| AlGrande | 02.01.2015 16:22 |
Vielleicht öffnet sich das wegen irgendwelchen Tastenkombinationen...
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2015
Ran by AlGrande (administrator) on Name on 02-01-2015 15:19:37
Running from C:\Users\AlGrande\Desktop
Loaded Profile: AlGrande (Available profiles: AlGrande)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(fabi.me) C:\Users\AlGrande\Desktop\SpeedAutoClicker.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_25\bin\java.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3835728 2014-12-01] (LogMeIn Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-07-17] ()
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833024 2014-07-17] (ZONER software)
HKU\S-1-5-21-3614382932-3873046457-4280037768-1001\...\Run: [Speed AutoClicker] => C:\Users\AlGrande\Desktop\SpeedAutoClicker.exe [179200 2013-09-24] (fabi.me)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\S-1-5-21-3614382932-3873046457-4280037768-1001 -> {4489FA2C-DF78-43C4-B698-B5A40717CE5F} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-11-30]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: An toàn giao dịch tài chính - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-30]
Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://www.google.de/", "hxxp://orteil.dashnet.org/cookieclicker/", "hxxp://clickingbad.nullism.com/", "hxxp://pizzaclicker.efekt.sk/", "hxxp://choppin-wood.com/", "hxxp://icecreamstand.ca/", "hxxp://candyclicker.com/", "hxxp://drmeth.com/index.php#", "hxxp://gameoftor.com/", "hxxp://www.minethings.com/", "hxxp://dhmholley.co.uk/civclicker.html", "hxxp://joezeng.github.io/goomyclicker/", "hxxp://speed-warp.net/#", "hxxp://progressquest.com/play/roster.html", "hxxp://castle.chirpingmustard.com/castle.html", "hxxp://candies.aniwey.net/index.php?pass=b9nmv", "hxxp://goldenminer.org/", "hxxp://adarkroom.doublespeakgames.com/", "hxxp://www.digitalchestnut.com/merryclickmas/", "hxxp://www.bluemaskgames.com/NBB/NanoBotBuilder.html", "https://dripstat.com/game/", "hxxp://candybox2.net/?slot=1", "hxxp://www.clickerheroes.com/", "hxxp://bary12.github.io/Computed/", "hxxp://www.gamesbutler.com/game/20892/Idle_Web_Tycoon/", "hxxp://deathraygames.com/play-online/miniLD48/", "hxxp://playlapse.com/bitmine/", "hxxp://soulharvester.neocities.org/", "hxxp://www.shmoggo.com/resource-game/", "hxxp://cakeandturtles.nfshost.com/games/pixelPets.php"
CHR Profile: C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-30]
CHR Extension: (Google Docs) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-30]
CHR Extension: (Google Drive) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-30]
CHR Extension: (YouTube) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]
CHR Extension: (Google-Suche) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]
CHR Extension: (Google Tabellen) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-30]
CHR Extension: (Little Alchemy) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-11-30]
CHR Extension: (Secure Bookmarks) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocjgngiajhfiikjolfhcpiokgbinep [2014-11-30]
CHR Extension: (Google Wallet) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-30]
CHR Extension: (Google Mail) - C:\Users\AlGrande\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-11-14] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2014-12-03] ()
S3 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [183112 2014-12-03] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-12-02] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-12-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-01] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-11-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-11-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-07] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-12-02] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-02 15:10 - 2015-01-02 15:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-02 15:10 - 2015-01-02 15:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-02 15:10 - 2015-01-02 15:10 - 00001413 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-02 15:10 - 2015-01-02 15:10 - 00001401 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-02 15:10 - 2015-01-02 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-02 15:10 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-01-02 15:09 - 2015-01-02 15:09 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\AlGrande\Downloads\spybot-2.4.exe
2015-01-02 15:08 - 2015-01-02 15:08 - 00017447 _____ () C:\Users\AlGrande\Desktop\Addition.txt
2015-01-02 15:06 - 2015-01-02 15:19 - 00018756 _____ () C:\Users\AlGrande\Desktop\FRST.txt
2015-01-02 15:06 - 2015-01-02 15:06 - 00000000 ____D () C:\Users\AlGrande\Desktop\FRST-OlderVersion
2014-12-24 11:35 - 2014-12-24 11:35 - 00000000 ____D () C:\Users\AlGrande\.ssh
2014-12-24 11:28 - 2014-12-24 11:28 - 00000000 ____D () C:\Users\AlGrande\Desktop\Neuer Ordner (3)
2014-12-24 11:26 - 2013-09-30 16:26 - 03050808 _____ () C:\WINDOWS\system32\pwNative.exe
2014-12-24 11:26 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys
2014-12-24 11:26 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys
2014-12-24 11:25 - 2014-12-24 11:25 - 00001271 _____ () C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
2014-12-24 11:25 - 2014-12-24 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1
2014-12-24 11:25 - 2014-12-24 11:25 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-12-24 11:24 - 2014-12-24 11:24 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\AlGrande\Downloads\pwhe811.exe
2014-12-23 16:50 - 2014-12-23 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2014-12-23 16:50 - 2014-12-23 16:50 - 00000000 ____D () C:\Program Files (x86)\Bandicam
2014-12-23 16:45 - 2014-12-23 17:37 - 00000000 ____D () C:\Users\AlGrande\Documents\Bandicam
2014-12-23 16:45 - 2014-12-23 16:45 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\BANDISOFT
2014-12-23 16:44 - 2014-12-23 16:50 - 00001010 _____ () C:\Users\AlGrande\Desktop\Bandicam.lnk
2014-12-23 16:44 - 2014-12-23 16:50 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-12-23 16:42 - 2014-12-23 16:42 - 09495760 _____ (Bandisoft) C:\Users\AlGrande\Downloads\bd740camsetup.exe
2014-12-16 18:37 - 2015-01-02 13:44 - 00000000 __RDO () C:\Users\AlGrande\OneDrive
2014-12-16 18:26 - 2014-12-16 18:26 - 00000075 __RSH () C:\WINDOWS\CT6STET.BIN
2014-12-16 18:26 - 2014-12-16 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion
2014-12-16 18:25 - 2014-12-16 18:25 - 00000000 ____D () C:\Users\Public\Documents\Reallusion
2014-12-16 18:25 - 2014-12-16 18:25 - 00000000 ____D () C:\Program Files (x86)\Reallusion
2014-12-16 18:24 - 2014-12-16 18:24 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\InstallShield
2014-12-16 18:23 - 2014-12-16 18:24 - 88188712 _____ (Macrovision Corporation) C:\Users\AlGrande\Downloads\crazytalk.exe
2014-12-16 18:12 - 2014-12-16 18:14 - 409542204 _____ () C:\Users\AlGrande\Downloads\CrazyTalk7.zip
2014-12-15 17:40 - 2014-12-15 17:38 - 02166272 _____ () C:\Users\AlGrande\Desktop\adwcleaner_4.105.exe
2014-12-15 17:38 - 2014-12-15 17:38 - 02166272 _____ () C:\Users\AlGrande\Downloads\adwcleaner_4.105.exe
2014-12-15 16:58 - 2014-12-15 16:58 - 00070290 _____ () C:\Users\AlGrande\Downloads\World Downloader [1.7.2] 20140118.zip
2014-12-15 16:56 - 2014-12-15 16:56 - 00085130 _____ () C:\Users\AlGrande\Downloads\TooManyItems-non-Forge-1.8.zip
2014-12-15 16:54 - 2014-12-15 16:54 - 00862484 _____ () C:\Users\AlGrande\Downloads\OptiFine_1.8.1_HD_U_B2.jar
2014-12-14 12:35 - 2014-12-14 12:35 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Maxthon Update
2014-12-14 12:35 - 2014-12-14 12:35 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Maxthon3
2014-12-14 12:35 - 2014-12-14 12:35 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2014-12-14 12:33 - 2014-12-14 12:33 - 41232800 _____ (Maxthon International ltd.) C:\Users\AlGrande\Downloads\mx4.4.3.4000.exe
2014-12-14 11:17 - 2014-12-14 11:21 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Apple Computer
2014-12-14 11:17 - 2014-12-14 11:17 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Apple Computer
2014-12-14 11:17 - 2014-12-14 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files\iTunes
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files\iPod
2014-12-14 11:16 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-14 11:16 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-12-14 11:14 - 2014-12-14 11:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-14 11:14 - 2014-12-14 11:14 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-12-14 11:14 - 2014-12-14 11:14 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Apple
2014-12-14 11:14 - 2014-12-14 11:14 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-12-14 11:13 - 2014-12-14 11:14 - 15016222 _____ ( ) C:\Users\AlGrande\Downloads\ifunbox27_setup.exe
2014-12-14 11:13 - 2014-12-14 11:13 - 00000000 ____D () C:\Program Files\Bonjour
2014-12-14 11:13 - 2014-12-14 11:13 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-12-14 11:12 - 2014-12-14 11:14 - 00000000 ____D () C:\ProgramData\Apple
2014-12-14 11:10 - 2014-12-14 11:11 - 122418480 _____ (Apple Inc.) C:\Users\AlGrande\Downloads\iTunes64Setup.exe
2014-12-13 13:12 - 2014-12-13 13:12 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-11 15:08 - 2014-12-11 15:08 - 00386383 _____ (hxxp://magiclauncher.com) C:\Users\AlGrande\Desktop\MagicLauncher_1.2.5.exe
2014-12-11 14:42 - 2014-12-11 14:42 - 00000000 ___HD () C:\Users\AlGrande\AppData\Roaming\MSEmbed
2014-12-11 14:42 - 2014-12-11 14:42 - 00000000 ___HD () C:\Users\AlGrande\AppData\Roaming\.kbd
2014-12-11 12:12 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 12:12 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 12:12 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 12:12 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 12:00 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-11 12:00 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-11 12:00 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-11 12:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 12:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 12:00 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 12:00 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 12:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 12:00 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 12:00 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 12:00 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 12:00 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 12:00 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 12:00 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 12:00 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 12:00 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 12:00 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 12:00 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 12:00 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 12:00 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 12:00 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 12:00 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 12:00 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 12:00 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 12:00 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 12:00 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 12:00 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 12:00 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 12:00 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 12:00 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 12:00 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 12:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 12:00 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 12:00 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 12:00 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 12:00 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 12:00 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 12:00 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 12:00 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 12:00 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 12:00 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 12:00 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 12:00 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 12:00 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 12:00 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 12:00 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 16:25 - 2014-12-10 16:25 - 00000000 ____D () C:\Users\AlGrande\Desktop\Neuer Ordner
2014-12-10 14:07 - 2014-12-10 14:07 - 00001881 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-12-10 14:07 - 2014-12-10 14:07 - 00001825 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-12-10 14:06 - 2014-12-10 14:11 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-12-10 14:06 - 2014-12-10 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-12-10 14:06 - 2014-12-10 14:06 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-12-10 14:04 - 2014-12-10 14:04 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Bluestacks
2014-12-09 14:34 - 2014-12-09 14:34 - 00000000 ____D () C:\Users\AlGrande\Documents\Incomedia
2014-12-09 14:28 - 2014-12-09 14:36 - 00000000 ____D () C:\Program Files (x86)\WebSite X5 v11 - Home
2014-12-09 14:28 - 2014-12-09 14:28 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Incomedia
2014-12-09 14:25 - 2014-12-09 14:26 - 103683456 _____ (Incomedia s.r.l. ) C:\Users\AlGrande\Downloads\wsx5_home_hmchip912de.exe
2014-12-09 14:24 - 2014-12-09 14:25 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\concept design
2014-12-09 14:24 - 2014-12-09 14:24 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design
2014-12-09 14:24 - 2014-12-09 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design
2014-12-09 14:24 - 2014-12-09 14:24 - 00000000 ____D () C:\Program Files (x86)\concept design
2014-12-09 14:23 - 2014-12-09 14:23 - 05023872 _____ (concept/design GmbH ) C:\Users\AlGrande\Downloads\chip_otv10_setup.exe
2014-12-08 17:11 - 2014-12-09 14:36 - 00000000 ____D () C:\Users\AlGrande\Desktop\Server 1.8 Spigot
2014-12-08 17:01 - 2014-12-08 17:01 - 00000000 ____D () C:\Users\AlGrande\.m2
2014-12-08 16:59 - 2014-12-08 16:59 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-08 16:59 - 2014-12-08 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-08 16:58 - 2014-12-08 16:59 - 00000000 ____D () C:\Program Files\Java
2014-12-08 16:56 - 2014-12-08 16:56 - 00001140 _____ () C:\Users\Public\Desktop\Git Bash.lnk
2014-12-08 16:56 - 2014-12-08 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-12-08 16:56 - 2014-12-08 16:56 - 00000000 ____D () C:\Program Files (x86)\Git
2014-12-07 17:03 - 2014-12-13 14:01 - 00000275 _____ () C:\AdwCleanerDebug.txt
2014-12-07 17:03 - 2014-12-07 17:03 - 02153472 _____ () C:\Users\AlGrande\Downloads\AdwCleaner_4.104.exe
2014-12-07 14:35 - 2014-12-07 14:37 - 00068096 ___SH () C:\Users\AlGrande\Downloads\Thumbs.db
2014-12-06 17:35 - 2014-12-06 17:35 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-12-06 13:40 - 2015-01-02 15:06 - 02123264 _____ (Farbar) C:\Users\AlGrande\Desktop\FRST64.exe
2014-12-06 13:31 - 2015-01-02 13:45 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D61B58A8-E970-42CF-A31D-5E5037C85BB4}
2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 __SHD () C:\Users\AlGrande\AppData\Local\EmieUserList
2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 __SHD () C:\Users\AlGrande\AppData\Local\EmieSiteList
2014-12-06 13:31 - 2014-12-06 13:31 - 00000000 __SHD () C:\Users\AlGrande\AppData\Local\EmieBrowserModeList
2014-12-06 13:28 - 2014-12-06 13:28 - 00000000 ____D () C:\Users\AlGrande\Downloads\Neuer Ordner
2014-12-06 13:27 - 2014-12-06 13:27 - 00000000 ___HD () C:\Users\AlGrande\Desktop\.updtmp
2014-12-05 15:54 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-05 15:54 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-05 15:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-12-05 15:54 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-12-05 15:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-12-05 15:54 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-12-05 15:54 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-12-05 15:54 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-12-05 15:54 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-12-05 15:54 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-12-05 15:54 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2014-12-05 15:54 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-12-05 15:54 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2014-12-05 15:54 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-12-05 15:54 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-12-05 15:54 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2014-12-05 15:54 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2014-12-05 15:54 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2014-12-05 15:54 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-12-05 15:54 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2014-12-05 15:54 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2014-12-05 15:54 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2014-12-05 15:54 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-12-05 15:54 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2014-12-05 15:52 - 2014-12-05 15:54 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-12-05 15:52 - 2014-12-05 15:53 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-12-05 15:19 - 2014-12-22 13:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-05 15:19 - 2014-12-05 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-04 19:08 - 2014-12-07 14:30 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-04 19:08 - 2014-12-04 19:08 - 00001124 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-04 19:07 - 2014-12-04 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-04 19:07 - 2014-12-04 19:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-04 19:07 - 2014-12-04 19:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-04 19:07 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-04 19:07 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-04 19:07 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-04 12:58 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-12-04 12:58 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-12-04 12:56 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-12-04 12:56 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-12-04 12:56 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-12-04 12:56 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-12-04 12:56 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-12-04 12:56 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-12-04 12:56 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-12-04 12:56 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-12-04 12:56 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-12-04 12:56 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-12-04 12:56 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-12-04 12:56 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-12-04 12:56 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-12-04 12:56 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-12-04 12:56 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-12-04 12:56 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-12-04 12:56 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-12-04 12:56 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-12-04 12:56 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-12-04 12:56 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-12-04 12:56 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-12-04 12:56 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-12-04 12:56 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-12-04 12:56 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-12-04 12:56 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-12-04 12:56 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-12-04 12:56 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-12-04 12:56 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-12-04 12:56 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-12-04 12:56 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-12-04 12:54 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-12-04 12:54 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-12-04 12:54 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-12-04 12:54 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-12-04 12:54 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-12-04 12:54 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-12-04 12:54 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-12-04 12:54 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-12-04 12:52 - 2014-07-10 05:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-12-04 12:45 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-12-04 12:45 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-12-04 12:45 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-12-04 12:45 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-12-04 12:45 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-12-04 12:45 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-12-04 12:45 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-04 12:45 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-12-04 12:45 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-12-04 12:45 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-04 12:45 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-12-04 12:45 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-12-04 12:45 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-12-04 12:45 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-12-04 12:45 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-12-04 12:45 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-12-04 12:45 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-12-04 12:45 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-12-04 12:45 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-12-04 12:45 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-12-04 12:45 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-04 12:45 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-12-04 12:45 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-04 12:45 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-12-04 12:45 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-04 12:45 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-04 12:45 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-12-04 12:45 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-12-04 12:45 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-12-04 12:45 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-12-04 12:45 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-12-04 12:45 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-12-04 12:45 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-04 12:45 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-12-04 12:45 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-12-04 12:45 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-12-04 12:45 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-12-04 12:45 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-12-04 12:45 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-12-04 12:45 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-12-03 20:30 - 2014-12-03 20:50 - 00082039 _____ () C:\Users\AlGrande\Desktop\servers.dat
2014-12-03 19:35 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-12-03 19:35 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-12-03 19:35 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-12-03 19:35 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-03 19:28 - 2015-01-02 14:57 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Skype
2014-12-03 19:28 - 2014-12-04 13:28 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-03 19:28 - 2014-12-04 13:28 - 00000000 ____D () C:\ProgramData\Skype
2014-12-03 19:28 - 2014-12-04 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-03 19:28 - 2014-12-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-03 19:28 - 2014-12-03 19:28 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Skype
2014-12-03 19:18 - 2014-12-03 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-03 19:18 - 2014-12-03 19:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-03 15:20 - 2014-12-03 15:20 - 00000000 ____D () C:\Users\AlGrande\Documents\NFS Undercover
2014-12-03 15:19 - 2014-12-03 15:19 - 00183112 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-03 15:19 - 2014-12-03 15:19 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-03 15:19 - 2014-12-03 15:19 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\PunkBuster
2014-12-03 15:17 - 2014-12-03 15:17 - 00000000 __RHD () C:\Users\AlGrande\AppData\Roaming\SecuROM
2014-12-03 14:02 - 2014-12-03 14:02 - 00016554 _____ () C:\Users\AlGrande\Documents\et.xlsx
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-02 15:19 - 2014-11-29 17:48 - 00000000 ____D () C:\FRST
2015-01-02 15:17 - 2014-05-10 14:29 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\.minecraft
2015-01-02 15:15 - 2014-11-30 16:51 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3614382932-3873046457-4280037768-1001
2015-01-02 14:50 - 2014-11-30 17:45 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-02 14:23 - 2014-12-02 14:32 - 01074762 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-02 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-02 13:59 - 2014-11-30 17:55 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-02 13:43 - 2014-11-30 17:45 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-02 13:40 - 2014-12-02 14:32 - 00000000 _____ () C:\WINDOWS\system32\Drivers\lvuvc.hs
2014-12-24 11:35 - 2014-12-02 14:39 - 00000000 ____D () C:\Users\AlGrande
2014-12-23 16:50 - 2014-12-02 18:49 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\CrashDumps
2014-12-22 14:09 - 2013-08-22 15:46 - 00289205 _____ () C:\WINDOWS\setupact.log
2014-12-22 13:04 - 2014-09-24 07:17 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-22 13:04 - 2014-09-24 06:43 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-22 13:04 - 2014-09-24 06:43 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-21 13:36 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 12:15 - 2014-10-23 16:56 - 00000000 ____D () C:\Users\AlGrande\Desktop\server 1.7.10
2014-12-18 13:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-18 12:50 - 2014-07-19 16:52 - 00000000 ____D () C:\Pylo
2014-12-17 14:53 - 2014-10-23 17:25 - 00000182 _____ () C:\Users\AlGrande\Desktop\Serverstart.bat
2014-12-16 18:39 - 2014-11-30 16:45 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Packages
2014-12-16 18:25 - 2014-12-01 16:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-16 14:25 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-15 17:41 - 2014-11-28 13:01 - 00000000 ____D () C:\AdwCleaner
2014-12-14 15:54 - 2014-09-23 22:06 - 00012886 _____ () C:\WINDOWS\PFRO.log
2014-12-13 13:51 - 2014-11-30 17:45 - 00002201 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-13 13:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-13 13:12 - 2014-09-24 08:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-13 13:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-13 13:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-13 13:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 15:23 - 2014-11-30 20:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-12 15:20 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-12 15:19 - 2014-11-30 20:06 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-10 14:08 - 2014-12-01 13:16 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-12-10 14:07 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-09 14:28 - 2014-12-02 14:32 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-07 17:06 - 2014-11-30 19:54 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\LogMeIn Hamachi
2014-12-07 15:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-07 14:28 - 2014-12-02 19:47 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Ximagic
2014-12-07 13:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-12-06 17:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-06 14:07 - 2014-12-02 17:42 - 00020480 ___SH () C:\Users\AlGrande\Desktop\Thumbs.db
2014-12-04 19:20 - 2014-12-02 14:32 - 00008201 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-12-04 18:51 - 2014-11-30 18:43 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\Notepad++
2014-12-03 14:00 - 2014-11-30 17:47 - 00000000 ____D () C:\Users\AlGrande\AppData\Local\Microsoft Help
2014-12-03 13:22 - 2014-12-02 19:30 - 00000000 ____D () C:\Users\AlGrande\AppData\Roaming\mehdiplugins
2014-12-03 12:49 - 2014-12-02 14:28 - 00000000 ___DC () C:\WINDOWS\Panther
Some content of TEMP:
====================
C:\Users\AlGrande\AppData\Local\Temp\bdcam_0.dll
C:\Users\AlGrande\AppData\Local\Temp\bdfilters.dll
C:\Users\AlGrande\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-20-g0b2ed13-b3108jnks.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Bukkit-a646500.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Spigot-1642.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Spigot-1649.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64-git-Spigot-b8f6402-a646500.dll
C:\Users\AlGrande\AppData\Local\Temp\jansi-64.dll
C:\Users\AlGrande\AppData\Local\Temp\onOneWait.exe
C:\Users\AlGrande\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-21 13:27
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
Ran by AlGrande at 2015-01-02 15:20:00
Running from C:\Users\AlGrande\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Catalyst Install Manager (HKLM\...\{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.1.419 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
concept/design onlineTV 10 (HKLM-x32\...\{DCAB9AAC-1D1C-4B94-99B7-AA7D2617BD64}_is1) (Version: 10.6.0.0 - concept/design GmbH)
CrazyTalk v6.21 SE (HKLM-x32\...\{60CE924D-12CB-4A96-8B75-18F92CE1D585}) (Version: 6.21.2325.1 - Reallusion)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Git version 1.9.4-preview20140929 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140929 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.279 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.279 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.4000 - Maxthon International Limited)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 de)) (Version: 31.2.0 - Mozilla)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_DE_is1) (Version: 16.0.1.8 - ZONER software)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3614382932-3873046457-4280037768-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
==================== Restore Points =========================
02-12-2014 18:53:23 Installed Perfect Effects Free 9
05-12-2014 15:53:57 DirectX wurde installiert
08-12-2014 16:56:41 Removed Java 8 Update 25 (64-bit)
12-12-2014 15:16:10 Windows Update
14-12-2014 11:14:32 Installed iTunes
16-12-2014 18:24:52 Installiert CrazyTalk
21-12-2014 13:27:45 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01FF0D32-E0C5-421D-95FC-E309B729F239} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-12-10] (Maxthon International ltd.)
Task: {718CDB32-8624-4F10-BCF6-26B0416126A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {72B63425-600D-43FD-9C85-CE2BD60B76B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30] (Google Inc.)
Task: {CD475793-C5FC-4794-B0BA-998F10CF4089} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-12] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-12-03 15:19 - 2014-12-03 15:19 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-12-23 13:37 - 2014-12-23 13:37 - 00310272 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\lwjgl64.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00653832 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\avutil-ttv-51.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00361103 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\swresample-ttv-0.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00688161 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\libmp3lame-ttv.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 01127424 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\twitchsdk.dll
2014-12-23 13:37 - 2014-12-23 13:37 - 00382464 _____ () C:\Users\AlGrande\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives\OpenAL64.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2015-01-02 15:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-02 15:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-02 15:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-02 15:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-12-13 13:51 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\AlGrande\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
========================= Accounts: ==========================
Administrator (S-1-5-21-3614382932-3873046457-4280037768-500 - Administrator - Disabled)
AlGrande (S-1-5-21-3614382932-3873046457-4280037768-1001 - Administrator - Enabled) => C:\Users\AlGrande
Gast (S-1-5-21-3614382932-3873046457-4280037768-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3614382932-3873046457-4280037768-1006 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2014 06:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14125
Error: (12/26/2014 06:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14125
Error: (12/26/2014 06:06:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/24/2014 11:07:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 59574984
Error: (12/24/2014 11:07:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 59574984
Error: (12/24/2014 11:07:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/23/2014 06:34:49 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (12/23/2014 06:34:47 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
Error: (12/23/2014 04:50:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Name des fehlerhaften Moduls: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00030588
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0xbdcam.exe0
Pfad der fehlerhaften Anwendung: bdcam.exe1
Pfad des fehlerhaften Moduls: bdcam.exe2
Berichtskennung: bdcam.exe3
Vollständiger Name des fehlerhaften Pakets: bdcam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bdcam.exe5
Error: (12/23/2014 04:50:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Name des fehlerhaften Moduls: bdcam.exe, Version: 1.9.1.419, Zeitstempel: 0x524a62ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00030588
ID des fehlerhaften Prozesses: 0x109c
Startzeit der fehlerhaften Anwendung: 0xbdcam.exe0
Pfad der fehlerhaften Anwendung: bdcam.exe1
Pfad des fehlerhaften Moduls: bdcam.exe2
Berichtskennung: bdcam.exe3
Vollständiger Name des fehlerhaften Pakets: bdcam.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bdcam.exe5
System errors:
=============
Error: (12/26/2014 06:05:36 PM) (Source: DCOM) (EventID: 10010) (User: Name)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (12/26/2014 06:00:57 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (12/18/2014 07:26:47 PM) (Source: DCOM) (EventID: 10010) (User: Name)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (12/17/2014 03:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Name)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (12/16/2014 06:12:50 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "Name2-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{37ED4FF8-3009-473C-A8ED-32A15B1BA263}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/16/2014 02:26:40 PM) (Source: DCOM) (EventID: 10016) (User: Name)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NameAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/16/2014 02:26:39 PM) (Source: DCOM) (EventID: 10016) (User: Name)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NameAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/16/2014 02:26:39 PM) (Source: DCOM) (EventID: 10016) (User: Name)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}NameAlGrandeS-1-5-21-3614382932-3873046457-4280037768-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/16/2014 02:26:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (12/16/2014 02:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 8138.64 MB
Available physical RAM: 4610.91 MB
Total Pagefile: 10122.64 MB
Available Pagefile: 5080.85 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:416.93 GB) (Free:215.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:48.83 GB) (Free:47.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D98CD4DC)
Partition 1: (Active) - (Size=416.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
