Trojaner-Board - Win 7: Mehrere Adware-Programme gefunden

Es kommt jedesmal wenn ich starte, also einmal und wenn ich auf "Ok" oder schliessen klicke geht sie weg und komm erst nach einem Neustart wieder.

FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014

Ran by Chiara (administrator) on BLUESTAR on 16-09-2014 18:42:02

Running from C:\Users\Chiara\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Malwarebytes Corporation) D:\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Oracle Corporation) C:\Program Files\Java\jre1.8.0_20\bin\javaw.exe

(Oracle Corporation) C:\Program Files\Java\jre1.8.0_20\bin\javaw.exe

(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7572696 2014-04-17] (Realtek Semiconductor)

HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)

HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-22] (ROCCAT GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.)

HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [432784 2012-05-10] (Stardock Corporation)

HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)

HKU\S-1-5-21-1268736343-3887576109-2910839842-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-31] (Electronic Arts)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

BootExecute: autocheck autochk * sdnclean64.exe
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x191D55E2A4CACF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)

BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 

FireFox:

========

FF ProfilePath: C:\Users\Chiara\AppData\Roaming\Mozilla\Firefox\Profiles\wblsi6v6.default-1408827089247

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.169\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: amptrakeepacom - C:\Users\Chiara\AppData\Roaming\Mozilla\Firefox\Profiles\wblsi6v6.default-1408827089247\Extensions\amptra@keepa.com [2014-09-08]

FF Extension: Adblock Plus - C:\Users\Chiara\AppData\Roaming\Mozilla\Firefox\Profiles\wblsi6v6.default-1408827089247\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-23]

FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
 

Chrome: 

=======

CHR NewTab: Default -> "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"

CHR Profile: C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-14]

CHR Extension: (Google Docs) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-14]

CHR Extension: (Google Drive) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-14]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]

CHR Extension: (YouTube) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-26]

CHR Extension: (Google Search) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-26]

CHR Extension: (Google Sheets) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-14]

CHR Extension: (Avira Browser Safety) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-08]

CHR Extension: (Skype Click to Call) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-31]

CHR Extension: (Google Wallet) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-26]

CHR Extension: (Disable AntiAdblock) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oimhabmdhenmcaligiilhadkdliolpah [2014-08-01]

CHR Extension: (Gmail) - C:\Users\Chiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-26]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx []

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]

R2 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)

S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-26] ()
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-15] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-08-15] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-11] (Intel Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-16] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S3 catchme; \??\C:\ComboFix\catchme.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-16 18:42 - 2014-09-16 18:42 - 00015920 _____ () C:\Users\Chiara\Downloads\FRST.txt

2014-09-16 18:41 - 2014-09-16 18:42 - 00000000 ____D () C:\FRST

2014-09-16 18:41 - 2014-09-16 18:41 - 02105856 _____ (Farbar) C:\Users\Chiara\Downloads\FRST64.exe

2014-09-15 21:51 - 2014-09-15 21:51 - 00000000 ____D () C:\Users\Chiara\Documents\201332Log.iniis

2014-09-15 21:48 - 2014-09-16 18:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-15 21:47 - 2014-09-15 21:47 - 00000618 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-15 21:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-09-15 21:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-09-15 21:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-09-15 21:45 - 2014-09-15 21:45 - 05329480 _____ (Secunia) C:\Users\Chiara\Desktop\PSISetup_3.0.0.9016.exe

2014-09-15 21:36 - 2014-09-15 21:37 - 00002519 _____ () C:\DelFix.txt

2014-09-15 21:34 - 2014-09-15 21:35 - 00000000 ___SD () C:\uninstall.exe

2014-09-14 21:56 - 2014-09-14 21:56 - 00008406 _____ () C:\Users\Chiara\AppData\Local\recently-used.xbel

2014-09-14 17:03 - 2014-09-14 17:03 - 00002242 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk

2014-09-14 16:44 - 2014-09-14 16:44 - 00002268 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk

2014-09-14 16:35 - 2014-09-14 17:01 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts

2014-09-14 16:34 - 2014-09-14 16:34 - 00003052 _____ () C:\Windows\System32\Tasks\{2879CBD8-3138-47D1-A430-ED37161ADFED}

2014-09-14 16:04 - 2014-09-14 16:04 - 00000000 ____D () C:\Users\Chiara\Documents\Electronic Arts

2014-09-14 16:02 - 2014-09-14 16:02 - 00003052 _____ () C:\Windows\System32\Tasks\{5AB2EF2A-A557-455F-9709-6140841F93ED}

2014-09-14 15:46 - 2014-09-14 15:46 - 00000477 _____ () C:\Users\Public\Desktop\Die*Sims™*3.lnk

2014-09-14 15:46 - 2014-09-14 15:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE

2014-09-14 10:46 - 2014-09-14 10:46 - 00000222 _____ () C:\Users\Chiara\Desktop\RaceRoom Racing Experience.url

2014-09-13 20:00 - 2014-09-13 20:00 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-09-13 12:40 - 2014-09-13 12:40 - 00000972 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk

2014-09-13 12:40 - 2014-09-13 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2014-09-13 12:38 - 2014-09-13 12:38 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Chiara\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe

2014-09-13 10:57 - 2014-09-13 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-09-12 19:46 - 2014-09-12 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-12 19:40 - 2014-09-15 21:36 - 00000000 ____D () C:\Windows\ERUNT

2014-09-12 19:26 - 2014-09-12 19:26 - 00000610 _____ () C:\Users\Chiara\Desktop\Revo Uninstaller.lnk

2014-09-11 19:10 - 2014-09-11 19:09 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-09-11 19:09 - 2014-09-11 19:09 - 00002076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Avira

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Avira

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-09-11 19:09 - 2014-08-15 10:30 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

2014-09-11 19:09 - 2014-08-15 10:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2014-09-11 19:09 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

2014-09-11 19:07 - 2014-09-11 19:07 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570(1).exe

2014-09-11 19:01 - 2014-09-11 19:25 - 00000000 ____D () C:\Windows\erdnt

2014-09-10 23:51 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-09-10 23:51 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-09-10 23:51 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-09-10 23:51 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-09-10 23:51 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-09-10 23:51 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-09-10 23:51 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-09-10 23:51 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-09-10 23:51 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-09-10 23:51 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-09-10 23:51 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-09-10 23:51 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-09-10 23:51 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-09-10 23:51 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-09-10 23:51 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-09-10 23:51 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-09-10 23:51 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-09-10 23:51 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-09-10 23:51 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-09-10 23:51 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-09-10 23:51 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-09-10 23:51 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-09-10 23:51 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-09-10 23:51 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-09-10 23:51 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-09-10 23:51 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-09-10 23:51 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-09-10 23:51 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-09-10 23:51 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-09-10 23:51 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-09-10 23:51 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-09-10 23:51 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-09-10 23:51 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-09-10 23:51 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-09-10 23:51 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-09-10 23:51 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-09-10 23:51 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-09-10 23:51 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-09-10 23:51 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-09-10 23:51 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-09-10 23:51 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-09-10 23:51 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-09-10 23:51 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-09-10 23:51 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-09-10 23:51 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-09-10 23:51 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-09-10 23:51 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-09-10 23:51 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-09-10 23:51 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-09-10 23:51 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-09-10 23:51 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-09-10 23:51 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-09-10 23:51 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-09-10 23:51 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-09-10 23:51 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-09-10 23:51 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-09-10 23:49 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-09-10 23:49 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-09-10 21:23 - 2014-09-10 21:23 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\LolClient

2014-09-10 21:01 - 2014-09-10 21:01 - 00001399 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk

2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Riot Games

2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2014-09-10 21:01 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll

2014-09-10 21:01 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll

2014-09-10 21:01 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll

2014-09-10 20:59 - 2014-09-12 21:07 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PMB Files

2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\ProgramData\PMB Files

2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\Program Files (x86)\Pando Networks

2014-09-10 20:58 - 2014-09-10 20:59 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Riot Games

2014-09-10 20:58 - 2014-09-10 20:58 - 34888568 _____ (Riot Games) C:\Users\Chiara\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe

2014-09-10 20:48 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-09-10 20:48 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-09-10 20:48 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-09-10 20:48 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-09-10 20:47 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-09-10 20:47 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-09-10 20:47 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-09-10 20:47 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-09-10 20:47 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-09-10 20:47 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-09-10 20:47 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-09-08 20:34 - 2014-09-08 20:34 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Chiara\Downloads\yet_another_cleaner_mat.exe

2014-09-08 20:34 - 2014-09-08 20:34 - 00001184 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-09-08 20:34 - 2014-09-08 20:34 - 00001172 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-09-08 20:34 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer

2014-09-08 20:33 - 2014-09-08 20:33 - 07500112 _____ (TeamViewer GmbH) C:\Users\Chiara\Downloads\TeamViewer_Setup_9.0.31064.exe

2014-09-08 19:53 - 2014-09-08 19:53 - 00000000 ____D () C:\Users\Chiara\Desktop\Avira

2014-09-08 19:41 - 2014-09-08 19:42 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570.exe

2014-09-07 16:31 - 2014-09-07 16:31 - 04901352 _____ (Piriform Ltd) C:\Users\Chiara\Downloads\ccsetup417.exe

2014-09-07 15:06 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140907-150655.backup

2014-09-07 14:49 - 2014-09-07 14:49 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-09-07 14:48 - 2014-09-11 19:24 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-09-07 14:48 - 2014-09-11 18:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-09-07 14:48 - 2014-09-07 14:48 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Chiara\Downloads\spybot-2.4.exe

2014-09-07 13:57 - 2014-09-16 18:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-07 13:57 - 2014-09-15 23:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-07 13:57 - 2014-09-07 14:29 - 00002315 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-09-07 13:57 - 2014-09-07 13:57 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-07 13:57 - 2014-09-07 13:57 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-07 13:57 - 2014-09-07 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-07 13:56 - 2014-09-08 20:21 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-09-07 13:56 - 2014-09-07 13:56 - 91906368 _____ (AVAST Software) C:\Users\Chiara\Downloads\avast_free_antivirus_setup_9_0_2021.exe

2014-09-07 11:30 - 2014-09-07 11:30 - 00000687 _____ () C:\awhADAD.tmp

2014-09-06 11:10 - 2014-09-06 11:10 - 00000687 _____ () C:\awhAF13.tmp

2014-09-05 19:33 - 2014-09-05 19:33 - 00000687 _____ () C:\awhAEE4.tmp

2014-09-01 14:47 - 2014-09-01 14:47 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\java

2014-09-01 14:46 - 2014-09-01 14:46 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\Program Files\Java

2014-09-01 14:36 - 2014-09-01 14:37 - 01101648 _____ () C:\Users\Chiara\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe

2014-09-01 10:17 - 2014-09-01 10:17 - 00000687 _____ () C:\awhAE57.tmp

2014-08-31 21:14 - 2014-08-31 21:14 - 00000687 _____ () C:\awhAD4E.tmp

2014-08-31 10:09 - 2014-08-31 10:09 - 00000687 _____ () C:\awhAD20.tmp

2014-08-30 10:34 - 2014-08-30 10:34 - 00000687 _____ () C:\awhAD1F.tmp

2014-08-29 19:06 - 2014-08-29 19:06 - 00000687 _____ () C:\awhC35E.tmp

2014-08-28 19:28 - 2014-08-28 19:28 - 00000687 _____ () C:\awhADAC.tmp

2014-08-28 19:28 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-28 19:28 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-28 19:28 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-27 18:47 - 2014-08-27 18:47 - 00000687 _____ () C:\awhACF1.tmp

2014-08-26 23:18 - 2014-08-26 23:23 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr

2014-08-26 23:15 - 2014-08-26 23:23 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Windows\SysWOW64\pbsvc.exe

2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Users\Chiara\Downloads\pbsvc.exe

2014-08-26 23:15 - 2014-08-26 23:15 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-08-26 23:01 - 2014-08-26 23:02 - 00000000 ____D () C:\Users\Chiara\Documents\Battlefield 3

2014-08-26 23:01 - 2014-08-26 23:01 - 02247976 _____ () C:\Users\Chiara\Downloads\battlelog-web-plugins_2.4.0_145.exe

2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PunkBuster

2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\ESN

2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

2014-08-26 22:56 - 2014-08-26 22:56 - 00000000 ____D () C:\ProgramData\EA Core

2014-08-26 22:52 - 2014-09-16 18:38 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-08-26 22:52 - 2014-08-26 22:56 - 00000000 ____D () C:\ProgramData\Electronic Arts

2014-08-26 22:52 - 2014-08-26 22:55 - 00000000 ____D () C:\Users\Chiara\AppData\Local\Origin

2014-08-26 22:52 - 2014-08-26 22:52 - 00000989 _____ () C:\Users\Public\Desktop\Origin.lnk

2014-08-26 22:52 - 2014-08-26 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2014-08-26 22:51 - 2014-08-26 22:51 - 17091640 _____ (Electronic Arts, Inc.) C:\Users\Chiara\Downloads\OriginThinSetup(1).exe

2014-08-26 22:02 - 2014-08-26 22:02 - 00000192 _____ () C:\Users\Chiara\Desktop\Fowl Space.url

2014-08-26 20:01 - 2014-08-26 20:01 - 20128064 _____ (Gameforge ) C:\Users\Chiara\Downloads\Elsword_GameforgeLiveSetup.exe

2014-08-26 20:01 - 2014-08-26 20:01 - 00001164 _____ () C:\Users\Public\Desktop\Elsword.lnk

2014-08-26 18:55 - 2014-08-26 18:55 - 00000687 _____ () C:\awhBD07.tmp

2014-08-25 19:39 - 2014-08-25 19:39 - 00000222 _____ () C:\Users\Chiara\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url

2014-08-25 19:26 - 2014-08-25 19:26 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client

2014-08-25 19:23 - 2014-08-25 19:23 - 00000221 _____ () C:\Users\Chiara\Desktop\Dungeon Defenders.url

2014-08-25 19:13 - 2014-08-25 19:13 - 00000220 _____ () C:\Users\Chiara\Desktop\Garry's Mod.url

2014-08-25 18:23 - 2014-08-25 18:23 - 00000687 _____ () C:\awhBAE5.tmp

2014-08-24 10:52 - 2014-08-24 10:52 - 00000687 _____ () C:\awhAD10.tmp

2014-08-23 16:43 - 2014-08-23 16:43 - 00000687 _____ () C:\awhAFBE.tmp

2014-08-22 09:22 - 2014-08-22 09:22 - 00000687 _____ () C:\awhACE1.tmp

2014-08-21 10:56 - 2014-08-21 10:56 - 00000687 _____ () C:\awhAD00.tmp

2014-08-20 18:54 - 2014-08-20 18:54 - 00000687 _____ () C:\awhB2CA.tmp

2014-08-19 23:08 - 2014-09-01 13:48 - 00000222 _____ () C:\Users\Chiara\Desktop\Robocraft.url

2014-08-19 22:51 - 2014-08-22 10:08 - 00000000 ____D () C:\Users\Chiara\Desktop\Top_50_Steam-Skins

2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\WinRAR

2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-08-19 22:37 - 2014-08-19 22:38 - 00000000 ____D () C:\Program Files\WinRAR

2014-08-19 22:37 - 2014-08-19 22:37 - 02060744 _____ () C:\Users\Chiara\Downloads\winrar-x64-510d.exe

2014-08-19 18:58 - 2014-08-19 18:58 - 00000687 _____ () C:\awhB634.tmp

2014-08-18 23:58 - 2014-08-18 23:58 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(3).exe

2014-08-18 18:24 - 2014-08-18 18:24 - 00083292 _____ () C:\Users\Chiara\Downloads\flashblock-1.5.14.2-fx.xpi

2014-08-18 18:24 - 2014-08-18 18:24 - 00000687 _____ () C:\awhAB0D.tmp

2014-08-17 20:20 - 2014-08-17 20:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-08-17 19:21 - 2014-08-17 19:21 - 01101648 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi - CHIP-Installer.exe

2014-08-17 19:21 - 2014-08-17 19:21 - 00919582 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi.zip

2014-08-17 18:13 - 2014-08-25 19:21 - 00000221 _____ () C:\Users\Chiara\Desktop\Sanctum.url

2014-08-17 16:38 - 2014-08-17 16:38 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(2).exe

2014-08-17 16:35 - 2014-08-17 16:39 - 70887879 _____ () C:\Users\Chiara\Downloads\Top_50_Steam-Skins.zip

2014-08-17 16:22 - 2014-08-17 16:22 - 00735492 _____ () C:\Users\Chiara\Downloads\chrysalis_steam_skin_by_falxor-d5ddrzl.zip

2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer.exe

2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(1).exe

2014-08-17 15:17 - 2014-08-17 15:17 - 01101648 _____ () C:\Users\Chiara\Downloads\Firefox 34 Nightly 64 Bit - CHIP-Installer.exe

2014-08-17 14:24 - 2014-09-14 17:35 - 00000000 ____D () C:\Users\Chiara\Documents\My Games

2014-08-17 14:20 - 2014-08-25 19:18 - 00000222 _____ () C:\Users\Chiara\Desktop\Sanctum 2.url

2014-08-17 13:47 - 2014-08-23 22:51 - 00000000 ____D () C:\Users\Chiara\Desktop\Alte Firefox-Daten

2014-08-17 13:29 - 2014-08-17 13:29 - 00000687 _____ () C:\awhCC24.tmp

2014-08-17 11:53 - 2014-08-17 11:53 - 00000687 _____ () C:\awhD087.tmp

2014-08-17 02:26 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-17 02:26 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-17 02:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-17 02:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-17 02:26 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-17 02:26 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-17 02:26 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-17 02:26 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-09-16 18:42 - 2014-09-16 18:42 - 00015920 _____ () C:\Users\Chiara\Downloads\FRST.txt

2014-09-16 18:42 - 2014-09-16 18:41 - 00000000 ____D () C:\FRST

2014-09-16 18:41 - 2014-09-16 18:41 - 02105856 _____ (Farbar) C:\Users\Chiara\Downloads\FRST64.exe

2014-09-16 18:41 - 2014-07-31 22:39 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Skype

2014-09-16 18:41 - 2014-07-26 19:30 - 01643169 _____ () C:\Windows\WindowsUpdate.log

2014-09-16 18:40 - 2014-07-31 22:34 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\.minecraft

2014-09-16 18:40 - 2014-07-26 20:39 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log

2014-09-16 18:38 - 2014-09-15 21:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-09-16 18:38 - 2014-09-07 13:57 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-09-16 18:38 - 2014-08-26 22:52 - 00000000 ____D () C:\Program Files (x86)\Origin

2014-09-16 18:38 - 2014-08-13 11:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-09-16 18:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-09-16 18:37 - 2009-07-14 06:51 - 00033046 _____ () C:\Windows\setupact.log

2014-09-15 23:02 - 2014-09-07 13:57 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-09-15 22:00 - 2009-07-14 06:45 - 00022864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-09-15 22:00 - 2009-07-14 06:45 - 00022864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-09-15 21:59 - 2009-07-14 19:58 - 00700414 _____ () C:\Windows\system32\perfh007.dat

2014-09-15 21:59 - 2009-07-14 19:58 - 00150052 _____ () C:\Windows\system32\perfc007.dat

2014-09-15 21:59 - 2009-07-14 07:13 - 01623866 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-09-15 21:56 - 2014-07-31 22:27 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-09-15 21:54 - 2014-08-01 14:15 - 00000000 ____D () C:\ProgramData\Origin

2014-09-15 21:51 - 2014-09-15 21:51 - 00000000 ____D () C:\Users\Chiara\Documents\201332Log.iniis

2014-09-15 21:47 - 2014-09-15 21:47 - 00000618 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-09-15 21:47 - 2014-09-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-09-15 21:45 - 2014-09-15 21:45 - 05329480 _____ (Secunia) C:\Users\Chiara\Desktop\PSISetup_3.0.0.9016.exe

2014-09-15 21:40 - 2014-07-26 19:58 - 01563496 _____ () C:\Windows\PFRO.log

2014-09-15 21:37 - 2014-09-15 21:36 - 00002519 _____ () C:\DelFix.txt

2014-09-15 21:36 - 2014-09-12 19:40 - 00000000 ____D () C:\Windows\ERUNT

2014-09-15 21:35 - 2014-09-15 21:34 - 00000000 ___SD () C:\uninstall.exe

2014-09-15 18:20 - 2014-08-01 17:22 - 00000000 ____D () C:\Users\Chiara\Downloads\Gameforge Live

2014-09-15 00:24 - 2014-08-02 14:55 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\TS3Client

2014-09-14 21:57 - 2014-08-01 13:28 - 00000000 ____D () C:\Users\Chiara\.gimp-2.8

2014-09-14 21:56 - 2014-09-14 21:56 - 00008406 _____ () C:\Users\Chiara\AppData\Local\recently-used.xbel

2014-09-14 21:51 - 2014-08-01 13:29 - 00000000 ____D () C:\Users\Chiara\AppData\Local\gtk-2.0

2014-09-14 17:35 - 2014-08-17 14:24 - 00000000 ____D () C:\Users\Chiara\Documents\My Games

2014-09-14 17:35 - 2014-08-01 14:17 - 00063751 _____ () C:\Windows\DirectX.log

2014-09-14 17:03 - 2014-09-14 17:03 - 00002242 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Inselparadies.lnk

2014-09-14 17:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-09-14 17:01 - 2014-09-14 16:35 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts

2014-09-14 17:01 - 2014-07-26 20:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-09-14 16:44 - 2014-09-14 16:44 - 00002268 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Einfach tierisch.lnk

2014-09-14 16:34 - 2014-09-14 16:34 - 00003052 _____ () C:\Windows\System32\Tasks\{2879CBD8-3138-47D1-A430-ED37161ADFED}

2014-09-14 16:04 - 2014-09-14 16:04 - 00000000 ____D () C:\Users\Chiara\Documents\Electronic Arts

2014-09-14 16:02 - 2014-09-14 16:02 - 00003052 _____ () C:\Windows\System32\Tasks\{5AB2EF2A-A557-455F-9709-6140841F93ED}

2014-09-14 15:46 - 2014-09-14 15:46 - 00000477 _____ () C:\Users\Public\Desktop\Die*Sims™*3.lnk

2014-09-14 15:46 - 2014-09-14 15:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft WSE

2014-09-14 10:46 - 2014-09-14 10:46 - 00000222 _____ () C:\Users\Chiara\Desktop\RaceRoom Racing Experience.url

2014-09-14 10:46 - 2014-08-13 11:55 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-09-13 20:00 - 2014-09-13 20:00 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-09-13 19:54 - 2014-08-13 11:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-09-13 14:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-09-13 12:40 - 2014-09-13 12:40 - 00000972 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk

2014-09-13 12:40 - 2014-09-13 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft

2014-09-13 12:40 - 2014-08-01 11:12 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\DVDVideoSoft

2014-09-13 12:38 - 2014-09-13 12:38 - 30419936 _____ (DVDVideoSoft Ltd. ) C:\Users\Chiara\Downloads\FreeYouTubeToMP3Converter3.12.44.908.exe

2014-09-13 10:57 - 2014-09-13 10:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-09-12 21:07 - 2014-09-10 20:59 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PMB Files

2014-09-12 19:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss

2014-09-12 19:46 - 2014-09-12 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-09-12 19:26 - 2014-09-12 19:26 - 00000610 _____ () C:\Users\Chiara\Desktop\Revo Uninstaller.lnk

2014-09-11 19:25 - 2014-09-11 19:01 - 00000000 ____D () C:\Windows\erdnt

2014-09-11 19:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default

2014-09-11 19:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini

2014-09-11 19:24 - 2014-09-07 14:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2014-09-11 19:24 - 2009-07-14 04:34 - 69730304 _____ () C:\Windows\system32\config\SOFTWARE.bak

2014-09-11 19:24 - 2009-07-14 04:34 - 18087936 _____ () C:\Windows\system32\config\SYSTEM.bak

2014-09-11 19:24 - 2009-07-14 04:34 - 04980736 _____ () C:\Windows\system32\config\DEFAULT.bak

2014-09-11 19:24 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak

2014-09-11 19:24 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak

2014-09-11 19:09 - 2014-09-11 19:10 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

2014-09-11 19:09 - 2014-09-11 19:09 - 00002076 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Avira

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\ProgramData\Avira

2014-09-11 19:09 - 2014-09-11 19:09 - 00000000 ____D () C:\Program Files (x86)\Avira

2014-09-11 19:07 - 2014-09-11 19:07 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570(1).exe

2014-09-11 18:54 - 2014-09-07 14:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-09-11 18:51 - 2014-07-26 19:56 - 00000000 ____D () C:\ProgramData\Package Cache

2014-09-10 23:50 - 2014-07-27 22:34 - 00002083 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-09-10 23:50 - 2014-07-27 22:34 - 00001912 _____ () C:\Windows\epplauncher.mif

2014-09-10 23:50 - 2014-07-27 22:34 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-09-10 23:50 - 2014-07-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2014-09-10 23:50 - 2014-07-26 22:01 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-10 23:50 - 2014-07-26 20:34 - 01597210 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-09-10 23:49 - 2014-07-26 22:17 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-09-10 23:49 - 2014-07-26 22:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-09-10 21:23 - 2014-09-10 21:23 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\LolClient

2014-09-10 21:01 - 2014-09-10 21:01 - 00001399 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk

2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Riot Games

2014-09-10 21:01 - 2014-09-10 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\ProgramData\PMB Files

2014-09-10 20:59 - 2014-09-10 20:59 - 00000000 ____D () C:\Program Files (x86)\Pando Networks

2014-09-10 20:59 - 2014-09-10 20:58 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Riot Games

2014-09-10 20:58 - 2014-09-10 20:58 - 34888568 _____ (Riot Games) C:\Users\Chiara\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe

2014-09-09 19:38 - 2014-08-13 11:30 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-09-09 19:38 - 2014-08-13 11:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-09-09 19:38 - 2014-08-13 11:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-09-08 20:57 - 2009-07-14 06:45 - 00272104 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-09-08 20:35 - 2014-07-26 20:47 - 00060056 _____ () C:\Users\Chiara\AppData\Local\GDIPFONTCACHEV1.DAT

2014-09-08 20:34 - 2014-09-08 20:34 - 00865688 _____ (Elex do Brasil Participações Ltda) C:\Users\Chiara\Downloads\yet_another_cleaner_mat.exe

2014-09-08 20:34 - 2014-09-08 20:34 - 00001184 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-09-08 20:34 - 2014-09-08 20:34 - 00001172 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-09-08 20:34 - 2014-09-08 20:34 - 00000000 ____D () C:\Program Files (x86)\TeamViewer

2014-09-08 20:33 - 2014-09-08 20:33 - 07500112 _____ (TeamViewer GmbH) C:\Users\Chiara\Downloads\TeamViewer_Setup_9.0.31064.exe

2014-09-08 20:21 - 2014-09-07 13:56 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-09-08 19:53 - 2014-09-08 19:53 - 00000000 ____D () C:\Users\Chiara\Desktop\Avira

2014-09-08 19:42 - 2014-09-08 19:41 - 149527616 _____ () C:\Users\Chiara\Downloads\avira_free_antivirus_de_14.0.6.570.exe

2014-09-08 19:13 - 2014-08-01 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock

2014-09-07 16:56 - 2014-07-31 23:49 - 00000000 ____D () C:\ProgramData\201a2422637f1f74

2014-09-07 16:31 - 2014-09-07 16:31 - 04901352 _____ (Piriform Ltd) C:\Users\Chiara\Downloads\ccsetup417.exe

2014-09-07 14:49 - 2014-09-07 14:49 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking

2014-09-07 14:48 - 2014-09-07 14:48 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Chiara\Downloads\spybot-2.4.exe

2014-09-07 14:29 - 2014-09-07 13:57 - 00002315 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-09-07 14:29 - 2014-08-13 11:37 - 00000000 ____D () C:\Users\Chiara\AppData\Local\4945

2014-09-07 14:24 - 2014-07-31 22:39 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-09-07 13:57 - 2014-09-07 13:57 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-09-07 13:57 - 2014-09-07 13:57 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-09-07 13:57 - 2014-09-07 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-09-07 13:57 - 2014-07-26 19:54 - 00000000 ____D () C:\Program Files (x86)\Google

2014-09-07 13:56 - 2014-09-07 13:56 - 91906368 _____ (AVAST Software) C:\Users\Chiara\Downloads\avast_free_antivirus_setup_9_0_2021.exe

2014-09-07 11:30 - 2014-09-07 11:30 - 00000687 _____ () C:\awhADAD.tmp

2014-09-06 11:10 - 2014-09-06 11:10 - 00000687 _____ () C:\awhAF13.tmp

2014-09-05 19:33 - 2014-09-05 19:33 - 00000687 _____ () C:\awhAEE4.tmp

2014-09-05 19:32 - 2014-08-01 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live

2014-09-05 19:32 - 2014-08-01 17:22 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive

2014-09-05 04:10 - 2014-09-10 20:47 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-09-05 04:05 - 2014-09-10 20:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-09-01 14:47 - 2014-09-01 14:47 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\java

2014-09-01 14:46 - 2014-09-01 14:46 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-09-01 14:46 - 2014-09-01 14:46 - 00000000 ____D () C:\Program Files\Java

2014-09-01 14:38 - 2014-07-26 23:25 - 00000000 ____D () C:\ProgramData\Oracle

2014-09-01 14:37 - 2014-09-01 14:36 - 01101648 _____ () C:\Users\Chiara\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe

2014-09-01 13:48 - 2014-08-19 23:08 - 00000222 _____ () C:\Users\Chiara\Desktop\Robocraft.url

2014-09-01 10:17 - 2014-09-01 10:17 - 00000687 _____ () C:\awhAE57.tmp

2014-08-31 21:14 - 2014-08-31 21:14 - 00000687 _____ () C:\awhAD4E.tmp

2014-08-31 10:09 - 2014-08-31 10:09 - 00000687 _____ () C:\awhAD20.tmp

2014-08-30 10:34 - 2014-08-30 10:34 - 00000687 _____ () C:\awhAD1F.tmp

2014-08-29 19:06 - 2014-08-29 19:06 - 00000687 _____ () C:\awhC35E.tmp

2014-08-28 19:28 - 2014-08-28 19:28 - 00000687 _____ () C:\awhADAC.tmp

2014-08-27 18:47 - 2014-08-27 18:47 - 00000687 _____ () C:\awhACF1.tmp

2014-08-26 23:23 - 2014-08-26 23:18 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr

2014-08-26 23:23 - 2014-08-26 23:15 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-08-26 23:19 - 2014-08-01 17:03 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Windows\SysWOW64\pbsvc.exe

2014-08-26 23:15 - 2014-08-26 23:15 - 00912744 _____ () C:\Users\Chiara\Downloads\pbsvc.exe

2014-08-26 23:15 - 2014-08-26 23:15 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-08-26 23:02 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\Documents\Battlefield 3

2014-08-26 23:01 - 2014-08-26 23:01 - 02247976 _____ () C:\Users\Chiara\Downloads\battlelog-web-plugins_2.4.0_145.exe

2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\PunkBuster

2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Users\Chiara\AppData\Local\ESN

2014-08-26 23:01 - 2014-08-26 23:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

2014-08-26 22:56 - 2014-08-26 22:56 - 00000000 ____D () C:\ProgramData\EA Core

2014-08-26 22:56 - 2014-08-26 22:52 - 00000000 ____D () C:\ProgramData\Electronic Arts

2014-08-26 22:55 - 2014-08-26 22:52 - 00000000 ____D () C:\Users\Chiara\AppData\Local\Origin

2014-08-26 22:52 - 2014-08-26 22:52 - 00000989 _____ () C:\Users\Public\Desktop\Origin.lnk

2014-08-26 22:52 - 2014-08-26 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin

2014-08-26 22:51 - 2014-08-26 22:51 - 17091640 _____ (Electronic Arts, Inc.) C:\Users\Chiara\Downloads\OriginThinSetup(1).exe

2014-08-26 22:02 - 2014-08-26 22:02 - 00000192 _____ () C:\Users\Chiara\Desktop\Fowl Space.url

2014-08-26 20:01 - 2014-08-26 20:01 - 20128064 _____ (Gameforge ) C:\Users\Chiara\Downloads\Elsword_GameforgeLiveSetup.exe

2014-08-26 20:01 - 2014-08-26 20:01 - 00001164 _____ () C:\Users\Public\Desktop\Elsword.lnk

2014-08-26 18:55 - 2014-08-26 18:55 - 00000687 _____ () C:\awhBD07.tmp

2014-08-25 19:39 - 2014-08-25 19:39 - 00000222 _____ () C:\Users\Chiara\Desktop\Red Orchestra 2 Heroes of Stalingrad - Single Player.url

2014-08-25 19:28 - 2014-08-01 14:30 - 00000222 _____ () C:\Users\Chiara\Desktop\Euro Truck Simulator 2.url

2014-08-25 19:26 - 2014-08-25 19:26 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client

2014-08-25 19:23 - 2014-08-25 19:23 - 00000221 _____ () C:\Users\Chiara\Desktop\Dungeon Defenders.url

2014-08-25 19:21 - 2014-08-17 18:13 - 00000221 _____ () C:\Users\Chiara\Desktop\Sanctum.url

2014-08-25 19:18 - 2014-08-17 14:20 - 00000222 _____ () C:\Users\Chiara\Desktop\Sanctum 2.url

2014-08-25 19:13 - 2014-08-25 19:13 - 00000220 _____ () C:\Users\Chiara\Desktop\Garry's Mod.url

2014-08-25 18:23 - 2014-08-25 18:23 - 00000687 _____ () C:\awhBAE5.tmp

2014-08-24 10:52 - 2014-08-24 10:52 - 00000687 _____ () C:\awhAD10.tmp

2014-08-23 22:51 - 2014-08-17 13:47 - 00000000 ____D () C:\Users\Chiara\Desktop\Alte Firefox-Daten

2014-08-23 16:43 - 2014-08-23 16:43 - 00000687 _____ () C:\awhAFBE.tmp

2014-08-23 04:07 - 2014-08-28 19:28 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-23 03:45 - 2014-08-28 19:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-23 02:59 - 2014-08-28 19:28 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-22 10:08 - 2014-08-19 22:51 - 00000000 ____D () C:\Users\Chiara\Desktop\Top_50_Steam-Skins

2014-08-22 09:22 - 2014-08-22 09:22 - 00000687 _____ () C:\awhACE1.tmp

2014-08-21 10:56 - 2014-08-21 10:56 - 00000687 _____ () C:\awhAD00.tmp

2014-08-20 18:54 - 2014-08-20 18:54 - 00000687 _____ () C:\awhB2CA.tmp

2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\WinRAR

2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-08-19 22:38 - 2014-08-19 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2014-08-19 22:38 - 2014-08-19 22:37 - 00000000 ____D () C:\Program Files\WinRAR

2014-08-19 22:37 - 2014-08-19 22:37 - 02060744 _____ () C:\Users\Chiara\Downloads\winrar-x64-510d.exe

2014-08-19 20:05 - 2014-09-10 23:51 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-19 19:39 - 2014-09-10 23:51 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-08-19 18:58 - 2014-08-19 18:58 - 00000687 _____ () C:\awhB634.tmp

2014-08-19 01:01 - 2014-09-10 23:51 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-19 00:29 - 2014-09-10 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-19 00:29 - 2014-09-10 23:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-08-19 00:26 - 2014-09-10 23:51 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-19 00:20 - 2014-09-10 23:51 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-19 00:19 - 2014-09-10 23:51 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-19 00:15 - 2014-09-10 23:51 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-19 00:15 - 2014-09-10 23:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-19 00:14 - 2014-09-10 23:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-08-19 00:14 - 2014-09-10 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-08-19 00:08 - 2014-09-10 23:51 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-19 00:08 - 2014-09-10 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-19 00:08 - 2014-09-10 23:51 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-19 00:05 - 2014-09-10 23:51 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-19 00:03 - 2014-09-10 23:51 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-08-19 00:03 - 2014-09-10 23:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-19 00:03 - 2014-09-10 23:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-08-18 23:58 - 2014-08-18 23:58 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(3).exe

2014-08-18 23:57 - 2014-09-10 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-18 23:56 - 2014-09-10 23:51 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-18 23:51 - 2014-09-10 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-18 23:46 - 2014-09-10 23:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-18 23:45 - 2014-09-10 23:51 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-18 23:45 - 2014-09-10 23:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-08-18 23:44 - 2014-09-10 23:51 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-18 23:44 - 2014-09-10 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-18 23:42 - 2014-09-10 23:51 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-18 23:40 - 2014-09-10 23:51 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-18 23:39 - 2014-09-10 23:51 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-18 23:39 - 2014-09-10 23:51 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-18 23:39 - 2014-09-10 23:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-08-18 23:38 - 2014-09-10 23:51 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-18 23:37 - 2014-09-10 23:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-18 23:36 - 2014-09-10 23:51 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-18 23:35 - 2014-09-10 23:51 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-08-18 23:27 - 2014-09-10 23:51 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-18 23:25 - 2014-09-10 23:51 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-18 23:25 - 2014-09-10 23:51 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-18 23:23 - 2014-09-10 23:51 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-18 23:23 - 2014-09-10 23:51 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-08-18 23:22 - 2014-09-10 23:51 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-18 23:19 - 2014-09-10 23:51 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-08-18 23:17 - 2014-09-10 23:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-18 23:17 - 2014-09-10 23:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-18 23:16 - 2014-09-10 23:51 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-18 23:15 - 2014-09-10 23:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-18 23:15 - 2014-09-10 23:51 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-18 23:09 - 2014-09-10 23:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-18 23:08 - 2014-09-10 23:51 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-18 23:07 - 2014-09-10 23:51 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-18 22:55 - 2014-09-10 23:51 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-18 22:46 - 2014-09-10 23:51 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-18 22:38 - 2014-09-10 23:51 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-18 22:38 - 2014-09-10 23:51 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-18 22:36 - 2014-09-10 23:51 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-08-18 18:24 - 2014-08-18 18:24 - 00083292 _____ () C:\Users\Chiara\Downloads\flashblock-1.5.14.2-fx.xpi

2014-08-18 18:24 - 2014-08-18 18:24 - 00000687 _____ () C:\awhAB0D.tmp

2014-08-17 20:20 - 2014-08-17 20:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-08-17 19:21 - 2014-08-17 19:21 - 01101648 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi - CHIP-Installer.exe

2014-08-17 19:21 - 2014-08-17 19:21 - 00919582 _____ () C:\Users\Chiara\Downloads\adblock_plus-2.6.4-fx_an_sm_tb.xpi.zip

2014-08-17 16:39 - 2014-08-17 16:35 - 70887879 _____ () C:\Users\Chiara\Downloads\Top_50_Steam-Skins.zip

2014-08-17 16:38 - 2014-08-17 16:38 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(2).exe

2014-08-17 16:22 - 2014-08-17 16:22 - 00735492 _____ () C:\Users\Chiara\Downloads\chrysalis_steam_skin_by_falxor-d5ddrzl.zip

2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer.exe

2014-08-17 16:12 - 2014-08-17 16:12 - 01101648 _____ () C:\Users\Chiara\Downloads\Steam Skin Pack - CHIP-Installer(1).exe

2014-08-17 15:17 - 2014-08-17 15:17 - 01101648 _____ () C:\Users\Chiara\Downloads\Firefox 34 Nightly 64 Bit - CHIP-Installer.exe

2014-08-17 13:29 - 2014-08-17 13:29 - 00000687 _____ () C:\awhCC24.tmp

2014-08-17 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-08-17 11:53 - 2014-08-17 11:53 - 00000687 _____ () C:\awhD087.tmp

2014-08-17 11:52 - 2014-08-10 18:57 - 00000000 ____D () C:\Users\Chiara\AppData\Roaming\Gameo
 

Some content of TEMP:

====================

C:\Users\Chiara\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-06 21:18
 

==================== End Of Log ============================
--- --- ---