Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System is out of control. No anti-virus, current BSoD.


  • This topic is locked This topic is locked
3 replies to this topic

#1 Tommyistic

Tommyistic

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:15 PM

Posted 13 July 2014 - 02:59 AM

Hi,

 

My computer BSo'D yesterday while trying to run an aswmbr scan (BSoD error - IRQL_NOT_LESS_OR_EQUAL)

I couldn't manage to access safe mode from windows 8.1, So I did a system recovery.

 

aswmbr was gone after the reboot, MWB did not open at all.

I ran chameleon which told me MWB was not installed anymore, and it attempted to reinstall it receiving continuous errors saying chameleon was already running and could not install correctly unless I ignored the file which I did.

 

I then rebooted again like it asked. Tried a few things like renaming MWB to winlogon.exe (found on a help forum), Running as admin, Running RKill.

 

I figured the problem may have been my PC freezing midway through the first aswmbr scan and interacting with whatever virus/malware is on it.

I downloaded and ran another aswmbr scan and went to bed, When I woke up i have another blue screen with error: CRITICAL STRUCTURE CORRUPTION.

 

I managed a FRST scan and addition.txt last night before the second scan, after MWB chameleon altered me MWB was no longer installed.

The PC is still on it's blue screen, I dont know where to go from here.

 
Any help would be appreciated immensely.
 
****FRST****
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Maxi (administrator) on HP-DESKTOP on 13-07-2014 00:23:23
Running from C:\Users\Maxi\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...an-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingc...an-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
() C:\Program Files (x86)\Stardock\MyColors\wbvista.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Creative Technology Ltd.) C:\Windows\V0700Mon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-06-06] (IDT, Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1225920 2014-05-01] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-05-01] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [BtTray] => c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-07-28] (IVT Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-05] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [1969440 2013-05-14] ()
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [V0700Mon.exe] => C:\windows\V0700Mon.exe [28672 2011-08-22] (Creative Technology Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-27] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\windows\skipmetrosuite.exe,
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\MyColors\fast64.dll [X]
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\Run: [EPLTarget\P0000000000000001] => C:\windows\system32\spool\DRIVERS\x64\3\1\E_IATIICE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-300 Series"
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\1\E_IATIICE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-300 Series"
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\Run: [EPLTarget\P0000000000000002] => C:\windows\system32\spool\DRIVERS\x64\3\1\E_IATIICE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-300 Series"
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-184554810-3211840952-10881384-1001\...\MountPoints2: {82ae7979-75e7-11e2-be72-689423bdcf70} - "G:\Startme.exe" 
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stardock MyColors.lnk
ShortcutTarget: Stardock MyColors.lnk -> C:\Program Files (x86)\Stardock\MyColors\SDDelayedLaunch.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files (x86)\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files (x86)\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
Startup: C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/51
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/51
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/51
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/51
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/51
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://au.search.yah...psg&type=HPDTDF
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://au.search.yah...psg&type=HPDTDF
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPDTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://au.search.yah...psg&type=HPDTDF
SearchScopes: HKCU - {D630BF88-6095-4D80-87C3-3BF3E0052C18} URL = http://search.condui...349962451924115
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\wum7pcer.default-1401372473785
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Facebook Chat History Manager - C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\wum7pcer.default-1401372473785\Extensions\fbchathistory@firechm.com.xpi [2014-07-04]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2013-06-14]
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.com.au
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Windows Live0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Extension: (Google Docs) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-18]
CHR Extension: (Google Drive) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-18]
CHR Extension: (YouTube) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-18]
CHR Extension: (Adblock Plus) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-12]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2013-09-18]
CHR Extension: (Google Search) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-18]
CHR Extension: (AdBlock) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-12]
CHR Extension: (Google Wallet) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-18]
CHR Extension: (Gmail) - C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-18]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2013-06-14]
 
==================== Services (Whitelisted) =================
 
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-07-24] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-11] (IVT Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-16] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-30] (Hewlett-Packard)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-05-01] (NVIDIA Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-06-06] (IDT, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S2 70e6ca8c; "c:\progra~2\optimi~1\OptProCrash.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-16] (Ralink Corporation.)
S3 BlueletSCOAudio; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [35936 2012-07-11] (Ralink Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
U4 BthA2DP; 
U4 BthAvrcpTg; 
U4 BthHFEnum; 
U4 bthhfhid; 
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48352 2012-07-12] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-26] (CyberLink)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-04-01] (NVIDIA Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 sxuptp; C:\Windows\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S3 V0700Vid; C:\Windows\system32\DRIVERS\V0700Vid.sys [393920 2011-09-06] (Creative Technology Ltd.)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-16] (Ralink Corporation.)
S3 NPF; \SystemRoot\system32\DRIVERS\npf.sys [X]
U2 wuaserv; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-13 00:15 - 2014-07-13 00:15 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-13 00:15 - 2014-07-13 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-13 00:14 - 2014-05-12 08:19 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-13 00:14 - 2014-05-12 08:19 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-13 00:14 - 2014-05-12 08:19 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-13 00:12 - 2014-07-13 00:13 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Maxi\Desktop\mbam_premium.exe
2014-07-13 00:09 - 2014-07-13 00:09 - 00433736 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-12 23:57 - 2014-07-12 23:57 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-12 22:55 - 2014-07-12 22:55 - 00003184 _____ () C:\windows\System32\Tasks\{7481ECC7-8EE2-4468-A8C5-320A827105D7}
2014-07-12 04:36 - 2014-07-12 04:36 - 02084864 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-07-12 04:36 - 2014-07-12 04:36 - 00000000 ____D () C:\Users\Maxi\Desktop\FRST-OlderVersion
2014-07-12 02:11 - 2014-06-18 09:27 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-12 02:11 - 2014-06-18 09:24 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-12 02:11 - 2014-06-11 14:18 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-12 02:11 - 2014-06-03 08:33 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-07-12 02:11 - 2014-05-30 09:31 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-07-12 02:11 - 2014-05-30 09:03 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-07-12 02:11 - 2014-05-30 09:02 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-12 02:11 - 2014-05-30 09:02 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-07-12 02:11 - 2014-05-03 16:34 - 06974808 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-12 02:11 - 2014-05-03 16:33 - 01824808 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-07-12 02:11 - 2014-05-03 14:51 - 01408976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-07-12 02:11 - 2014-05-02 08:37 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-07-12 02:11 - 2014-04-30 08:32 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-07-12 02:11 - 2014-04-30 08:32 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-07-12 02:11 - 2014-04-24 09:51 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-12 02:11 - 2014-04-24 09:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 02:11 - 2014-04-24 09:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-12 02:11 - 2014-04-24 09:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-12 02:11 - 2014-02-08 14:34 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-07-12 02:10 - 2014-07-01 08:42 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-12 02:10 - 2014-07-01 08:42 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-07-12 02:10 - 2014-07-01 08:42 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-07-12 02:10 - 2014-06-28 13:35 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-12 02:10 - 2014-06-19 12:12 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-12 02:10 - 2014-06-19 12:12 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-12 02:10 - 2014-06-19 12:12 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-07-12 02:10 - 2014-06-19 12:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-07-12 02:10 - 2014-06-19 12:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-12 02:10 - 2014-06-19 12:11 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-12 02:10 - 2014-06-19 12:11 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-12 02:10 - 2014-06-19 12:11 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-12 02:10 - 2014-06-19 12:10 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-12 02:10 - 2014-06-19 12:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-12 02:10 - 2014-06-19 10:53 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-12 02:10 - 2014-06-19 10:53 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-12 02:10 - 2014-06-19 10:53 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-12 02:10 - 2014-06-19 10:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-12 02:10 - 2014-06-19 10:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-12 02:10 - 2014-06-19 10:53 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-12 02:10 - 2014-06-19 10:53 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-12 02:10 - 2014-06-19 10:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-12 02:10 - 2014-06-19 10:52 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-12 02:10 - 2014-06-19 10:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-12 02:10 - 2014-06-19 10:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-12 02:10 - 2014-06-19 08:05 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-07-12 02:10 - 2014-06-07 00:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-12 02:10 - 2014-06-06 20:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-12 02:10 - 2014-05-30 08:24 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-09 23:32 - 2014-07-09 23:36 - 00239656 _____ () C:\Users\Maxi\Documents\FRST.txt
2014-07-09 22:59 - 2014-07-13 00:23 - 00025494 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-07-09 22:59 - 2014-07-13 00:23 - 00000000 ____D () C:\FRST
2014-07-09 22:57 - 2014-07-09 22:57 - 02084352 _____ (Farbar) C:\Users\Maxi\Downloads\FRST64.exe
2014-07-07 16:21 - 2014-07-07 16:21 - 00016069 _____ () C:\Users\Maxi\Downloads\en_windows_7_ultimate_with_sp1_x64_dvd [IPT].torrent
2014-07-07 15:53 - 2014-07-07 15:53 - 00001172 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-07 15:53 - 2014-07-07 15:53 - 00001160 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-07 15:53 - 2014-07-07 15:53 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-07 15:47 - 2014-07-07 15:47 - 06226040 _____ (TeamViewer GmbH) C:\Users\Maxi\Downloads\TeamViewer_Setup_en.exe
2014-07-05 01:45 - 2014-07-05 01:45 - 00000037 _____ () C:\Users\Maxi\Documents\ATO stuffs.txt
2014-07-04 03:48 - 2014-07-04 03:48 - 00098304 _____ () C:\Users\Maxi\fbchathistory.dat
2014-07-04 03:47 - 2014-07-04 03:47 - 00001157 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 03:47 - 2014-07-04 03:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-04 03:47 - 2014-07-04 03:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-03 10:09 - 2014-07-03 11:57 - 00012864 _____ () C:\Users\Maxi\Documents\MINE.TAX
2014-07-03 10:09 - 2014-07-03 10:29 - 00011984 _____ () C:\Users\Maxi\Documents\MINE.BAK
2014-07-03 08:49 - 2014-07-03 09:19 - 00011792 _____ () C:\Users\Maxi\Documents\TOMS TAX.TAX
2014-07-03 08:49 - 2014-07-03 09:13 - 00011584 _____ () C:\Users\Maxi\Documents\TOMS TAX.BAK
2014-07-03 08:48 - 2014-07-03 08:48 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-tax 2014
2014-07-03 08:48 - 2014-07-03 08:48 - 00000000 ____D () C:\Users\Maxi\AppData\Local\etax2014
2014-07-03 08:48 - 2014-07-03 08:48 - 00000000 ____D () C:\Program Files (x86)\etax2014
2014-07-03 08:46 - 2014-07-03 08:47 - 30777344 _____ () C:\Users\Maxi\Downloads\etax2014_1.msi
2014-07-03 01:17 - 2014-07-03 01:17 - 00017531 _____ () C:\Users\Maxi\Downloads\The_Shawshank_Redemption_1994_1080p_1080p.torrent
2014-07-02 21:36 - 2014-07-02 21:36 - 00017566 _____ () C:\Users\Maxi\Downloads\Tracks_2013_1080p_1080p.torrent
2014-07-02 21:33 - 2014-07-02 21:33 - 00013422 _____ () C:\Users\Maxi\Downloads\Road_to_Paloma_2014_1080p_1080p.torrent
2014-07-02 14:01 - 2014-07-04 21:32 - 00007619 _____ () C:\Users\Maxi\AppData\Local\Resmon.ResmonCfg
2014-06-26 23:58 - 2014-06-26 23:58 - 00008207 _____ () C:\Users\Maxi\Downloads\Slums_of_Beverly_Hills_1998_720p.torrent
2014-06-26 23:58 - 2014-06-26 23:58 - 00008186 _____ () C:\Users\Maxi\Downloads\Paid_in_Full_2002_720p.torrent
2014-06-26 23:57 - 2014-06-26 23:57 - 00014119 _____ () C:\Users\Maxi\Downloads\A_Series_of_Unfortunate_Events_2004_720p.torrent
2014-06-26 23:48 - 2014-06-26 23:48 - 00014901 _____ () C:\Users\Maxi\Downloads\Mindhunters_2004_720p.torrent
2014-06-26 23:48 - 2014-06-26 23:48 - 00010049 _____ () C:\Users\Maxi\Downloads\Summer_of_Sam_1999_720p.torrent
2014-06-26 23:46 - 2014-06-26 23:46 - 00012820 _____ () C:\Users\Maxi\Downloads\Waiting_2005_720p.torrent
2014-06-26 23:44 - 2014-06-26 23:44 - 00019956 _____ () C:\Users\Maxi\Downloads\Artificial_Intelligence_AI_2001_720p.torrent
2014-06-26 21:04 - 2014-06-26 21:04 - 00021628 _____ () C:\Users\Maxi\Downloads\Foxfire_2012_1080p_1080p.torrent
2014-06-26 21:03 - 2014-06-26 21:03 - 00015466 _____ () C:\Users\Maxi\Downloads\G_B_F_2013_1080p_1080p.torrent
2014-06-26 21:02 - 2014-06-26 21:02 - 00010498 _____ () C:\Users\Maxi\Downloads\Foxfire_2012_720p.torrent
2014-06-26 21:01 - 2014-06-26 21:01 - 00013456 _____ () C:\Users\Maxi\Downloads\Alice_Through_the_Looking_Glass_1998_1080p_1080p.torrent
2014-06-26 20:57 - 2014-06-26 20:57 - 00008825 _____ () C:\Users\Maxi\Downloads\Ghost_World_2001_720p.torrent
2014-06-26 20:49 - 2014-06-26 20:49 - 00013350 _____ () C:\Users\Maxi\Downloads\The_Little_Rascals_1994_1080p_1080p.torrent
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Maxi\Documents\LDW
2014-06-24 14:43 - 2014-06-24 14:43 - 00015264 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_3_Left_for_Dead_UNRATED_2009_1080p_1080p.torrent
2014-06-24 14:42 - 2014-06-24 14:42 - 00015329 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_2_Dead_End_UNRATED_2007_1080p_1080p.torrent
2014-06-24 14:41 - 2014-06-24 14:41 - 00014119 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_UNRATED_2003_1080p_1080p.torrent
2014-06-23 00:11 - 2014-06-23 00:11 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-23 00:10 - 2014-06-23 00:10 - 01024664 _____ (WildTangent) C:\Users\Maxi\Downloads\Setup-virtualvillagersnewhome-wildgames!92371ec93f5a4930a923762923b9005e.exe
2014-06-18 22:18 - 2014-06-18 22:18 - 00017045 _____ () C:\Users\Maxi\Downloads\To_Kill_a_Mockingbird_1962_720p.torrent
2014-06-18 22:18 - 2014-06-18 22:18 - 00009961 _____ () C:\Users\Maxi\Downloads\Sex_Drive_2008_720p.torrent
2014-06-18 22:18 - 2014-06-18 22:18 - 00007690 _____ () C:\Users\Maxi\Downloads\The_Bling_Ring_2013_720p.torrent
2014-06-18 22:17 - 2014-06-18 22:17 - 00017334 _____ () C:\Users\Maxi\Downloads\Pineapple_Express_UNRATED_2008_1080p_1080p.torrent
2014-06-18 22:17 - 2014-06-18 22:17 - 00013978 _____ () C:\Users\Maxi\Downloads\The_Dictator_2012_720p.torrent
2014-06-18 22:17 - 2014-06-18 22:17 - 00012264 _____ () C:\Users\Maxi\Downloads\Space_Jam_1996_720p.torrent
2014-06-18 22:11 - 2014-06-18 22:11 - 00017977 _____ () C:\Users\Maxi\Downloads\V_for_Vendetta_2005_1080p_1080p.torrent
2014-06-18 22:10 - 2014-06-18 22:10 - 00015498 _____ () C:\Users\Maxi\Downloads\Unicorn_City_2012_1080p_1080p.torrent
2014-06-18 22:10 - 2014-06-18 22:10 - 00013124 _____ () C:\Users\Maxi\Downloads\8_Mile_2002_720p.torrent
2014-06-18 22:09 - 2014-06-18 22:09 - 00012401 _____ () C:\Users\Maxi\Downloads\Braveheart_1995_720p.torrent
2014-06-18 22:08 - 2014-06-18 22:08 - 00017572 _____ () C:\Users\Maxi\Downloads\Alice_in_Wonderland_2010_1080p_1080p.torrent
2014-06-18 22:08 - 2014-06-18 22:08 - 00011499 _____ () C:\Users\Maxi\Downloads\A_Beautiful_Mind_2001_1080p_1080p.torrent
2014-06-18 22:06 - 2014-06-18 22:06 - 00009975 _____ () C:\Users\Maxi\Downloads\The_Mortal_Instruments_City_of_Bones_2013_720p.torrent
2014-06-18 22:02 - 2014-06-18 22:02 - 00008193 _____ () C:\Users\Maxi\Downloads\Date_and_Switch_2014_720p.torrent
2014-06-18 22:01 - 2014-06-18 22:01 - 00015071 _____ () C:\Users\Maxi\Downloads\Dumb_Dumber_1994_720p.torrent
2014-06-18 21:54 - 2014-06-18 21:54 - 00008795 _____ () C:\Users\Maxi\Downloads\2_Guns_2013_720p.torrent
2014-06-18 21:53 - 2014-06-18 21:53 - 00008793 _____ () C:\Users\Maxi\Downloads\Vampire_Academy_2014_720p.torrent
2014-06-18 21:51 - 2014-06-18 21:51 - 00009429 _____ () C:\Users\Maxi\Downloads\Her_2013_720p.torrent
2014-06-18 21:50 - 2014-06-18 21:50 - 00008241 _____ () C:\Users\Maxi\Downloads\That_Awkward_Moment_2014_720p.torrent
2014-06-18 21:49 - 2014-06-18 21:50 - 00013444 _____ () C:\Users\Maxi\Downloads\Enemy_2013_1080p_1080p.torrent
2014-06-18 21:49 - 2014-06-18 21:49 - 00007733 _____ () C:\Users\Maxi\Downloads\Enemy_2013_720p.torrent
2014-06-18 19:42 - 2014-06-18 19:42 - 00017558 _____ () C:\Users\Maxi\Downloads\Kid_Cannabis_2014_1080p_1080p.torrent
2014-06-18 19:42 - 2014-06-18 19:42 - 00015440 _____ () C:\Users\Maxi\Downloads\Walk_of_Shame_2014_1080p_1080p.torrent
2014-06-17 21:39 - 2014-06-17 21:39 - 00015686 _____ () C:\Users\Maxi\Downloads\Jackass_3_5_2011_720p.torrent
2014-06-17 21:39 - 2014-06-17 21:39 - 00015376 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_4_UNRATED_2011_1080p_1080p.torrent
2014-06-17 21:39 - 2014-06-17 21:39 - 00014222 _____ () C:\Users\Maxi\Downloads\The_Devils_Double_2011_720p.torrent
2014-06-17 21:34 - 2014-06-17 21:34 - 00019328 _____ () C:\Users\Maxi\Downloads\Winnie_the_Pooh_2011_720p.torrent
2014-06-17 21:32 - 2014-06-17 21:32 - 00013345 _____ () C:\Users\Maxi\Downloads\Junkie_2012_1080p_1080p.torrent
2014-06-17 21:31 - 2014-06-17 21:31 - 00020556 _____ () C:\Users\Maxi\Downloads\Savages_2012_1080p_1080p.torrent
2014-06-17 21:30 - 2014-06-17 21:30 - 00015222 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_5_2012_1080p_1080p.torrent
2014-06-15 17:19 - 2014-06-15 17:19 - 00015526 _____ () C:\Users\Maxi\Downloads\Carrie_2013_1080p_1080p.torrent
2014-06-15 17:14 - 2014-06-15 17:14 - 00015500 _____ () C:\Users\Maxi\Downloads\Crystal_Fairy_2013_1080p_1080p.torrent
2014-06-15 16:53 - 2014-06-15 16:53 - 00014149 _____ () C:\Users\Maxi\Downloads\The_Pirate_Bay_Away_from_Keyboard_2013_1080p_1080p.torrent
2014-06-15 16:47 - 2014-06-15 16:48 - 00007733 _____ () C:\Users\Maxi\Downloads\Sleeping_Beauty_2014_720p.torrent
2014-06-15 13:02 - 2014-06-15 13:02 - 00000041 _____ () C:\Users\Maxi\Documents\MWB key.txt
2014-06-13 05:41 - 2014-06-13 05:41 - 00002220 _____ () C:\Users\Maxi\Desktop\Google Chrome.lnk
2014-06-13 05:40 - 2014-06-13 05:40 - 00002894 _____ () C:\Users\Maxi\Desktop\SoMX (2).lnk
2014-06-13 05:40 - 2014-06-13 05:40 - 00002894 _____ () C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\SoMX (2).lnk
 
==================== One Month Modified Files and Folders =======
 
2014-07-13 00:23 - 2014-07-09 22:59 - 00025494 _____ () C:\Users\Maxi\Desktop\FRST.txt
2014-07-13 00:23 - 2014-07-09 22:59 - 00000000 ____D () C:\FRST
2014-07-13 00:22 - 2012-07-31 03:22 - 00000821 _____ () C:\windows\SysWOW64\bscs.ini
2014-07-13 00:21 - 2014-01-09 14:42 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\ClassicShell
2014-07-13 00:15 - 2014-07-13 00:15 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-13 00:15 - 2014-07-13 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-13 00:15 - 2014-06-03 21:51 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-13 00:15 - 2013-02-13 15:47 - 00000000 ____D () C:\Users\Maxi\AppData\Local\CrashDumps
2014-07-13 00:15 - 2013-02-13 07:14 - 00003592 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-184554810-3211840952-10881384-1001
2014-07-13 00:13 - 2014-07-13 00:12 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\Maxi\Desktop\mbam_premium.exe
2014-07-13 00:12 - 2013-05-03 22:33 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Skype
2014-07-13 00:11 - 2012-10-31 09:20 - 00004524 _____ () C:\windows\SysWOW64\LOCALSERVICE.INI
2014-07-13 00:11 - 2012-10-31 09:20 - 00000043 _____ () C:\windows\SysWOW64\LOCALDEVICE.INI
2014-07-13 00:09 - 2014-07-13 00:09 - 00433736 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-13 00:09 - 2013-04-15 23:18 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 00:09 - 2012-10-31 08:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-13 00:09 - 2012-08-02 12:02 - 01359992 _____ () C:\windows\PFRO.log
2014-07-13 00:09 - 2012-07-26 17:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-13 00:08 - 2012-07-26 15:26 - 01048576 ___SH () C:\windows\system32\config\BBI
2014-07-13 00:07 - 2012-07-26 17:28 - 00005386 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-13 00:00 - 2013-07-25 21:15 - 00000350 _____ () C:\windows\Tasks\HPCeeScheduleForMaxi.job
2014-07-12 23:57 - 2014-07-12 23:57 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-12 23:57 - 2013-02-13 07:06 - 01430794 _____ () C:\windows\WindowsUpdate.log
2014-07-12 23:57 - 2012-07-26 18:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 23:57 - 2012-07-26 18:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 23:57 - 2012-07-26 18:12 - 00000000 ____D () C:\windows\WinStore
2014-07-12 23:57 - 2012-07-26 17:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-12 23:38 - 2013-02-13 16:33 - 00000000 ____D () C:\Users\Maxi\Documents\Bittorrent DLS
2014-07-12 23:33 - 2013-02-12 05:18 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-12 23:26 - 2013-04-15 23:18 - 00000924 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-12 23:13 - 2013-02-13 07:06 - 00000000 ____D () C:\Users\Maxi
2014-07-12 23:04 - 2012-10-31 08:59 - 00000000 ____D () C:\ProgramData\WildTangent
2014-07-12 23:03 - 2012-10-31 08:59 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-07-12 23:01 - 2012-10-31 08:59 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-12 23:01 - 2012-07-26 18:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-12 22:57 - 2012-10-31 09:00 - 00000000 ____D () C:\Program Files (x86)\WildGames
2014-07-12 22:56 - 2013-02-13 07:24 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\WildTangent
2014-07-12 22:56 - 2012-10-31 08:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-12 22:55 - 2014-07-12 22:55 - 00003184 _____ () C:\windows\System32\Tasks\{7481ECC7-8EE2-4468-A8C5-320A827105D7}
2014-07-12 22:50 - 2014-04-04 13:20 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-07-12 22:49 - 2013-02-15 12:35 - 00243558 _____ () C:\windows\DPINST.LOG
2014-07-12 22:45 - 2012-10-31 08:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-12 20:21 - 2012-07-26 17:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-12 20:19 - 2013-08-15 01:58 - 00000000 ____D () C:\windows\system32\MRT
2014-07-12 20:05 - 2013-03-06 12:59 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-12 19:50 - 2012-07-26 18:12 - 00000000 ____D () C:\windows\rescache
2014-07-12 19:49 - 2013-02-13 07:09 - 00000000 ____D () C:\Users\Maxi\AppData\Local\bluesoleil
2014-07-12 19:49 - 2012-07-26 18:12 - 00000000 ____D () C:\windows\registration
2014-07-12 19:48 - 2012-07-26 15:38 - 00000000 ____D () C:\windows\system32\Sysprep
2014-07-12 04:36 - 2014-07-12 04:36 - 02084864 _____ (Farbar) C:\Users\Maxi\Desktop\FRST64.exe
2014-07-12 04:36 - 2014-07-12 04:36 - 00000000 ____D () C:\Users\Maxi\Desktop\FRST-OlderVersion
2014-07-12 03:07 - 2013-07-25 21:15 - 00003162 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMaxi
2014-07-12 02:04 - 2012-07-26 15:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-10 20:53 - 2013-02-21 19:56 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-07-10 03:10 - 2013-02-21 14:14 - 00000393 _____ () C:\windows\SysWOW64\REMOTEDEVICE.INI
2014-07-09 23:36 - 2014-07-09 23:32 - 00239656 _____ () C:\Users\Maxi\Documents\FRST.txt
2014-07-09 22:57 - 2014-07-09 22:57 - 02084352 _____ (Farbar) C:\Users\Maxi\Downloads\FRST64.exe
2014-07-09 03:28 - 2013-02-12 05:18 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-07 22:19 - 2013-07-11 03:42 - 00000000 ____D () C:\Program Files\PeerBlock
2014-07-07 16:21 - 2014-07-07 16:21 - 00016069 _____ () C:\Users\Maxi\Downloads\en_windows_7_ultimate_with_sp1_x64_dvd [IPT].torrent
2014-07-07 15:53 - 2014-07-07 15:53 - 00001172 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-07 15:53 - 2014-07-07 15:53 - 00001160 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-07 15:53 - 2014-07-07 15:53 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-07 15:47 - 2014-07-07 15:47 - 06226040 _____ (TeamViewer GmbH) C:\Users\Maxi\Downloads\TeamViewer_Setup_en.exe
2014-07-05 01:45 - 2014-07-05 01:45 - 00000037 _____ () C:\Users\Maxi\Documents\ATO stuffs.txt
2014-07-04 21:32 - 2014-07-02 14:01 - 00007619 _____ () C:\Users\Maxi\AppData\Local\Resmon.ResmonCfg
2014-07-04 20:53 - 2013-06-04 16:31 - 00000000 ____D () C:\windows\Minidump
2014-07-04 03:48 - 2014-07-04 03:48 - 00098304 _____ () C:\Users\Maxi\fbchathistory.dat
2014-07-04 03:47 - 2014-07-04 03:47 - 00001157 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-04 03:47 - 2014-07-04 03:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-04 03:47 - 2014-07-04 03:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-03 20:58 - 2013-02-21 19:56 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-03 11:57 - 2014-07-03 10:09 - 00012864 _____ () C:\Users\Maxi\Documents\MINE.TAX
2014-07-03 10:29 - 2014-07-03 10:09 - 00011984 _____ () C:\Users\Maxi\Documents\MINE.BAK
2014-07-03 09:19 - 2014-07-03 08:49 - 00011792 _____ () C:\Users\Maxi\Documents\TOMS TAX.TAX
2014-07-03 09:13 - 2014-07-03 08:49 - 00011584 _____ () C:\Users\Maxi\Documents\TOMS TAX.BAK
2014-07-03 08:48 - 2014-07-03 08:48 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-tax 2014
2014-07-03 08:48 - 2014-07-03 08:48 - 00000000 ____D () C:\Users\Maxi\AppData\Local\etax2014
2014-07-03 08:48 - 2014-07-03 08:48 - 00000000 ____D () C:\Program Files (x86)\etax2014
2014-07-03 08:47 - 2014-07-03 08:46 - 30777344 _____ () C:\Users\Maxi\Downloads\etax2014_1.msi
2014-07-03 01:17 - 2014-07-03 01:17 - 00017531 _____ () C:\Users\Maxi\Downloads\The_Shawshank_Redemption_1994_1080p_1080p.torrent
2014-07-02 21:36 - 2014-07-02 21:36 - 00017566 _____ () C:\Users\Maxi\Downloads\Tracks_2013_1080p_1080p.torrent
2014-07-02 21:33 - 2014-07-02 21:33 - 00013422 _____ () C:\Users\Maxi\Downloads\Road_to_Paloma_2014_1080p_1080p.torrent
2014-07-01 08:42 - 2014-07-12 02:10 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-01 08:42 - 2014-07-12 02:10 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-07-01 08:42 - 2014-07-12 02:10 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-07-01 04:58 - 2012-07-26 18:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-06-30 10:22 - 2013-07-02 19:09 - 00000000 ____D () C:\Users\Maxi\Documents\Thomas
2014-06-28 13:35 - 2014-07-12 02:10 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-27 06:53 - 2013-11-19 18:30 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-27 06:53 - 2013-11-19 18:30 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-26 23:58 - 2014-06-26 23:58 - 00008207 _____ () C:\Users\Maxi\Downloads\Slums_of_Beverly_Hills_1998_720p.torrent
2014-06-26 23:58 - 2014-06-26 23:58 - 00008186 _____ () C:\Users\Maxi\Downloads\Paid_in_Full_2002_720p.torrent
2014-06-26 23:57 - 2014-06-26 23:57 - 00014119 _____ () C:\Users\Maxi\Downloads\A_Series_of_Unfortunate_Events_2004_720p.torrent
2014-06-26 23:48 - 2014-06-26 23:48 - 00014901 _____ () C:\Users\Maxi\Downloads\Mindhunters_2004_720p.torrent
2014-06-26 23:48 - 2014-06-26 23:48 - 00010049 _____ () C:\Users\Maxi\Downloads\Summer_of_Sam_1999_720p.torrent
2014-06-26 23:46 - 2014-06-26 23:46 - 00012820 _____ () C:\Users\Maxi\Downloads\Waiting_2005_720p.torrent
2014-06-26 23:44 - 2014-06-26 23:44 - 00019956 _____ () C:\Users\Maxi\Downloads\Artificial_Intelligence_AI_2001_720p.torrent
2014-06-26 21:04 - 2014-06-26 21:04 - 00021628 _____ () C:\Users\Maxi\Downloads\Foxfire_2012_1080p_1080p.torrent
2014-06-26 21:03 - 2014-06-26 21:03 - 00015466 _____ () C:\Users\Maxi\Downloads\G_B_F_2013_1080p_1080p.torrent
2014-06-26 21:02 - 2014-06-26 21:02 - 00010498 _____ () C:\Users\Maxi\Downloads\Foxfire_2012_720p.torrent
2014-06-26 21:01 - 2014-06-26 21:01 - 00013456 _____ () C:\Users\Maxi\Downloads\Alice_Through_the_Looking_Glass_1998_1080p_1080p.torrent
2014-06-26 20:57 - 2014-06-26 20:57 - 00008825 _____ () C:\Users\Maxi\Downloads\Ghost_World_2001_720p.torrent
2014-06-26 20:49 - 2014-06-26 20:49 - 00013350 _____ () C:\Users\Maxi\Downloads\The_Little_Rascals_1994_1080p_1080p.torrent
2014-06-25 22:23 - 2014-06-25 22:23 - 00000000 ____D () C:\Users\Maxi\Documents\LDW
2014-06-24 14:43 - 2014-06-24 14:43 - 00015264 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_3_Left_for_Dead_UNRATED_2009_1080p_1080p.torrent
2014-06-24 14:42 - 2014-06-24 14:42 - 00015329 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_2_Dead_End_UNRATED_2007_1080p_1080p.torrent
2014-06-24 14:41 - 2014-06-24 14:41 - 00014119 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_UNRATED_2003_1080p_1080p.torrent
2014-06-23 00:11 - 2014-06-23 00:11 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-23 00:11 - 2013-12-06 17:48 - 00000000 ____D () C:\Users\Maxi\AppData\Roaming\NVIDIA
2014-06-23 00:10 - 2014-06-23 00:10 - 01024664 _____ (WildTangent) C:\Users\Maxi\Downloads\Setup-virtualvillagersnewhome-wildgames!92371ec93f5a4930a923762923b9005e.exe
2014-06-20 18:39 - 2013-02-14 16:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-06-19 12:19 - 2013-04-15 23:18 - 00003896 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 12:19 - 2013-04-15 23:18 - 00003660 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 12:12 - 2014-07-12 02:10 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-19 12:12 - 2014-07-12 02:10 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-19 12:12 - 2014-07-12 02:10 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-19 12:12 - 2014-07-12 02:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-19 12:12 - 2014-07-12 02:10 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-19 12:11 - 2014-07-12 02:10 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-19 12:11 - 2014-07-12 02:10 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-19 12:11 - 2014-07-12 02:10 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-19 12:10 - 2014-07-12 02:10 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-19 12:09 - 2014-07-12 02:10 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-19 10:53 - 2014-07-12 02:10 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-19 10:53 - 2014-07-12 02:10 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-19 10:53 - 2014-07-12 02:10 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-19 10:53 - 2014-07-12 02:10 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-19 10:53 - 2014-07-12 02:10 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-19 10:53 - 2014-07-12 02:10 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-19 10:53 - 2014-07-12 02:10 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-19 10:52 - 2014-07-12 02:10 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-19 10:52 - 2014-07-12 02:10 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-19 10:33 - 2014-07-12 02:10 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-19 10:30 - 2014-07-12 02:10 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-19 08:05 - 2014-07-12 02:10 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-18 22:18 - 2014-06-18 22:18 - 00017045 _____ () C:\Users\Maxi\Downloads\To_Kill_a_Mockingbird_1962_720p.torrent
2014-06-18 22:18 - 2014-06-18 22:18 - 00009961 _____ () C:\Users\Maxi\Downloads\Sex_Drive_2008_720p.torrent
2014-06-18 22:18 - 2014-06-18 22:18 - 00007690 _____ () C:\Users\Maxi\Downloads\The_Bling_Ring_2013_720p.torrent
2014-06-18 22:17 - 2014-06-18 22:17 - 00017334 _____ () C:\Users\Maxi\Downloads\Pineapple_Express_UNRATED_2008_1080p_1080p.torrent
2014-06-18 22:17 - 2014-06-18 22:17 - 00013978 _____ () C:\Users\Maxi\Downloads\The_Dictator_2012_720p.torrent
2014-06-18 22:17 - 2014-06-18 22:17 - 00012264 _____ () C:\Users\Maxi\Downloads\Space_Jam_1996_720p.torrent
2014-06-18 22:11 - 2014-06-18 22:11 - 00017977 _____ () C:\Users\Maxi\Downloads\V_for_Vendetta_2005_1080p_1080p.torrent
2014-06-18 22:10 - 2014-06-18 22:10 - 00015498 _____ () C:\Users\Maxi\Downloads\Unicorn_City_2012_1080p_1080p.torrent
2014-06-18 22:10 - 2014-06-18 22:10 - 00013124 _____ () C:\Users\Maxi\Downloads\8_Mile_2002_720p.torrent
2014-06-18 22:09 - 2014-06-18 22:09 - 00012401 _____ () C:\Users\Maxi\Downloads\Braveheart_1995_720p.torrent
2014-06-18 22:08 - 2014-06-18 22:08 - 00017572 _____ () C:\Users\Maxi\Downloads\Alice_in_Wonderland_2010_1080p_1080p.torrent
2014-06-18 22:08 - 2014-06-18 22:08 - 00011499 _____ () C:\Users\Maxi\Downloads\A_Beautiful_Mind_2001_1080p_1080p.torrent
2014-06-18 22:06 - 2014-06-18 22:06 - 00009975 _____ () C:\Users\Maxi\Downloads\The_Mortal_Instruments_City_of_Bones_2013_720p.torrent
2014-06-18 22:02 - 2014-06-18 22:02 - 00008193 _____ () C:\Users\Maxi\Downloads\Date_and_Switch_2014_720p.torrent
2014-06-18 22:01 - 2014-06-18 22:01 - 00015071 _____ () C:\Users\Maxi\Downloads\Dumb_Dumber_1994_720p.torrent
2014-06-18 21:54 - 2014-06-18 21:54 - 00008795 _____ () C:\Users\Maxi\Downloads\2_Guns_2013_720p.torrent
2014-06-18 21:53 - 2014-06-18 21:53 - 00008793 _____ () C:\Users\Maxi\Downloads\Vampire_Academy_2014_720p.torrent
2014-06-18 21:51 - 2014-06-18 21:51 - 00009429 _____ () C:\Users\Maxi\Downloads\Her_2013_720p.torrent
2014-06-18 21:50 - 2014-06-18 21:50 - 00008241 _____ () C:\Users\Maxi\Downloads\That_Awkward_Moment_2014_720p.torrent
2014-06-18 21:50 - 2014-06-18 21:49 - 00013444 _____ () C:\Users\Maxi\Downloads\Enemy_2013_1080p_1080p.torrent
2014-06-18 21:49 - 2014-06-18 21:49 - 00007733 _____ () C:\Users\Maxi\Downloads\Enemy_2013_720p.torrent
2014-06-18 19:42 - 2014-06-18 19:42 - 00017558 _____ () C:\Users\Maxi\Downloads\Kid_Cannabis_2014_1080p_1080p.torrent
2014-06-18 19:42 - 2014-06-18 19:42 - 00015440 _____ () C:\Users\Maxi\Downloads\Walk_of_Shame_2014_1080p_1080p.torrent
2014-06-18 09:27 - 2014-07-12 02:11 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-06-18 09:24 - 2014-07-12 02:11 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-06-17 21:39 - 2014-06-17 21:39 - 00015686 _____ () C:\Users\Maxi\Downloads\Jackass_3_5_2011_720p.torrent
2014-06-17 21:39 - 2014-06-17 21:39 - 00015376 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_4_UNRATED_2011_1080p_1080p.torrent
2014-06-17 21:39 - 2014-06-17 21:39 - 00014222 _____ () C:\Users\Maxi\Downloads\The_Devils_Double_2011_720p.torrent
2014-06-17 21:34 - 2014-06-17 21:34 - 00019328 _____ () C:\Users\Maxi\Downloads\Winnie_the_Pooh_2011_720p.torrent
2014-06-17 21:32 - 2014-06-17 21:32 - 00013345 _____ () C:\Users\Maxi\Downloads\Junkie_2012_1080p_1080p.torrent
2014-06-17 21:31 - 2014-06-17 21:31 - 00020556 _____ () C:\Users\Maxi\Downloads\Savages_2012_1080p_1080p.torrent
2014-06-17 21:30 - 2014-06-17 21:30 - 00015222 _____ () C:\Users\Maxi\Downloads\Wrong_Turn_5_2012_1080p_1080p.torrent
2014-06-15 17:19 - 2014-06-15 17:19 - 00015526 _____ () C:\Users\Maxi\Downloads\Carrie_2013_1080p_1080p.torrent
2014-06-15 17:14 - 2014-06-15 17:14 - 00015500 _____ () C:\Users\Maxi\Downloads\Crystal_Fairy_2013_1080p_1080p.torrent
2014-06-15 16:53 - 2014-06-15 16:53 - 00014149 _____ () C:\Users\Maxi\Downloads\The_Pirate_Bay_Away_from_Keyboard_2013_1080p_1080p.torrent
2014-06-15 16:48 - 2014-06-15 16:47 - 00007733 _____ () C:\Users\Maxi\Downloads\Sleeping_Beauty_2014_720p.torrent
2014-06-15 13:02 - 2014-06-15 13:02 - 00000041 _____ () C:\Users\Maxi\Documents\MWB key.txt
2014-06-13 22:26 - 2013-02-13 07:07 - 00000000 ____D () C:\Users\Maxi\AppData\Local\Packages
2014-06-13 05:41 - 2014-06-13 05:41 - 00002220 _____ () C:\Users\Maxi\Desktop\Google Chrome.lnk
2014-06-13 05:40 - 2014-06-13 05:40 - 00002894 _____ () C:\Users\Maxi\Desktop\SoMX (2).lnk
2014-06-13 05:40 - 2014-06-13 05:40 - 00002894 _____ () C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\SoMX (2).lnk
 
Files to move or delete:
====================
C:\Users\Maxi\fbchathistory.dat
C:\Users\Maxi\uninstall.exe.exe
 
 
Some content of TEMP:
====================
C:\Users\Maxi\AppData\Local\Temp\_isA8D3.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-09 14:47
 
==================== End Of Log ============================
 
 
 
 
****Addition.txt****
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by Maxi at 2014-07-13 00:23:51
Running from C:\Users\Maxi\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.631.5823 - ABBYY) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Basic Operation Guide EPSON XP-300 Series (HKLM-x32\...\EPSON XP-300 Series Bog) (Version:  - )
BigPond Broadband ADSL (HKLM-x32\...\{2A36014E-DF1D-4840-A209-3185B17BFC71}) (Version: 12.0 - Telstra)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CactusVPN (HKLM-x32\...\CactusVPN) (Version: 4.1.0 - CactusVPN.com)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Creative Live! Cam Chat HD (VF0700) (1.00.06.00) (HKLM\...\Creative VF0700) (Version:  - Creative Technology Ltd.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.1.4319 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-300 Series Printer Uninstall (HKLM\...\EPSON XP-300 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
e-tax 2013 (HKLM-x32\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.10.558 - Australian Taxation Office)
e-tax 2014 (HKLM-x32\...\{42D5C0B2-A309-4F84-9BD7-5DDDFE6C09E1}) (Version: 2.7.707 - Australian Taxation Office)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{FF27F674-821E-4BA2-985B-DDF539C2CD03}) (Version: 7.0.33.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Network Guide EPSON XP-300 Series (HKLM-x32\...\EPSON XP-300 Series Netg) (Version:  - )
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - PC Utilities Software Limited) <==== ATTENTION
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{25427DA3-EBB7-B260-CD05-9E18F2F8E9F7}) (Version: 9.0.710.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.14.201312091927 - Sony Mobile Communications AB)
Sony Mobile Update Service (HKLM-x32\...\Update Service) (Version: 2.13.8.201307151333 - Sony Mobile Communications AB)
Sony PC Companion 2.10.181 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.181 - Sony)
Stardock MyColors (HKLM-x32\...\Stardock MyColors) (Version: 2.75.00 - Stardock Corporation)
Stardock MyColors (x32 Version: 2.75.00 - Stardock Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
User's Guide EPSON XP-300 Series (HKLM-x32\...\EPSON XP-300 Series Useg) (Version:  - )
Virtual Villagers - A New Home (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 3.0.2.59 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Driver Package - Thomson (USB_RNDIS) Net  (02/15/2007 2.0.0.0) (HKLM\...\2CA3B8348CD526E9B8928840AC68738C5B5A4F8F) (Version: 02/15/2007 2.0.0.0 - Thomson)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare Player(Build 1.0.2) (HKLM-x32\...\Wondershare Player_is1) (Version: 1.0.2.1 - Wondershare)
Wondershare Video Converter Ultimate(Build 6.5.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.5.0.5 - Wondershare Software)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
26-06-2014 18:11:20 Scheduled Checkpoint
02-07-2014 22:48:13 Installed e-tax 2014
09-07-2014 20:39:42 Windows Update
12-07-2014 12:40:07 Removed Apple Mobile Device Support
12-07-2014 12:43:04 Removed Download Navigator
 
==================== Hosts content: ==========================
 
2012-07-26 15:26 - 2012-07-26 15:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {04F17A68-6091-4884-9B51-F1E5CA45C974} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {20C3B9C3-D00E-4B5B-8B0F-D95784AB3809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-16] (Hewlett-Packard Company)
Task: {22D1A278-06FE-4997-9172-223038B9D4B1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-20] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {6084B2D5-B785-4D16-B60A-5E311819B047} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-15] (Google Inc.)
Task: {79D6AF01-FE4E-447F-9D00-8AB84A7FBC36} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {79E3636B-108C-4025-A44F-FFEB31017B7C} - System32\Tasks\{11A4F511-FD9F-4E4B-9020-1FA1783BE79C} => Firefox.exe http://ui.skype.com/...;page=tsInstall
Task: {89A38A37-925D-4085-9C20-EBA0111A2F49} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation)
Task: {9E808AB0-97A4-4CF9-A4D9-0BBD540F218A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-16] (Hewlett-Packard Company)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B6207C82-2FDD-4E1A-8166-3AA89D7D08D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {B62C9873-B520-4629-B339-0AB762136F76} - System32\Tasks\HPCeeScheduleForMaxi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CB0FD835-BD63-4B35-B359-406BFA69D44C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-16] (Hewlett-Packard Company)
Task: {CF3D7BD2-F560-4BAD-9DA4-01847571627D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-15] (Google Inc.)
Task: {E67A09E1-3EDB-487A-B5F9-BDF95D91B624} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-07-12] (Microsoft Corporation)
Task: {E7E4EB45-4FEC-46C4-BABE-88553BF8AE89} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForMaxi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-02-10 23:47 - 2011-02-10 23:47 - 00100656 _____ () C:\Program Files (x86)\Stardock\MyColors\WBVista.exe
2012-10-31 08:47 - 2014-03-04 23:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-27 12:32 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-20 18:37 - 2014-06-20 18:37 - 08890536 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-06-14 17:16 - 2013-04-27 10:01 - 00941992 _____ () C:\windows\SysWOW64\WPShellExt64.dll
2013-06-14 17:15 - 2013-03-25 10:57 - 00727952 _____ () C:\windows\SysWOW64\WSCM64.dll
2012-07-11 11:11 - 2012-07-11 11:11 - 00009728 _____ () C:\windows\system32\BsHelpCSps.dll
2012-07-11 11:11 - 2012-07-11 11:11 - 00052736 _____ () C:\windows\system32\BlueSoleilCSps.dll
2012-07-28 07:51 - 2012-07-28 07:51 - 00346112 _____ () C:\windows\system32\BsExtendFunc.dll
2012-07-11 11:09 - 2012-07-11 11:09 - 00022528 _____ () C:\windows\system32\BsTrace.dll
2012-08-30 03:02 - 2012-08-30 03:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-08-30 03:02 - 2012-08-30 03:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-08-30 03:02 - 2012-08-30 03:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-02-13 07:07 - 2013-02-13 07:07 - 00120224 _____ () C:\Users\Maxi\AppData\Local\assembly\dl3\YKHZCYAG.VB0\YCJMNVK0.JKZ\e93f21bd\00ef7209_0886cd01\HPItunesModule.DLL
2012-07-11 11:09 - 2012-07-11 11:09 - 00022528 _____ () C:\windows\SYSTEM32\BsTrace.dll
2012-07-11 11:14 - 2012-07-11 11:14 - 00072192 _____ () C:\windows\SYSTEM32\BsProfilefunc.dll
2012-07-28 07:51 - 2012-07-28 07:51 - 00346112 _____ () C:\windows\SYSTEM32\BsExtendFunc.dll
2012-07-11 11:11 - 2012-07-11 11:11 - 00009728 _____ () C:\windows\SYSTEM32\BsHelpCSps.dll
2012-07-11 11:11 - 2012-07-11 11:11 - 00052736 _____ () C:\windows\SYSTEM32\BlueSoleilCSps.dll
2012-07-28 10:43 - 2012-07-28 10:43 - 00290816 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2012-05-03 10:28 - 2012-05-03 10:28 - 00012800 _____ () c:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2014-06-13 10:19 - 2014-06-05 23:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 10:19 - 2014-06-05 23:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 10:19 - 2014-06-05 23:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 10:19 - 2014-06-05 23:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 10:19 - 2014-06-05 23:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-12 23:46 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\Maxi\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKCU\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKCU\...\StartupApproved\Run: => "Sony PC Companion"
HKCU\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"
HKCU\...\StartupApproved\Run: => "Skype"
HKCU\...\StartupApproved\Run: => "EPLTarget\P0000000000000002"
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Xbox Bluetooth Headset Stereo
Description: Bluetooth Stereo
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2DP
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/13/2014 00:15:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xd74
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5
 
Error: (07/13/2014 00:10:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.709.0, time stamp: 0x500cb70a
Faulting module name: tl_filter.dll_unloaded, version: 0.0.0.0, time stamp: 0x50123d74
Exception code: 0xc0000094
Fault offset: 0x1000c12d
Faulting process id: 0x788
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5
 
Error: (07/13/2014 00:08:34 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (07/13/2014 00:07:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (07/13/2014 00:07:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (07/13/2014 00:06:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xf40
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5
 
Error: (07/13/2014 00:05:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xe2c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5
 
Error: (07/13/2014 00:04:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x1064
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5
 
Error: (07/13/2014 00:02:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xf74
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5
 
Error: (07/13/2014 00:02:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.709.0, time stamp: 0x500cb70a
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x50123d74
Exception code: 0xc0000094
Fault offset: 0x0000c12d
Faulting process id: 0x13d4
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5
 
 
System errors:
=============
Error: (07/13/2014 00:12:55 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (07/13/2014 00:12:53 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (07/13/2014 00:10:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/13/2014 00:08:29 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (07/13/2014 00:03:41 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (07/13/2014 00:03:39 AM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)
Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
 
Error: (07/13/2014 00:02:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly.  It has done this 2 time(s).
 
Error: (07/13/2014 00:01:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/13/2014 00:01:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/13/2014 00:00:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (07/13/2014 00:15:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd7401cf9ddbc7b41aa9C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll05ba22b4-09cf-11e4-bf14-689423bdcf70
 
Error: (07/13/2014 00:10:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe9.0.709.0500cb70atl_filter.dll_unloaded0.0.0.050123d74c00000941000c12d78801cf9ddaf1342820C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exetl_filter.dll39ac564a-09ce-11e4-bf14-689423bdcf70
 
Error: (07/13/2014 00:08:34 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (07/13/2014 00:07:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F2030000E5050000
 
Error: (07/13/2014 00:07:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance163707000000000000000000008F020000
 
Error: (07/13/2014 00:06:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf4001cf9dda686c78ccC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlla63f19bf-09cd-11e4-bf13-689423bdcf70
 
Error: (07/13/2014 00:05:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fde2c01cf9dda458dffd3C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll83714a73-09cd-11e4-bf13-689423bdcf70
 
Error: (07/13/2014 00:04:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd106401cf9dda24acee4aC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll62929a54-09cd-11e4-bf13-689423bdcf70
 
Error: (07/13/2014 00:02:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf7401cf9dd9f8951bdcC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll36b64a7d-09cd-11e4-bf13-689423bdcf70
 
Error: (07/13/2014 00:02:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe9.0.709.0500cb70atl_filter.dll0.0.0.050123d74c00000940000c12d13d401cf9dd9eb4462ffC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exec:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll2ac5ddcb-09cd-11e4-bf13-689423bdcf70
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-11 16:23:07.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 16:22:28.600
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 15:12:41.491
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 14:29:58.822
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 14:27:56.462
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 14:27:32.539
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 14:26:47.153
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 14:20:17.038
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 12:23:37.746
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-07-11 12:22:59.323
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\CTAFX64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 44%
Total physical RAM: 3988.87 MB
Available physical RAM: 2222.88 MB
Total Pagefile: 4692.87 MB
Available Pagefile: 2745.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:910.94 GB) (Free:375.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.1 GB) (Free:2.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7B6F16B6)
 
Partition: GPT Partition Type.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
==================== End Of Log ============================

Edited by hamluis, 13 July 2014 - 04:02 AM.
Moved from Am I Infected to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 Tommyistic

Tommyistic
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:15 PM

Posted 13 July 2014 - 12:45 PM

can not delete this thread my wife is getting help already.



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:15 AM

Posted 18 July 2014 - 03:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/540766 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:15 AM

Posted 23 July 2014 - 03:05 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users