| PaladinNeos | 13.11.2014 17:06 |
Habe ProxFlow benutzt, jedoch entfernt. Besteht weiterhin das Problem. Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 13.11.2014
Scan Time: 13:30:13
Logfile: 1.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.09.19.05
Rootkit Database: v2014.11.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Alex
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321466
Time Elapsed: 5 min, 15 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 2
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1192, , [e89901ee5e1dff37bc4bb5e5ee139b65]
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, 2340, , [c9b8a24d6e0d0a2cd33b8a13a9584db3]
Modules: 0
(No malicious items detected)
Registry Keys: 21
PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [e89901ee5e1dff37bc4bb5e5ee139b65],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, , [e89901ee5e1dff37bc4bb5e5ee139b65],
PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [c9b8a24d6e0d0a2cd33b8a13a9584db3],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [fe8304eb97e41323895cbdcabe4451af],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [fe8304eb97e41323895cbdcabe4451af],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [fe8304eb97e41323895cbdcabe4451af],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [fe8304eb97e41323895cbdcabe4451af],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [fb86ca25ea91f640072a2762bd45748c],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [91f05e917a0147ef3b4a513c7a8826da],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [047dc02f4a31f343c6936a09887c3dc3],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [4a3730bf4635b77fe672532019ebbb45],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [58299857aad151e55fa7393606fec13f],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, , [f78a18d7b0cba2948eb12ee71ae928d8],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, , [364bac43e09b2a0c5233d73773905ba5],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [6021539cd3a8b482c3855ef28f7514ec],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [0b76fcf33d3e4bebc6d2172145be20e0],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [2b56fbf47407fb3b43b517371ce8c937],
PUP.Optional.Qone8, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [19680ae51e5d7eb8d8bafe5c55af55ab],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [bac7d916a3d82e0804f0d01f1de5a55b],
Registry Values: 3
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, , [f78a18d7b0cba2948eb12ee71ae928d8]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, , [364bac43e09b2a0c5233d73773905ba5]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, , [2b56fbf47407fb3b43b517371ce8c937]
Registry Data: 4
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[1d64f9f6720960d69624897cb94c4cb4]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[dba68867f18a50e69822d62f9a6b738d]
PUP.Optional.Trovi.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3320845&octid=EB_ORIGINAL_CTID&ISID=M64A19901-0ECD-4983-BA40-AA00431C8CA1&SearchSource=55&CUI=&UM=6&UP=SPF3BEFD60-9FED-4351-9922-3BE3FD642F04&SSPV=, Good: (www.google.com), Bad: (hxxp://www.trovi.com/?gd=&ctid=CT3320845&octid=EB_ORIGINAL_CTID&ISID=M64A19901-0ECD-4983-BA40-AA00431C8CA1&SearchSource=55&CUI=&UM=6&UP=SPF3BEFD60-9FED-4351-9922-3BE3FD642F04&SSPV=),,[9de45699bcbf1e18e912a55505ff639d]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-3453849501-690891575-4061756349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1405363600&from=cor&uid=CrucialXCT256MX100SSD1_14220C302CA20C302CA2, Good: (www.google.com), Bad: (hxxp://www.sweet-page.com/?type=hp&ts=1405363600&from=cor&uid=CrucialXCT256MX100SSD1_14220C302CA20C302CA2),,[01802dc2fe7d0333918b1ceac93cfe02]
Folders: 43
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\css, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\scripts, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\by, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\de, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\en, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\fr, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\ru, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\uk, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\Logs, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\SearchProtect, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\SearchProtect\rep, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\SearchProtect\STG, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\UI, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\UI\rep, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.Extutil.A, C:\Users\Alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, , [39489956f6855bdb3cb425c8ad55847c],
PUP.Optional.Managera.A, C:\Users\Alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, , [b1d05b94ef8cdd59a9485598d32f629e],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [6e131ed17cff64d254ac1ad411f14bb5],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [6e131ed17cff64d254ac1ad411f14bb5],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [6e131ed17cff64d254ac1ad411f14bb5],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206, , [bac7d916a3d82e0804f0d01f1de5a55b],
Files: 163
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [e89901ee5e1dff37bc4bb5e5ee139b65],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, , [c9b8a24d6e0d0a2cd33b8a13a9584db3],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, , [19680fe0dba0b185937b198419e828d8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, , [c5bc509fccaf2b0bfa14485559a8847c],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, , [651c519e413a34029d71d8c5e91812ee],
PUP.Optional.Somoto, C:\Users\Alex\AppData\Local\Temp\nsm1DEA.tmp, , [b7ca04eb9fdc280e2fd9406b3fc2d828],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\Temp\nsm747.tmp, , [5e2328c7611ac472af5f9a0314edc33d],
PUP.Optional.Conduit.A, C:\Users\Alex\AppData\Local\Temp\nss3C6C.exe, , [077a12dddaa1c1756e7b2e6443bef010],
PUP.Optional.Somoto, C:\Users\Alex\AppData\Local\Temp\nsxEEDF.tmp, , [9ae7608f5c1f5adcfa0ec1eae02135cb],
Trojan.Dropper.SFX, C:\Users\Alex\AppData\Local\Temp\6829.tmp, , [305146a9cfac49edef99ac15c041f709],
PUP.Optional.Somoto, C:\Users\Alex\AppData\Local\Temp\bitool.dll, , [364bf1fe7a01e74f5bde194244bef60a],
PUP.Optional.Conduit.A, C:\Users\Alex\AppData\Local\Temp\nsc53D4.exe, , [6c15856af2893afcf0f9d2c09e63e31d],
PUP.Optional.SearchHijacker.A, C:\Users\Alex\AppData\Local\Temp\is1957915176\2FF9B9C3_stp\June10_www.sweet-page.com.exe, , [146db9366912280e74b4831cfe03b050],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsbAF9.exe, , [96eb6d82017ae3538564c7cb30d1af51],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsc8BDF.exe, , [4938cb240378da5c985112808081847c],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsg8F3A.exe, , [afd23ab55e1d3afc0bde4d45ca3720e0],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsh245.exe, , [acd50de2275495a19554850d3ac74ab6],
PUP.Optional.Conduit.A, C:\Windows\Temp\nslAA78.exe, , [7809b13ef388270f1ecb8d059b66a15f],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsm1411.exe, , [61206e819be09f9718d1c5cd629f7c84],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsm29B1.exe, , [671ab837fa8193a383669af834cd56aa],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsr2012.exe, , [bec343ac601bbd79ad3c3d55f50c4cb4],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsw1622.exe, , [fb86bc3387f48babfbee484ad62b29d7],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsx81B1.exe, , [2b56e20d6f0cbf77cf1aaee40ff204fc],
PUP.Optional.OpenCandy, C:\Users\Alex\Downloads\DTLite4491-0356.exe, , [b5cc618e106be84e0221f73453b2ce32],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown-Madness-3 (1).exe, , [2c552bc4a3d885b1d0cd55cd26db8e72],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown-Madness-3.exe, , [f38ebb34ccaf76c0b0edc0620ef38878],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown_Madness_3 (1).exe, , [9ae7509fc4b73bfbbfde9e847f82d729],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown_Madness_3 (2).exe, , [7f026b84601b0e28792441e1847d748c],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown_Madness_3 (3).exe, , [463bfdf2b8c352e4d9c4121054ad05fb],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown_Madness_3 (4).exe, , [7809955ac8b3b87eb9e4b36f847df40c],
PUP.Optional.OneClickDownloader.A, C:\Users\Alex\Downloads\Midtown_Madness_3.exe, , [dca5747b0675c4725e3fe83a9968c838],
PUP.Optional.InstallCore, C:\Users\Alex\Downloads\CR_Downloader_fuer_super-smash-bros.-melee-(v1.02).exe, , [c2bfec03cab1c6707bb346ad27dd02fe],
Hacktool.CheatEngine, C:\Users\Alex\Downloads\SaintsRow_IV_Update_8_Trainer_plus10_.zip, , [a0e10de27407181e8eb89d9d3fc18c74],
Hacktool.CheatEngine, C:\Users\Alex\Downloads\SaintsRow_IV_V1.0.6.1_Trainer_plus10.zip, , [86fb08e7accfae88f3537cbe9b65c43c],
Hacktool.CheatEngine, C:\Users\Alex\Downloads\Saints_Row_4_Reload_Trainer_plus3_V1.0.0.1.zip, , [ed942bc4413a0432f74ffd3ddc24f40c],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, , [dda4c12eaccf7db95db1801d09f843bd],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\495b2d2d-2422-4be8-a3ca-d773cae66138-4, , [2a575996bbc09c9abf6124ed47bc3ac6],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Icon.ico, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, , [c7ba39b607742511f70983d6d52f18e8],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eonffnnfmbfnmjpaiigdclmfelolemah_0.localstorage, , [d3ae846bb5c64beb2354125a8c780ff1],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eonffnnfmbfnmjpaiigdclmfelolemah_0.localstorage-journal, , [1d64f4fb3b40d2643047f676838131cf],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\495b2d2d-2422-4be8-a3ca-d773cae66138-4.job, , [6819e609bdbe999dccd9dd9237cdb14f],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, , [4a378f60c3b8e452cd8f82f10400de22],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\background.html, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\manifest.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\popup.html, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\css\popup.css, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\bg.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\blank.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon-128.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon-16.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon-48.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon_del.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon_empty.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\icon_full.png, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\rhtitle-bg.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-down-active.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-down.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-handle-active.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-handle.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-up-active.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\images\scrollbar-up.gif, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\scripts\background.js, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\scripts\popup.js, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\by\messages.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\de\messages.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\en\messages.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\fr\messages.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\ru\messages.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SmartCoupon.A, C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\1.4_0\_locales\uk\messages.json, , [1170f6f9daa195a174be985003ffd62a],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.SearchProtect.A, C:\Users\Alex\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, , [b3ceda153447c076ace51ecdca38728e],
PUP.Optional.Extutil.A, C:\Users\Alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, , [39489956f6855bdb3cb425c8ad55847c],
PUP.Optional.Extutil.A, C:\Users\Alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, , [39489956f6855bdb3cb425c8ad55847c],
PUP.Optional.Extutil.A, C:\Users\Alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, , [39489956f6855bdb3cb425c8ad55847c],
PUP.Optional.Managera.A, C:\Users\Alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, , [b1d05b94ef8cdd59a9485598d32f629e],
PUP.Optional.Managera.A, C:\Users\Alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, , [b1d05b94ef8cdd59a9485598d32f629e],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-14[20-46-50-477].log, , [6e131ed17cff64d254ac1ad411f14bb5],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [6e131ed17cff64d254ac1ad411f14bb5],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\GoogleCrashHandler.exe, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\GoogleUpdate.exe, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\GoogleUpdateBroker.exe, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\GoogleUpdateHelper.msi, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\GoogleUpdateOnDemand.exe, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\goopdate.dll, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\goopdateres_en.dll, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\npGoogleUpdate4.dll, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\psmachine.dll, , [bac7d916a3d82e0804f0d01f1de5a55b],
PUP.Optional.GlobalUpdate.A, C:\Users\Alex\AppData\Local\Temp\comh.306206\psuser.dll, , [bac7d916a3d82e0804f0d01f1de5a55b],
Physical Sectors: 0
(No malicious items detected)
(end)
FRST:
[CODE]b
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Alex (administrator) on ALEX-PC on 13-11-2014 17:00:07
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex (Available profiles: Alex)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
(Akamai Technologies, Inc.) C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
() C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKU\S-1-5-21-3453849501-690891575-4061756349-1001\...\Run: [Steam] => D:\Steam\steam.exe [1940160 2014-11-12] (Valve Corporation)
HKU\S-1-5-21-3453849501-690891575-4061756349-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3453849501-690891575-4061756349-1001\...\Run: [NvLedServiceHost] => C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe [86160 2014-11-06] ()
HKU\S-1-5-21-3453849501-690891575-4061756349-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3453849501-690891575-4061756349-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3453849501-690891575-4061756349-1001\...\MountPoints2: {a35e6d8c-5756-11e4-a60d-c8d3a3fda6fd} - H:\SETUP.EXE
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/search?q={SearchTerms}&fr=ntg&gp=newcustom2
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://search.easylifeapp.com/?pid=626&src=ch1&r=2013/03/17&hid=2270155544&lg=EN&cc=DE
CHR StartupUrls: Default -> "hxxp://search.easylifeapp.com/?pid=626&src=ch1&r=2013/03/17&hid=2270155544&lg=EN&cc=DE", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f817ea23-b79b-4f8f-afb3-e7c7a814bc72&searchtype=hp&installDate=22/04/2013", "hxxp://www.sweet-page.com/?type=hp&ts=1405363600&from=cor&uid=CrucialXCT256MX100SSD1_14220C302CA20C302CA2"
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-02]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-02]
CHR Extension: (Google-Suche) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-02]
CHR Extension: (AdBlock) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-02]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-02]
CHR Extension: (Marc Ecko) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-07-02]
CHR Extension: (Google Mail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed]
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-16] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-07-02] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-19] (Disc Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-07-12] (Sony Mobile Communications)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R2 mvCmdemo; C:\Windows\System32\Drivers\mvCmdemo.SYS [15568 2011-04-07] (MaxiVista)
R3 mvvideodemo; C:\Windows\System32\DRIVERS\mvvideodemo.sys [14544 2011-04-07] (MaxiVista)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U0 ryuy; C:\Windows\System32\drivers\hbcnc.sys [79064 2014-11-13] (Malwarebytes Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 17:00 - 2014-11-13 17:00 - 00018787 _____ () C:\Users\Alex\Downloads\FRST.txt
2014-11-13 16:59 - 2014-11-13 17:00 - 00000000 ____D () C:\FRST
2014-11-13 16:59 - 2014-11-13 16:59 - 02116096 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2014-11-13 16:11 - 2014-11-13 16:11 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\hbcnc.sys
2014-11-13 13:35 - 2014-11-13 13:35 - 00036260 _____ () C:\Users\Alex\Desktop\1.txt
2014-11-13 13:29 - 2014-11-13 16:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-13 13:29 - 2014-11-13 13:29 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-13 13:29 - 2014-11-13 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-13 13:29 - 2014-11-13 13:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-13 13:29 - 2014-11-13 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-13 13:29 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-13 13:29 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-13 13:29 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-13 13:20 - 2014-11-13 13:21 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Alex\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-13 11:40 - 2014-07-12 18:23 - 00001807 _____ () C:\Users\Alex\Desktop\Start BlueStacks.lnk
2014-11-12 16:12 - 2014-11-12 16:14 - 48969632 _____ () C:\Users\Alex\Downloads\Normal Geometry Dash 1.90.apk
2014-11-12 16:12 - 2014-11-12 16:14 - 48576810 _____ () C:\Users\Alex\Downloads\Geometry Dash 1.90 Coins Hack.apk
2014-11-12 14:56 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 14:56 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 14:56 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 14:56 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:56 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:56 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 14:56 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:56 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 14:56 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:56 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 14:56 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 14:56 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 14:56 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:56 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 14:56 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 14:56 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 14:56 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 14:56 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 14:56 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:56 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 14:56 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 14:56 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 14:56 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 14:56 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 14:56 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 14:56 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 14:56 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 14:56 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 14:56 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 14:56 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 14:56 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 14:56 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 14:56 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 14:56 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 14:56 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 14:56 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 14:56 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 14:56 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 14:56 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 14:55 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 14:55 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 14:55 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 14:55 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:55 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 14:55 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 14:55 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 14:55 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 14:55 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 14:55 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 14:55 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 14:55 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 14:55 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 14:55 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 14:55 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 14:55 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 14:55 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 14:55 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 14:55 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 14:55 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:55 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 14:55 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 14:55 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 14:55 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 14:55 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 14:55 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 14:55 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 14:55 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 14:55 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 14:45 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 14:45 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 14:45 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 14:45 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 14:45 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 14:45 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 14:45 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 14:45 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 14:45 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 14:45 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 14:45 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 14:45 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 14:45 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 14:45 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 14:45 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 14:45 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 14:45 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 14:45 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 14:45 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 14:45 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 14:45 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 14:45 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 14:45 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 18:27 - 2014-11-11 18:27 - 00000359 _____ () C:\Users\Alex\Desktop\Papierkorb.lnk
2014-11-11 15:28 - 2014-11-11 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-11-11 15:28 - 2014-11-11 18:19 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dual Monitor
2014-11-11 15:28 - 2014-11-11 15:28 - 00855093 _____ (Cristi Diaconu ) C:\Users\Alex\Downloads\DualMonitor_1.22_Setup.exe
2014-11-11 15:28 - 2014-11-11 15:28 - 00001068 _____ () C:\Users\Alex\Desktop\Dual Monitor.lnk
2014-11-11 15:28 - 2014-11-11 15:28 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-11-10 19:42 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-11-10 19:42 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-11-09 19:10 - 2014-11-09 19:10 - 01547711 _____ () C:\Users\Alex\Downloads\Hanson_PPP.pptx
2014-11-09 10:32 - 2014-11-09 10:32 - 00084469 _____ () C:\Users\Alex\Downloads\Neuer Ordner.rar
2014-11-08 12:05 - 2014-11-08 12:05 - 00000003 _____ () C:\Windows\system32\OutN64proc64.dll
2014-11-08 12:05 - 2014-11-08 12:05 - 00000001 _____ () C:\Windows\system32\InN64proc64.dll
2014-11-08 11:42 - 2014-11-08 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaxiVista Demo Server
2014-11-08 11:42 - 2011-04-07 11:33 - 00015568 _____ (MaxiVista) C:\Windows\system32\Drivers\mvCmdemo.SYS
2014-11-08 11:41 - 2014-11-08 11:42 - 00000000 ____D () C:\Program Files\MaxiVista Demo Server
2014-11-08 11:41 - 2014-11-08 11:41 - 06067723 _____ () C:\Users\Alex\Downloads\MaxiVistaDemo_x64.zip
2014-11-08 11:41 - 2011-04-07 11:33 - 00039120 _____ (Maxivsta) C:\Windows\system32\mvvideodemo.dll
2014-11-08 11:41 - 2011-04-07 11:33 - 00014544 _____ (MaxiVista) C:\Windows\system32\Drivers\mvvideodemo.sys
2014-11-08 09:35 - 2014-11-08 09:35 - 01547711 _____ () C:\Users\Alex\Documents\Hanson_PPP.pptx
2014-11-08 08:53 - 2014-11-08 08:53 - 00323616 _____ (Dropbox, Inc.) C:\Users\Alex\Downloads\DropboxInstaller.exe
2014-11-07 21:26 - 2014-11-07 21:26 - 01310178 _____ () C:\Users\Alex\Downloads\Hanson,yo.pptx
2014-11-06 20:56 - 2014-11-06 20:56 - 00001052 _____ () C:\Users\Alex\Desktop\Dolphin - Verknüpfung.lnk
2014-11-03 19:09 - 2014-11-03 19:09 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Brother
2014-11-03 16:31 - 2014-11-03 16:32 - 11887340 _____ () C:\Users\Alex\Downloads\Brian Blessed is Henry VIII for our new London Dungeon!.mp4
2014-11-02 17:35 - 2014-11-02 17:35 - 06475418 _____ () C:\Users\Alex\Downloads\The London Dungeon.mp4
2014-11-02 17:11 - 2014-11-03 18:26 - 09205085 _____ () C:\Users\Alex\Desktop\LondonDungeon.pptx
2014-11-02 17:10 - 2014-11-03 18:26 - 09205085 _____ () C:\Users\Alex\Documents\LondonDungeon.pptx
2014-11-02 12:45 - 2014-11-02 12:45 - 00000000 ____D () C:\Users\Alex\AppData\Local\fabi.me
2014-11-02 12:23 - 2014-11-12 16:28 - 00000000 ____D () C:\Users\Alex\AppData\Local\CrashDumps
2014-11-01 09:51 - 2014-11-01 14:39 - 00001254 _____ () C:\Users\Alex\Desktop\After Effects.lnk
2014-11-01 09:47 - 2014-11-13 11:03 - 00000000 ____D () C:\Users\Alex\Desktop\Unbrauchbares
2014-11-01 09:39 - 2014-11-01 09:29 - 00525635 _____ () C:\Users\Alex\Desktop\Adobe Universal Patcher 2014.rar
2014-11-01 09:36 - 2014-11-01 09:36 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2014-11-01 09:31 - 2014-11-01 09:31 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\PDAppFlex
2014-11-01 09:30 - 2014-11-01 09:30 - 00003498 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Alex-PC-Alex
2014-11-01 09:30 - 2014-11-01 09:30 - 00001660 _____ () C:\Users\Alex\Desktop\Photoshop.lnk
2014-11-01 09:29 - 2014-11-01 09:29 - 00525635 _____ () C:\Users\Alex\Downloads\Adobe Universal Patcher 2014.rar
2014-11-01 09:25 - 2014-11-03 16:39 - 00001456 _____ () C:\Users\Alex\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-11-01 09:21 - 2014-11-01 09:21 - 00000000 ____D () C:\Users\Alex\Documents\Adobe
2014-11-01 09:17 - 2014-11-01 09:48 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-01 09:09 - 2014-11-01 09:09 - 00001040 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2014-11-01 09:08 - 2014-11-01 09:36 - 00000000 ____D () C:\Program Files\Adobe
2014-11-01 09:07 - 2014-11-01 09:35 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-31 20:15 - 2014-10-31 20:15 - 05603089 _____ () C:\Users\Alex\Downloads\Moon (scary twisted tree silhouette night) 5 -Time-lapse - Free stock footage.mp4
2014-10-31 20:06 - 2014-10-31 20:06 - 00000000 ____D () C:\Users\Alex\AppData\Local\TechSmith
2014-10-31 20:05 - 2014-10-31 20:05 - 00139984 _____ () C:\Users\Alex\Downloads\Lenstor (1).zip
2014-10-31 20:04 - 2014-10-31 21:11 - 00000000 ____D () C:\Users\Alex\Documents\Camtasia Studio
2014-10-31 20:04 - 2014-10-31 20:04 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\TechSmith
2014-10-31 20:03 - 2014-10-31 20:03 - 00001168 _____ () C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\ProgramData\TechSmith
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\ProgramData\regid.1995-08.com.techsmith
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-31 20:00 - 2014-10-31 20:00 - 00139984 _____ () C:\Users\Alex\Downloads\Lenstor.zip
2014-10-31 19:57 - 2014-10-31 20:01 - 257069928 _____ () C:\Users\Alex\Downloads\camtasiade843.exe
2014-10-31 19:10 - 2014-10-31 19:10 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-10-31 19:10 - 2014-10-31 19:10 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-10-31 19:10 - 2014-10-31 19:10 - 00000000 ___RD () C:\Users\Alex\Creative Cloud Files
2014-10-31 19:10 - 2014-10-31 19:03 - 01102087 _____ () C:\Users\Alex\Desktop\After Effects CC.zip
2014-10-31 19:06 - 2014-10-31 19:09 - 44499687 _____ () C:\Users\Alex\Downloads\PROTOTYPE - Official Intro Cinematic.mp4
2014-10-31 19:05 - 2014-10-31 19:05 - 00672432 _____ (Adobe Systems Incorporated) C:\Users\Alex\Downloads\CreativeCloudSet-Up.exe
2014-10-31 19:03 - 2014-10-31 19:03 - 01102087 _____ () C:\Users\Alex\Downloads\After Effects CC.zip
2014-10-31 18:33 - 2014-10-31 18:35 - 90883207 _____ () C:\Users\Alex\Downloads\CodeDraco HUGE FREE FONT PACK!.rar
2014-10-31 18:33 - 2014-10-31 18:33 - 05065889 _____ () C:\Users\Alex\Downloads\Dafont-Top50-FontPack.zip
2014-10-31 18:33 - 2014-10-31 18:33 - 01125200 _____ () C:\Users\Alex\Downloads\Font Pack Top 50 Free Font - CHIP-Installer.exe
2014-10-31 11:50 - 2014-10-29 08:41 - 00007555 _____ () C:\Users\Alex\Desktop\76561198089072733.lnk
2014-10-31 08:15 - 2014-10-31 08:15 - 00278016 _____ () C:\Users\Alex\Downloads\Horror13_www.FreeDownloadPowerPoint.com.pot
2014-10-31 08:14 - 2014-10-31 08:14 - 00279552 _____ () C:\Users\Alex\Downloads\Horror_9_www.FreeDownloadPowerPoint.com.pot
2014-10-31 08:14 - 2014-10-31 08:14 - 00271360 _____ () C:\Users\Alex\Downloads\Horror_2_www.FreeDownloadPowerPoint.com.pot
2014-10-31 08:14 - 2014-10-31 08:14 - 00248320 _____ () C:\Users\Alex\Downloads\Horror_7_www.FreeDownloadPowerPoint.com.pot
2014-10-31 08:12 - 2014-10-31 08:12 - 00275456 _____ () C:\Users\Alex\Downloads\Horror_3_www.FreeDownloadPowerPoint.com.pot
2014-10-30 11:37 - 2014-10-30 18:56 - 00000000 ____D () C:\Users\Alex\Desktop\KURIER SVE
2014-10-29 18:32 - 2014-10-29 18:32 - 01219525 _____ () C:\Users\Alex\Downloads\saveedit_r7.zip
2014-10-29 18:32 - 2014-10-29 18:32 - 01219525 _____ () C:\Users\Alex\Desktop\saveedit_r7.zip
2014-10-29 13:00 - 2014-10-29 13:00 - 00640024 _____ () C:\Windows\Minidump\102914-10732-01.dmp
2014-10-29 12:59 - 2014-10-16 17:54 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 24555840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 17260864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 13190288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-29 12:59 - 2014-10-16 17:54 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 04009672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00962376 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00931984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00921928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00895176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00392008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00348488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-29 12:59 - 2014-10-16 17:54 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-29 12:16 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-10-29 12:16 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-10-29 12:16 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-10-29 12:16 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-10-29 07:41 - 2014-10-29 09:26 - 00000000 ____D () C:\Users\Alex\Desktop\saves
2014-10-29 07:40 - 2014-10-29 07:40 - 00012430 _____ () C:\Users\Alex\Downloads\Save0420.sav
2014-10-28 19:04 - 2014-10-28 19:05 - 00820730 _____ () C:\Users\Alex\Downloads\fragtrap lvl 50 save.zip
2014-10-28 10:34 - 2014-10-31 12:58 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-10-28 10:34 - 2014-10-28 10:34 - 02174848 _____ () C:\Users\Alex\Downloads\SpeedFan4.50.exe
2014-10-28 10:34 - 2014-10-28 10:34 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo
2014-10-28 10:34 - 2014-10-28 10:34 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-28 10:34 - 2014-10-28 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-10-28 10:32 - 2014-10-28 10:32 - 00297880 _____ () C:\Windows\Minidump\102814-6817-01.dmp
2014-10-28 09:52 - 2014-10-28 09:52 - 00651264 _____ () C:\Users\Alex\Downloads\Detection (1).msi
2014-10-28 09:51 - 2014-10-28 09:51 - 00651264 _____ () C:\Users\Alex\Downloads\Detection.msi
2014-10-28 09:49 - 2014-10-28 09:52 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-10-28 09:49 - 2014-10-28 09:49 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-10-28 09:48 - 2014-10-28 09:48 - 00638888 _____ (Oracle Corporation) C:\Users\Alex\Downloads\chromeinstall-8u25.exe
2014-10-26 12:54 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-10-26 12:54 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-10-26 12:54 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-10-26 12:54 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-10-26 12:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-10-26 12:54 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-10-26 12:51 - 2014-10-26 12:51 - 00000202 _____ () C:\Users\Alex\Desktop\Borderlands The Pre-Sequel.url
2014-10-25 13:03 - 2014-10-25 13:05 - 00000000 ____D () C:\Fraps
2014-10-25 13:03 - 2014-10-25 13:03 - 02629194 _____ () C:\Users\Alex\Downloads\Fraps 3.5.99 by Elite48x.rar
2014-10-25 13:03 - 2014-10-25 13:03 - 00000562 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-10-25 13:03 - 2014-10-25 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-10-24 14:40 - 2014-10-24 14:40 - 00090448 _____ () C:\Users\Alex\Downloads\super_smash_bros_melee_eu.gcs
2014-10-24 14:24 - 2014-10-24 14:24 - 00090304 _____ () C:\Users\Alex\Downloads\super_smash_bros_melee.sav
2014-10-24 13:52 - 2014-10-24 14:11 - 1063881119 _____ () C:\Users\Alex\Downloads\Super Smash Bros. Melee (Europe) (En,Fr,De,Es,It).7z
2014-10-24 13:34 - 2014-10-24 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-24 13:33 - 2014-11-13 16:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 13:33 - 2014-11-13 14:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 13:33 - 2014-10-24 13:39 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-24 13:33 - 2014-10-24 13:39 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-24 13:33 - 2014-10-24 13:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-19 18:31 - 2014-10-19 18:31 - 00003486 _____ () C:\Windows\System32\Tasks\Trigger KMS Activation
2014-10-19 18:31 - 2014-10-19 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2014-10-19 18:31 - 2014-10-19 18:31 - 00000000 ____D () C:\Program Files\KMSnano
2014-10-19 18:23 - 2014-10-19 18:23 - 00000000 ____D () C:\Users\Alex\Documents\Benutzerdefinierte Office-Vorlagen
2014-10-19 17:03 - 2014-10-19 17:03 - 30662888 _____ () C:\Users\Alex\Downloads\#OF13KNA.zip
2014-10-19 17:03 - 2014-10-19 17:03 - 00001857 _____ () C:\Users\Alex\Desktop\Microsoft Office 2013 - Verknüpfung.lnk
2014-10-19 17:03 - 2014-10-19 17:03 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-19 17:02 - 2014-10-19 17:02 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-19 17:02 - 2014-10-19 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-19 17:02 - 2014-10-19 17:02 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-10-19 17:02 - 2014-10-19 17:02 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-10-19 17:02 - 2014-10-19 17:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-19 17:02 - 2014-10-19 17:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-10-19 17:01 - 2014-11-02 17:30 - 00000000 ____D () C:\Users\Alex\AppData\Local\Microsoft Help
2014-10-19 17:01 - 2014-10-19 17:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-19 17:01 - 2014-10-19 17:02 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-19 17:01 - 2014-10-19 17:01 - 00000000 __RHD () C:\MSOCache
2014-10-19 17:01 - 2014-10-19 17:01 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-10-19 17:01 - 2014-10-19 17:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-19 17:01 - 2014-10-19 17:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-10-19 16:59 - 2014-10-19 17:00 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
2014-10-19 16:59 - 2014-10-19 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-10-19 16:59 - 2014-10-19 16:59 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-10-19 16:59 - 2014-10-19 16:59 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-10-19 16:58 - 2014-10-19 17:00 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-10-19 16:43 - 2014-10-19 16:55 - 820998144 _____ () C:\Users\Alex\Documents\OfficeProfessionalPlus_x64_de-de.img
2014-10-15 13:51 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 13:51 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 13:51 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 13:51 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 13:51 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 13:51 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 13:51 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 13:51 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 13:51 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 13:51 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 13:51 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 13:51 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 13:51 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 13:51 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-15 13:51 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-15 13:51 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-15 13:51 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-15 13:51 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-15 13:51 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-15 13:51 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-15 13:51 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-15 13:51 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-15 13:51 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-15 13:51 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-15 13:51 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-15 13:51 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 13:51 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 13:51 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 13:51 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 13:51 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 13:51 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 13:51 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 13:51 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 13:51 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 13:51 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 13:51 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 13:51 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 13:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 13:51 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 13:51 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 13:51 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 13:51 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 13:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 13:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 13:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 13:51 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 13:51 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 13:51 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 13:51 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 13:51 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 13:51 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 13:51 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 13:51 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 13:51 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 13:49 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 13:49 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 13:49 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 13:49 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 13:49 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 13:49 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 13:49 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 13:49 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 13:49 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 13:48 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 13:48 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 16:48 - 2014-08-01 07:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 14:44 - 2009-07-14 05:45 - 00038112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 14:44 - 2009-07-14 05:45 - 00038112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 14:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 13:46 - 2011-04-12 08:43 - 00698856 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 13:46 - 2011-04-12 08:43 - 00148996 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 13:46 - 2009-07-14 06:13 - 01618324 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 13:44 - 2014-07-02 13:49 - 01972740 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 13:40 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-11-13 13:40 - 2010-11-21 04:47 - 00235520 _____ () C:\Windows\PFRO.log
2014-11-13 13:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 13:40 - 2009-07-14 05:51 - 00068943 _____ () C:\Windows\setupact.log
2014-11-13 10:47 - 2014-09-30 15:50 - 00000000 ____D () C:\Users\Alex\AppData\Local\Adobe
2014-11-13 10:37 - 2014-07-25 15:58 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
2014-11-13 10:37 - 2009-07-14 05:45 - 06644568 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 10:36 - 2014-07-02 15:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 19:48 - 2014-08-01 07:24 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 19:48 - 2014-08-01 07:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 19:48 - 2014-08-01 07:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 14:46 - 2014-07-02 15:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 14:44 - 2014-07-02 15:13 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-07 15:23 - 2014-07-02 16:59 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\TS3Client
2014-11-06 18:06 - 2014-09-13 07:41 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-11-06 18:06 - 2014-09-13 07:41 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-11-06 18:06 - 2014-09-13 07:41 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-11-06 18:06 - 2014-09-13 07:41 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-11-01 09:36 - 2014-07-02 15:25 - 00762360 _____ () C:\Users\Alex\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-01 09:21 - 2014-07-02 15:24 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Adobe
2014-11-01 09:16 - 2014-07-06 19:40 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-01 09:09 - 2014-07-02 17:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-01 09:08 - 2014-07-02 15:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-31 20:03 - 2014-07-02 13:49 - 00000000 ____D () C:\Users\Alex
2014-10-31 19:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-30 16:42 - 2014-09-09 10:29 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410254996
2014-10-30 16:42 - 2014-09-09 10:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-29 13:00 - 2014-07-06 13:20 - 696614961 _____ () C:\Windows\MEMORY.DMP
2014-10-29 13:00 - 2014-07-06 13:20 - 00000000 ____D () C:\Windows\Minidump
2014-10-29 13:00 - 2014-07-02 14:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-29 07:44 - 2014-07-02 14:09 - 00000000 ____D () C:\Users\Alex\Desktop\After Effects
2014-10-28 10:34 - 2014-07-02 14:12 - 00001007 _____ () C:\Users\Alex\Desktop\SpeedFan.lnk
2014-10-28 09:50 - 2014-09-28 17:34 - 00000000 ____D () C:\Program Files\Java
2014-10-28 09:50 - 2014-07-03 18:49 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-28 09:50 - 2014-07-03 18:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-26 12:53 - 2014-07-02 15:42 - 00000000 ____D () C:\Users\Alex\Documents\my games
2014-10-26 11:12 - 2014-09-27 08:05 - 00000000 ____D () C:\Users\Alex\Documents\Nexus Mod Manager
2014-10-26 11:08 - 2014-09-17 13:46 - 00000000 ____D () C:\Users\Alex\AppData\Local\Skyrim
2014-10-19 17:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-19 17:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-19 17:01 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-10-17 13:57 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-16 18:49 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 17:54 - 2014-09-19 19:00 - 18499648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-10-16 17:54 - 2014-09-19 19:00 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-16 17:54 - 2014-07-20 10:49 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-10-16 17:54 - 2014-07-02 15:32 - 20968040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-16 17:54 - 2014-07-02 15:32 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-10-16 17:54 - 2014-03-20 22:03 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-16 17:54 - 2014-03-20 22:02 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-16 17:54 - 2014-03-20 22:02 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-16 15:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 15:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\amazonicon_v8.exe
C:\Users\Alex\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Alex\AppData\Local\Temp\avgnt.exe
C:\Users\Alex\AppData\Local\Temp\dotNetFx40_Web_Setup.exe
C:\Users\Alex\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Alex\AppData\Local\Temp\javagiac0.9630830094713304.dll
C:\Users\Alex\AppData\Local\Temp\MailRuUpdater.exe
C:\Users\Alex\AppData\Local\Temp\MusicStudio.exe
C:\Users\Alex\AppData\Local\Temp\Nexus Mod Manager-0.52.3.exe
C:\Users\Alex\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alex\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Alex\AppData\Local\Temp\nvStInst.exe
C:\Users\Alex\AppData\Local\Temp\ose00000.exe
C:\Users\Alex\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Alex\AppData\Local\Temp\sdapskill.exe
C:\Users\Alex\AppData\Local\Temp\sdaspwn.exe
C:\Users\Alex\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Alex\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Alex\AppData\Local\Temp\sfareca00001.dll
C:\Users\Alex\AppData\Local\Temp\sfextra.dll
C:\Users\Alex\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alex\AppData\Local\Temp\SRLDetectionLibrary1807296400988318352.dll
C:\Users\Alex\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Alex\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 19:28
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit
Lesestoff: