1630] - Scanning of D:\Users\ET\Downloads\mumble-1.2.8.msi Timed out!!!
09 May 2015 03:28:04 [1630] - ScanFile (D:\Users\ET\Downloads\Skel Maturation Assesment The CVM method.ppt) took 6365 ms
09 May 2015 03:28:09 [0ff4] - ScanFile (D:\Users\ET\Downloads\TeamSpeak3-Client-win64-3.0.13.exe) took 7098 ms
09 May 2015 03:28:29 [04f4] - ScanFile (D:\Users\ET\Downloads\vlc-2.1.3-win32.exe) took 8439 ms
09 May 2015 03:29:15 [04f4] - ScanFile (D:\Users\ET\Dropbox\Assignments\7.Articulators\spring 2014\TMD.man d\Ch_29_-_Rinchuse.pdf) took 6661 ms
09 May 2015 03:32:47 [16d4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\LYNC.LYNC.EXE) took 10499 ms
09 May 2015 03:32:54 [04f4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\MSACCESS.EXE) took 11060 ms
09 May 2015 03:32:55 [1630] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\MSPUB.EXE) took 8767 ms
09 May 2015 03:33:07 [0ff4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\OUTLOOK.EXE) took 13900 ms
09 May 2015 03:33:40 [16d4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4569\LYNC.LYNC.EXE) took 16677 ms
09 May 2015 03:33:40 [0ff4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4569\MSPUB.EXE) took 9002 ms
09 May 2015 03:33:43 [04f4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4569\MSACCESS.EXE) took 14336 ms
09 May 2015 03:33:59 [16d4] - ScanFile (D:\Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4569\OUTLOOK.EXE) took 17722 ms
09 May 2015 03:34:29 [04f4] - ScanFile (D:\Windows\Installer\1db1b047.msp) took 5928 ms
09 May 2015 03:34:36 [1630] - ScanFile (D:\Windows\Installer\168dd2c4.msi) took 20483 ms
09 May 2015 03:34:36 [1630] - Scanning of D:\Windows\Installer\168dd2c4.msi Timed out!!!
09 May 2015 03:35:03 [16d4] - ScanFile (D:\Windows\Installer\3e4ac429.msp) took 5866 ms
09 May 2015 03:42:41 [04f4] - ScanFile (D:\Windows\System32\mfc100u.dll) took 6615 ms
09 May 2015 03:44:01 [04f4] - ScanFile (D:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe) took 5008 ms
09 May 2015 03:54:57 [1630] - ScanFile (D:\Windows\winsxs\amd64_narrator-nonmsil_31bf3856ad364e35_6.1.7601.17514_none_8b63c5e0db87fde8\Narrator.exe) took 16053 ms
09 May 2015 03:55:48 [1630] - ScanFile (D:\Windows\winsxs\amd64_nv_lh.inf_31bf3856ad364e35_6.1.7600.16385_none_4a5c7d78e486512b\nvd3dum.dll) took 6240 ms
09 May 2015 03:55:48 [0ff4] - ScanFile (D:\Windows\winsxs\amd64_nv_lh.inf_31bf3856ad364e35_6.1.7600.16385_none_4a5c7d78e486512b\nvwgf2um.dll) took 6692 ms
09 May 2015 05:56:38 [0ff4] - ScanFile (D:\Windows\winsxs\Backup\x86_microsoft-windows-d2d_31bf3856ad364e35_7.1.7601.18327_none_9b0ce353451f4255_d2d1.dll_ef77984b) took 9173 ms
09 May 2015 06:07:33 [1630] - ScanFile (D:\Windows.old\Program Files\StarCraft II\Support\Battle.net.dll) took 8097 ms
 
09 May 2015 06:08:11 [038c] - ***** Checking for specific ITW Viruses *****
 
09 May 2015 06:08:11 [038c] - ***** Scanning complete. *****
 
09 May 2015 06:08:11 [038c] - Total Objects Scanned: 408551
09 May 2015 06:08:11 [038c] - Total Critical Objects: 2
09 May 2015 06:08:11 [038c] - Total Disinfected Objects: 0
09 May 2015 06:08:11 [038c] - Total Objects Renamed: 0
09 May 2015 06:08:11 [038c] - Total Deleted Objects: 2
09 May 2015 06:08:11 [038c] - Total Errors: 8
09 May 2015 06:08:11 [038c] - Time Elapsed: 01:47:45
09 May 2015 06:08:11 [038c] - Virus Database Date: 09 May 2015
09 May 2015 06:08:11 [038c] - Virus Database Count: 6066331
09 May 2015 06:08:11 [038c] - Sign Version: 7.60489 [519241]
 
09 May 2015 06:08:11 [038c] - Scan Completed.

Minitoolbox log
 
MiniToolBox by Farbar  Version: 14-04-2015
Ran by ET (administrator) on 09-05-2015 at 10:57:37
Running from "D:\Users\ET\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Model: P35-DS3R Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : ET-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.pa.comcast.net.
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-1A-4D-4C-9D-8F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:7:8c00:640:edd7:304e:29e9:d4b(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:7:8c00:640:5cb1:eac1:7888:4d82(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::edd7:304e:29e9:d4b%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.10(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, May 09, 2015 1:32:43 AM
   Lease Expires . . . . . . . . . . : Saturday, May 16, 2015 1:32:43 AM
   Default Gateway . . . . . . . . . : fe80::21d:d2ff:fe38:ac11%11
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 234887757
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-48-1C-F6-00-1A-4D-4C-9D-8F
   DNS Servers . . . . . . . . . . . : 2001:558:feed::2
                                       2001:558:feed::1
                                       75.75.76.76
                                       75.75.75.75
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.pa.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.pa.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns02.comcast.net
Address:  2001:558:feed::2
 
Name:    google.com
Addresses:  2607:f8b0:4006:807::100e
 74.125.226.39
 74.125.226.38
 74.125.226.35
 74.125.226.34
 74.125.226.37
 74.125.226.41
 74.125.226.46
 74.125.226.40
 74.125.226.32
 74.125.226.36
 74.125.226.33
 
 
Pinging google.com [2607:f8b0:4006:80f::200e] with 32 bytes of data:
Reply from 2607:f8b0:4006:80f::200e: time=23ms 
Reply from 2607:f8b0:4006:80f::200e: time=22ms 
 
Ping statistics for 2607:f8b0:4006:80f::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 22ms, Maximum = 23ms, Average = 22ms
Server:  cdns02.comcast.net
Address:  2001:558:feed::2
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=34ms TTL=51
Reply from 98.139.183.24: bytes=32 time=33ms TTL=51
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 33ms, Maximum = 34ms, Average = 33ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 1a 4d 4c 9d 8f ......Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.10     10
         10.0.0.0    255.255.255.0         On-link         10.0.0.10    266
        10.0.0.10  255.255.255.255         On-link         10.0.0.10    266
       10.0.0.255  255.255.255.255         On-link         10.0.0.10    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.10    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.10    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    266 ::/0                     fe80::21d:d2ff:fe38:ac11
  1    306 ::1/128                  On-link
 11     18 2601:7:8c00:640::/64     On-link
 11    266 2601:7:8c00:640:5cb1:eac1:7888:4d82/128
                                    On-link
 11    266 2601:7:8c00:640:edd7:304e:29e9:d4b/128
                                    On-link
 11    266 fe80::/64                On-link
 11    266 fe80::edd7:304e:29e9:d4b/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 D:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 D:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 D:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 D:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 D:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 D:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 D:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 D:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 D:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 D:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 D:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 D:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 D:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 D:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
Error: (05/09/2015 01:34:16 AM) (Source: ESENT) (User: )
Description: Windows (5108) Windows: Error -1811 occurred while opening logfile D:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00903.log.
 
 
System errors:
=============
Error: (05/09/2015 01:34:19 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/09/2015 01:34:19 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473536.
 
Error: (05/09/2015 01:30:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1069
 
Error: (05/09/2015 01:30:00 AM) (Source: Service Control Manager) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (05/09/2015 01:29:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (05/02/2015 03:11:18 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort4.
 
Error: (05/02/2015 02:28:10 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort4.
 
Error: (05/02/2015 02:28:10 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort4.
 
Error: (05/02/2015 03:46:16 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort4.
 
Error: (04/27/2015 11:52:03 PM) (Source: Service Control Manager) (User: )
Description: The Skype Updater service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:19 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700
 
Error: (05/09/2015 01:34:16 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
Error: (05/09/2015 01:34:16 AM) (Source: ESENT)(User: )
Description: Windows5108Windows: D:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00903.log-1811
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-22 13:39:51.112
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-08-22 13:39:51.048
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-08-22 13:39:50.984
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-08-22 13:39:50.919
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.356 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AirDroid 3.1.0.0 (HKLM-x32\...\AirDroid) (Version: 3.1.0.0 - Sand Studio)
Anomaly Warzone Earth (HKLM-x32\...\Steam App 91200) (Version:  - 11 bit studios)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battle for Wesnoth 1.10.7 (HKLM-x32\...\Battle for Wesnoth 1.10.7) (Version: 1.10.7 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
ClinCheck (HKLM-x32\...\InstallShield_{E45D1CA0-C70E-4FF4-B46B-1F6ED85501F9}) (Version: 3.1.0.25 - Align Technology, Inc.)
ClinCheck (x32 Version: 3.1.0.25 - Align Technology, Inc.) Hidden
ClinCheck Pro (HKCU\...\{ACEF76B4-4CF1-48E3-93EF-1B2782D8DB59}) (Version: 4.1.0.595 - Align Technology, Inc.)
Cockatrice (HKLM-x32\...\Cockatrice) (Version:  - )
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
Definition Update for Microsoft Office 2013 (KB2965273) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3D7BF4DB-4BB0-4559-9E7D-9BFFEBD36234}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Digimizer (HKLM-x32\...\{3FAAE628-5227-4902-AF97-169E0C0E93C0}) (Version: 4.2.2 - MedCalc Software)
Divinity Original Sin (HKLM-x32\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
Dragon Age Inquisition / RePack by Baracuda (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}_is1) (Version: 1.0.859961 - )
Dropbox (HKCU\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FTL version 1.5.4 (HKLM-x32\...\{20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1) (Version: 1.5.4 - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Officejet 6500 E710a-f Basic Device Software (HKLM\...\{22FCD3B0-CAA7-444A-84AC-75716545EAB9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Help (HKLM-x32\...\{037CD593-D760-4A00-B030-7BBAFA1123FE}) (Version: 140.0.2.2 - Hewlett Packard)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.40.26 - Oracle Corporation) Hidden
LastPass(uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mendeley Desktop 1.12.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.12.4 - Mendeley Ltd.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - ?????????? ??????????)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - ?????????? ??????????)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
MuseScore 2 (HKLM-x32\...\{36F8DD90-CE12-11E4-8830-0800200C9A66}) (Version: 2.0.0 - Werner Schweer and Others)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Control Panel 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.175.1449 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
OrthoCAD (HKLM-x32\...\OrthoCAD) (Version: 3.5.0.38 - Cadent Ltd.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Perixx Gaming mouse version 1.0.6 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.6 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - )
Secure Download Manager (HKLM-x32\...\{4A5667B2-5D13-46C2-85B5-9D46A6096F61}) (Version: 3.1.0 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shadowrun Returns (HKLM-x32\...\U2hhZG93cnVuUmV0dXJucw==_is1) (Version: 1 - )
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Simulationcraft(x64) version 6.0.3.27 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 6.0.3.27 - Simulationcraft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1850.0 - Hi-Rez Studios)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Symantec Endpoint Protection (HKLM\...\{C2103AF2-E66C-446B-9791-9207840EC821}) (Version: 12.1.2015.2015 - Symantec Corporation)
System Ninja version 3.0.6 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.6 - SingularLabs)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Update for Microsoft Access 2013 (KB2965276) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{62C59657-4920-48B6-B802-7FD75FFA6A48}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2965276) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62C59657-4920-48B6-B802-7FD75FFA6A48}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2965275) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F1E55CDA-F069-414A-9257-C59E4DBFA091}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2965275) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F1E55CDA-F069-414A-9257-C59E4DBFA091}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2965275) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F1E55CDA-F069-414A-9257-C59E4DBFA091}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2965275) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F1E55CDA-F069-414A-9257-C59E4DBFA091}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2965275) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F1E55CDA-F069-414A-9257-C59E4DBFA091}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889923) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DCCD390F-B9A0-4EC0-B903-942608CF4093}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889923) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{DCCD390F-B9A0-4EC0-B903-942608CF4093}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889923) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DCCD390F-B9A0-4EC0-B903-942608CF4093}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{25DEA344-FF6F-41BD-B88F-5242BB8E80E1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825678) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{978D704B-AF50-405A-BBDA-B2E480CC5D3E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2147FFF7-71C4-4306-AFE2-1AA7A6025BB1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880487) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76379D52-B506-4634-8404-8E1718DF1430}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880977) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF26B00-AC61-487F-B03B-5D83415C5408}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D7FAA622-6BCF-4EDF-8C34-A48E1838D57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A4E88D96-814F-4183-8DB2-BA3EC2B7E434}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920754) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2513C305-E7E9-46F9-BECA-C6AC02D769B3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2920769) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C906EC6B-8610-487F-8528-658FE2575C86}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2956154) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8AB3858C-5246-4C78-937F-86A38A494CAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2956169) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B5A6B49E-30F3-4D1D-8F9C-E53712D30996}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2956171) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3DC29E8-0E97-448A-B9C0-9086CB8B3E86}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2956177) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3F8EF29A-A7F8-48B0-BA19-01D0B88AB1B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2956177) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3F8EF29A-A7F8-48B0-BA19-01D0B88AB1B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965218) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{C326AAF2-6DE4-4ABC-9C3D-7E4B31E772C2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965218) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C326AAF2-6DE4-4ABC-9C3D-7E4B31E772C2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965218) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C326AAF2-6DE4-4ABC-9C3D-7E4B31E772C2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965255) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6091607B-2689-4A09-B14A-65907BBAE202}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965262) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{D99CCEA8-CBD6-4800-8805-535A99AFC8BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965262) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D99CCEA8-CBD6-4800-8805-535A99AFC8BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965267) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{A64A29C8-BB35-4FC5-84D6-6D1C6B2BB59F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965267) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A64A29C8-BB35-4FC5-84D6-6D1C6B2BB59F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A64A29C8-BB35-4FC5-84D6-6D1C6B2BB59F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965268) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{C3B25790-864E-4B47-99A7-777623FD8DC3}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965268) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{462A5E03-89BA-45BE-9F30-BEB6E97D7EF5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2965268) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{7DD1A269-36B9-4C80-AD80-11C4E42A0B96}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2956185) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{171E6E09-C2A5-432E-85A4-C19136E59BCE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2956185) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{171E6E09-C2A5-432E-85A4-C19136E59BCE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2956185) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{171E6E09-C2A5-432E-85A4-C19136E59BCE}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2956185) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{171E6E09-C2A5-432E-85A4-C19136E59BCE}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2965264) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{537DB67E-C616-45F0-BC92-C8E3AC7D16EF}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2965264) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{537DB67E-C616-45F0-BC92-C8E3AC7D16EF}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2965264) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{537DB67E-C616-45F0-BC92-C8E3AC7D16EF}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2965270) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{B4FE3F01-A94B-44F5-8142-C9522B537443}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2965270) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B4FE3F01-A94B-44F5-8142-C9522B537443}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2013 (KB2965257) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{292F3133-E3A4-40EB-9044-D63C09FB9F2D}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2013 (KB2965257) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{292F3133-E3A4-40EB-9044-D63C09FB9F2D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2965256) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F6542279-5D7F-42DA-B213-E7FD11597B03}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2965256) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F6542279-5D7F-42DA-B213-E7FD11597B03}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2965279) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0CDCFFFE-0E55-4C46-9B09-8CB5D0F38566}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F24DFA32-C8EE-4AFB-89AB-07EE7A52E414}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F24DFA32-C8EE-4AFB-89AB-07EE7A52E414}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 3.52 - UNKNOWN)
Warcraft Logs Uploader (x32 Version: 3.52 - UNKNOWN) Hidden
Warlock 2 - The Exiled (HKLM-x32\...\Warlock 2 - The Exiled_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wipe (HKLM\...\wipe) (Version: 2015.04 - PrivacyRoot.com)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 72%
Total physical RAM: 7166.49 MB
Available physical RAM: 1989.45 MB
Total Pagefile: 14331.18 MB
Available Pagefile: 9236.89 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.2 MB
 
========================= Partitions: =====================================
 
2 Drive c: (New Volume) (Fixed) (Total:976.56 GB) (Free:602.61 GB) NTFS
3 Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:547.49 GB) NTFS
4 Drive e: () (Fixed) (Total:244.14 GB) (Free:89.69 GB) NTFS
5 Drive f: () (Fixed) (Total:53.94 GB) (Free:20.13 GB) NTFS
6 Drive g: (New Volume) (Fixed) (Total:886.45 GB) (Free:182.11 GB) NTFS
8 Drive i: (Divinity Origina) (CDROM) (Total:9.1 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\ET-PC
 
Administrator            ET                       Guest                    
 
========================= Minidump Files ==================================
 
========================= Restore Points ==================================
 
07-05-2015 12:48:00 Scheduled Checkpoint
 
**** End of log ****


#7 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 May 2015 - 10:29 AM

Lastly the Security check Log:

 

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Symantec Endpoint Protection   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 40  
 Java version 32-bit out of Date! 
 Adobe Flash Player 17.0.0.169  
 Adobe Reader XI  
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.90) 
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive D: 0% 
````````````````````End of Log`````````````````````` 


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:10 AM

Posted 09 May 2015 - 10:32 AM

Hi there,

Your search index catalog appears to be corrupt - see here on how to rebuild it. (Warning: It can takes quite some time, and the search function will be unusable until you finish it)

After that please run these.

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
===

ESET Online Scanner

You will need to use Internet Explorer for this scan.
  • Hold down Ctrl and click here to open ESET Online Scanner in a new window.
  • Click the ESET Online Scanner button.
  • Put a checkmark in "YES, I accept the Terms of Use."
  • Click Start.
  • Accept any security warnings from your browser.
  • Under Scan settings, put a checkmark in Scan Archives.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Scan.
  • ESET Online Scanner will automatically update and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats.
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex

#9 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 09 May 2015 - 08:51 PM

I am currently running the ESET scan
 
Emsisoft Emergency Kit - Version 9.0
Last update: 5/9/2015 3:12:11 PM
User account: ET-PC\ET
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\, E:\, F:\, G:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 5/9/2015 3:15:00 PM
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\f98a7c2-3e287ed9 -> bpac/a$1.class detected: Java.Trojan.Downloader.OpenConnection.AI ( B)
C:\Users\Evan\Downloads\bin\paul.dll detected: Gen:Variant.Kazy.457218 ( B)
C:\Users\Evan\Downloads\mplayer_Setup.exe detected: Gen:Variant.Adware.Graftor.Elzob.24209 ( B)
D:\Program Files (x86)\R.G. Games\Dragon Age Inquisition\3dmgame.dll detected: Packed.Win32.VMProtect (A)
D:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\amtlib.dll detected: Riskware.Win32.CrackTool (A)
D:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll detected: Riskware.Win32.CrackTool (A)
D:\Users\ET\Downloads\Core-Temp-installer.exe detected: Application.InstallAd (A)
D:\Users\ET\Downloads\Fallout Tactics\Expeditions Conquistador\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]\cracked dll\64 bit\amtlib.dll detected: Riskware.Win32.CrackTool (A)
D:\Users\ET\Downloads\ninja-setup-3.0.6.exe detected: Application.InstallAd (A)
G:\6-10-13 Backup\Evan\Downloads\bin\paul.dll detected: Gen:Variant.Kazy.457218 ( B)
G:\6-10-13 Backup\Evan\Downloads\mplayer_Setup.exe detected: Gen:Variant.Adware.Graftor.Elzob.24209 ( B)
 
Scanned 985604
Found 11
 
Scan end: 5/9/2015 8:47:47 PM
Scan time: 5:32:47

Edited by rhayne, 09 May 2015 - 08:57 PM.


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:10 AM

Posted 10 May 2015 - 01:04 AM

Hi there,

Please take a moment to read on the dangers of using cracks and pirated software.

Bleeping Computer does not allow the use of pirated software.

The practice of using keygenshacking toolscracking toolswareztorrents or any pirated software is not only considered illegal activity, but it is a serious security risk which can turn a computer into a virus honeypot or zombie.
 
When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible, and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
 
If you want to read on then the full post is here.

Please post the results of ESET Online Scanner when it is finished. Thank you.

Regards,
Alex

#11 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 10 May 2015 - 09:52 AM

Thank you for the warning about pirated software, I understand the risks now and will try to avoid further use.  This is the ESET log

 

C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\disable_activation.cmd BAT/HostsChanger.A potentially unsafe application
C:\Program Files (x86)\The Walking Dead Episodes 1-5 (Repack)-Residentgt@\steam_api.dll a variant of Win32/HackTool.Crack.CC potentially unsafe application
C:\Program Files (x86)\vshare\imedix-silent-new.exe Win32/Toolbar.Zugo potentially unwanted application
C:\Program Files (x86)\vshare\lip.exe a variant of Win32/Toolbar.iMedix.A potentially unwanted application
C:\Program Files (x86)\vshare\Uninstall.exe a variant of Win32/Toolbar.iMedix.A potentially unwanted application
C:\Program Files (x86)\vshare\vshare_toolbar.dll a variant of Win32/Toolbar.iMedix.A potentially unwanted application
C:\Users\Evan\AppData\Local\Temp\ICReinstall_PDFReaderSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application
C:\Users\Evan\Downloads\downloadmanager_Setup.exe a variant of Win32/Adware.iBryte.D application
C:\Users\Evan\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite potentially unwanted application
C:\Users\Evan\Downloads\mplayer_Setup (1).exe a variant of Win32/Adware.iBryte.D application
C:\Users\Evan\Downloads\PDFReaderSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application
C:\Users\Evan\Downloads\rcsetup146.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
D:\Program Files (x86)\Divinity Original Sin\Shipping\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application
D:\R.G. Catalyst\King`s Bounty - Warriors of the North\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application
D:\Users\ET\Downloads\ccsetup505 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
D:\Users\ET\Downloads\ccsetup505.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
E:\Program Files\Vuze\.install4j\i4j_extf_12_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
E:\Program Files\Vuze\.install4j\i4j_extf_7_5p83tu.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
G:\6-10-13 Backup\Evan\Downloads\downloadmanager_Setup.exe a variant of Win32/Adware.iBryte.D application
G:\6-10-13 Backup\Evan\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite potentially unwanted application
G:\6-10-13 Backup\Evan\Downloads\mplayer_Setup (1).exe a variant of Win32/Adware.iBryte.D application
G:\6-10-13 Backup\Evan\Downloads\rcsetup146.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\Movies and Games and ISOs\Games and ISOs\Adobe CS5\64 Bit (X64)\disable_activation.cmd BAT/HostsChanger.A potentially unsafe application


#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:10 AM

Posted 10 May 2015 - 01:50 PM

Hi there,

Since ESET Online Scanner's detections are all cracks, PUP bundled installers and pirated software... what you intend to do with it is up to you.

Please take note of the following before we wrap this up.

Outdated Java Se Runtime Environment

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. See here, here and here for information on the dangers of using outdated Java.

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Under "Java Platform, Standard Edition"...click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-8u25-windows-i586.exe or Windows x64: jre-8u25-windows-x64.exe) and save the file to your Desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8u25-windows-i586.exe (or jre-8u25-windows-x64.exe for 64-bit) to install the newest version.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Regards,
Alex

#13 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 10 May 2015 - 03:04 PM

Hi Alex, 

 

Thank you so much for your help.  I will update Java.  If I go and manually delete all the cracks, bundlers, and pirated software that ESET has found, my computer should be cleaned up?

 

I sincerely appreciate your time and expertise.



#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:10 AM

Posted 10 May 2015 - 03:07 PM

Hi there,

Please do that for Emsisoft Emergency Kit's detections as well.

Aside from that, I don't see any obvious sign of malware. Now we just need to clean things up and you are good to go.

Download DelFix from here and save it to your Desktop.
  • Close all running programs and start DelFix.
  • Make sure all available options are checked.
  • Click Run.
  • DelFix will remove the most of the tools used during the cleaning process.
You can uninstall ESET Online Scanner from Programs and Features in Control Panel.

Keep your non-Microsoft applications updated as well
Microsoft isn't the only company whose products can contain security vulnerabilities, to check for other vulnerable programs running on your PC that are in need of an update, you can use the Secunia Personal Software Inspector - I suggest that you run it at least once a month.

Malwarebytes Anti-Exploit
Malwarebytes Anti-Exploit (MBAE) is a very useful utility in keeping your computer safe on the Internet. It uses innovative technologies to block exploits - peepholes in software that cybercriminals can use to get their malware into your system, thus stopping their advance before they can drop their payload. What's more, it's a "fire and forget" solution - just install MBAE and it will automatically do its job.
Malwarebytes Anti-Exploit Free offers protection for your browsers - upgrading to Premium allows you to create customized shields for other applications.

Safe computing practices

Best Practices for Safe Computing - Prevention of Malware Infection
How Malware Spreads - How did I get infected
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

If you have any questions left, feel free to ask me here.

Regards,
Alex

#15 rhayne

rhayne
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:10 AM

Posted 10 May 2015 - 03:20 PM

Nope that is all! I sincerely appreciate your help and I wish I could help you in some way since you kindly helped me.  I'm a rather good Hearthstone Arena player and I recently became a dentist and if you have any questions regarding those things, PM me! :)

 

Thanks again Alex.  I'm definitely glad that downloading that .src file did not seem to install anything bad onto my computer. I guess in my case, it just downloaded itself, but I never actually opened it, so it did not run it's script.  I was concerned because for all my files, if I click it, it gives me a preview of the file in my windows explorer, and I was afraid that the preview would run the malicious script that was housed in the .src file.  Any thoughts on that?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users