Katzenauge88 | 27.11.2014 15:24 | AdwCleaner Logfile: Code:
# AdwCleaner v4.102 - Bericht erstellt am 27/11/2014 um 12:32:05
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-27.1 [Live]
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Christina - VFL1900
# Gestartet von : C:\Users\Christina\Downloads\AdwCleaner_4.102.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Pokki
Ordner Gelöscht : C:\Users\Christina\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Christina\AppData\Local\Pokki
Ordner Gelöscht : C:\Users\Christina\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\CHRIST~1\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\Christina\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Christina\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Christina\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Christina\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\Christina\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default\searchplugins\trovi-search.xml
Datei Gelöscht : C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default\searchplugins\Web Search.xml
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Directory\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\Drive\shell\pokki
Schlüssel Gelöscht : HKCU\Software\Classes\lnkfile\shell\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4E71C441-AC1E-4B9B-9BEE-C67F9FE3AF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.17148
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v33.1 (x86 de)
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Web Search");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4G4avepFD7B7tQI75duRaUfZXHf1FSQyNBVfTAXBd1a-J_dVGzOLjDonrTfLtbBMfGyirXNvH[...]
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "yahoooc");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/i.linkuryjs.info\\\\\\/kury\\\\\\[...]
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.installationid", "70261997-9771-8376-170f-4d937b72195f");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.installdate", "09/02/2014");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1392463288566");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.publisher", "yahoooc");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.type", "hp1000");
[xo53irn6.default\prefs.js] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4G4avepFD7B7tQI75duRaUfZXHf1FSQyNBVfTAXBd1a-J_dVGzOLjDonrTfLtbBMTxcZGNvWHWywFGDI3W3KuF[...]
-\\ Opera v20.0.1387.82
*************************
AdwCleaner[R0].txt - [13670 octets] - [27/11/2014 12:30:50]
AdwCleaner[S0].txt - [10985 octets] - [27/11/2014 12:32:05]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11046 octets] ########## --- --- ---
JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 8 x64
Ran by Christina on 27.11.2014 at 13:42:06,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\ammyy"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Christina\AppData\Roaming\mozilla\firefox\profiles\xo53irn6.default\extensions\toolbar@web.de
Successfully deleted the following from C:\Users\Christina\AppData\Roaming\mozilla\firefox\profiles\xo53irn6.default\prefs.js
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
Emptied folder: C:\Users\Christina\AppData\Roaming\mozilla\firefox\profiles\xo53irn6.default\minidumps [13 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.11.2014 at 13:45:46,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- --- --- Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Protection, 27.11.2014 13:55:37, SYSTEM, VFL1900, Protection, Malware Protection, Starting,
Protection, 27.11.2014 13:55:37, SYSTEM, VFL1900, Protection, Malware Protection, Started,
Protection, 27.11.2014 13:55:37, SYSTEM, VFL1900, Protection, Malicious Website Protection, Starting,
Protection, 27.11.2014 13:55:37, SYSTEM, VFL1900, Protection, Malicious Website Protection, Started,
Update, 27.11.2014 13:55:39, SYSTEM, VFL1900, Manual, Rootkit Database, 2014.9.18.1, 2014.11.22.1,
Update, 27.11.2014 13:55:42, SYSTEM, VFL1900, Manual, Malware Database, 2014.9.19.5, 2014.11.27.5,
Protection, 27.11.2014 13:55:42, SYSTEM, VFL1900, Protection, Refresh, Starting,
Protection, 27.11.2014 13:55:42, SYSTEM, VFL1900, Protection, Malicious Website Protection, Stopping,
Protection, 27.11.2014 13:55:42, SYSTEM, VFL1900, Protection, Malicious Website Protection, Stopped,
Protection, 27.11.2014 13:55:46, SYSTEM, VFL1900, Protection, Refresh, Success,
Protection, 27.11.2014 13:55:46, SYSTEM, VFL1900, Protection, Malicious Website Protection, Starting,
Protection, 27.11.2014 13:55:46, SYSTEM, VFL1900, Protection, Malicious Website Protection, Started,
Scan, 27.11.2014 15:14:01, SYSTEM, VFL1900, Manual, Start: % 1 "% 2", Dauer: % 1 min 23 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 2 Malwareerkennung, 30-Malwareerkennung,
Protection, 27.11.2014 15:15:44, SYSTEM, VFL1900, Protection, Malware Protection, Starting,
Protection, 27.11.2014 15:15:44, SYSTEM, VFL1900, Protection, Malware Protection, Started,
Protection, 27.11.2014 15:15:44, SYSTEM, VFL1900, Protection, Malicious Website Protection, Starting,
Protection, 27.11.2014 15:16:58, SYSTEM, VFL1900, Protection, Malicious Website Protection, Started,
(end)
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Christina (administrator) on VFL1900 on 27-11-2014 15:23:14
Running from C:\Users\Christina\Downloads
Loaded Profiles: UpdatusUser & Christina (Available profiles: UpdatusUser & Christina)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Akamai Technologies, Inc.) C:\Users\Christina\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Christina\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3016432 2013-03-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Smart File Advisor] => C:\Program Files (x86)\Smart File Advisor\sfa.exe [283712 2013-11-26] (Filefacts.net)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\Run: [Akamai NetSession Interface] => C:\Users\Christina\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-10-11] (Electronic Arts)
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\RunOnce: [Application Restart #1] => C:\Users\Christina\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-s (the data entry has 548 more characters).
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\RunOnce: [Application Restart #0] => C:\Users\Christina\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable (the data entry has 557 more characters).
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\MountPoints2: {1f037c66-3c1c-11e4-be8d-78843c345e4f} - "F:\Startme.exe"
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\MountPoints2: {fe31343b-8dcd-11e3-be7b-78843c345e4f} - "D:\SETUP.EXE"
HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\MountPoints2: {feb1c31a-26f2-11e4-be8b-78843c345e4f} - "E:\SISetup.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-03-07] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [201576 2013-03-07] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2103582913-709214951-153368262-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2103582913-709214951-153368262-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-2103582913-709214951-153368262-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> DefaultScope {7C4BC3F2-9BB5-4B11-AE8E-120F2AA7869E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM -> {7C4BC3F2-9BB5-4B11-AE8E-120F2AA7869E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-2103582913-709214951-153368262-1002 -> DefaultScope {7C4BC3F2-9BB5-4B11-AE8E-120F2AA7869E} URL =
SearchScopes: HKU\S-1-5-21-2103582913-709214951-153368262-1002 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-iobit
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.3: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2103582913-709214951-153368262-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Avira Browser Safety - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default\Extensions\abs@avira.com [2014-11-19]
FF Extension: Download videos and MP3s from YouTube - C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\xo53irn6.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-11-24]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-11-24]
FF HKU\S-1-5-21-2103582913-709214951-153368262-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-11-24]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-09] (Disc Soft Ltd)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31984 2013-03-07] (Synaptics Incorporated)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 15:23 - 2014-11-27 15:23 - 02117632 _____ (Farbar) C:\Users\Christina\Downloads\FRST64.exe
2014-11-27 15:23 - 2014-11-27 15:23 - 00018778 _____ () C:\Users\Christina\Downloads\FRST.txt
2014-11-27 15:23 - 2014-11-27 15:23 - 00000000 ____D () C:\Users\Christina\Downloads\FRST-OlderVersion
2014-11-27 15:21 - 2014-11-27 15:21 - 00001806 _____ () C:\Users\Christina\Desktop\mbam.txt
2014-11-27 13:55 - 2014-11-27 15:17 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-27 13:55 - 2014-11-27 13:55 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-27 13:55 - 2014-11-27 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-27 13:55 - 2014-11-27 13:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-27 13:55 - 2014-11-27 13:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-27 13:55 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-27 13:55 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-27 13:55 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-27 13:54 - 2014-11-27 13:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Christina\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-27 13:45 - 2014-11-27 13:45 - 00001250 _____ () C:\Users\Christina\Desktop\JRT.txt
2014-11-27 13:42 - 2014-11-27 13:42 - 00000000 ____D () C:\Windows\ERUNT
2014-11-27 13:41 - 2014-11-27 13:41 - 01707532 _____ (Thisisu) C:\Users\Christina\Downloads\JRT.exe
2014-11-27 12:29 - 2014-11-27 12:33 - 00000000 ____D () C:\AdwCleaner
2014-11-27 12:28 - 2014-11-27 12:28 - 02148864 _____ () C:\Users\Christina\Downloads\AdwCleaner_4.102.exe
2014-11-27 12:11 - 2014-11-27 12:11 - 00000000 ____D () C:\Users\Christina\Downloads\RevoUninstallerPortable
2014-11-27 12:10 - 2014-11-27 12:10 - 02785665 _____ (PortableApps.com) C:\Users\Christina\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-11-26 14:01 - 2014-11-26 14:02 - 00028376 _____ () C:\Users\Christina\Downloads\Addition.txt
2014-11-26 13:59 - 2014-11-27 15:23 - 00000000 ____D () C:\FRST
2014-11-26 13:33 - 2014-11-19 08:29 - 00582552 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2014-11-26 13:33 - 2014-11-19 08:29 - 00462760 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-11-26 10:54 - 2014-11-20 21:56 - 00713672 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 10:54 - 2014-11-20 21:56 - 00106440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 10:06 - 2014-11-26 10:06 - 00000131 _____ () C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\IObit Freeware.url
2014-11-26 10:06 - 2014-11-26 10:06 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-11-26 10:03 - 2014-11-26 10:03 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\TeamViewer
2014-11-26 10:03 - 2014-11-26 10:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-25 12:25 - 2014-11-25 12:25 - 02280510 _____ () C:\Users\Christina\Downloads\Maize.crop.calendar.fill.tar.gz
2014-11-24 16:25 - 2014-11-24 16:25 - 01169232 _____ () C:\Users\Christina\Downloads\wmp81n - CHIP-Installer.exe
2014-11-24 16:23 - 2014-11-24 16:23 - 01169232 _____ () C:\Users\Christina\Downloads\Windows Media Player - CHIP-Installer(1).exe
2014-11-24 16:22 - 2014-11-24 16:22 - 01169232 _____ () C:\Users\Christina\Downloads\Windows Media Player - CHIP-Installer.exe
2014-11-24 12:22 - 2014-11-24 12:22 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2014-11-24 12:21 - 2014-11-24 12:22 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\DVDVideoSoft
2014-11-24 12:21 - 2014-11-24 12:21 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-11-24 12:21 - 2014-11-24 12:21 - 00001243 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-11-24 12:21 - 2014-11-24 12:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-24 12:21 - 2014-11-24 12:21 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2014-11-24 12:21 - 2014-11-24 12:21 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-11-24 12:16 - 2014-11-24 12:17 - 34667648 _____ (DVDVideoSoft Ltd. ) C:\Users\Christina\Downloads\FreeYouTubeToMP3Converter3.12.50.1111.exe
2014-11-19 23:27 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 23:27 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 23:27 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 23:27 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-17 22:59 - 2014-11-17 22:59 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-14 00:31 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-14 00:31 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-14 00:30 - 2014-11-05 07:40 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-14 00:30 - 2014-11-05 07:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-14 00:30 - 2014-11-05 04:16 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-14 00:30 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-14 00:30 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-14 00:30 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-14 00:30 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-14 00:30 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-14 00:30 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-14 00:30 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-14 00:30 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-14 00:17 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-14 00:17 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-14 00:17 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-14 00:17 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-14 00:17 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-11-14 00:17 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-14 00:17 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-11-14 00:17 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-14 00:17 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-14 00:17 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-14 00:17 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-14 00:17 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-14 00:17 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-14 00:17 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-14 00:17 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-14 00:17 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-14 00:17 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-14 00:17 - 2014-09-06 01:46 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-14 00:17 - 2014-09-03 03:48 - 00457728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-11-14 00:17 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-11-14 00:17 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-11-14 00:17 - 2014-09-03 03:21 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-11-14 00:17 - 2014-09-03 03:21 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-11-14 00:17 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-14 00:17 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-11-14 00:17 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-14 00:17 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-11-14 00:17 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2014-11-14 00:17 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-14 00:17 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-14 00:17 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-14 00:17 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-11-14 00:17 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2014-11-14 00:17 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-11-14 00:16 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-14 00:16 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-14 00:16 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-14 00:16 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-14 00:16 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-14 00:16 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-14 00:16 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-14 00:16 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-14 00:15 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-14 00:15 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-14 00:15 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-14 00:15 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-14 00:15 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-14 00:15 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-14 00:15 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-14 00:15 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-14 00:15 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-14 00:15 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-14 00:15 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-14 00:15 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-14 00:15 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-14 00:15 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-14 00:15 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-14 00:15 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-14 00:15 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-14 00:15 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-14 00:14 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-11-14 00:14 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-14 00:14 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-14 00:14 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-14 00:14 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-14 00:14 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-11-14 00:14 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-14 00:14 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-14 00:14 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-14 00:14 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-14 00:14 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-14 00:14 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-14 00:14 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-11-10 22:54 - 2014-11-24 12:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-07 20:36 - 2014-11-07 20:36 - 01054912 _____ (Adobe) C:\Users\Christina\Downloads\install_flashplayer15x32au_mssd_aaa_aih.exe
2014-11-07 20:30 - 2014-11-08 22:48 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2014-11-06 21:53 - 2014-11-06 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-05 11:10 - 2014-11-05 11:10 - 00000000 ____D () C:\Users\Christina\AppData\Local\ArcGISRuntime
2014-11-04 10:11 - 2014-11-04 10:20 - 00000000 ____D () C:\Users\Christina\Desktop\Singen
2014-11-04 08:52 - 2014-11-04 08:53 - 00013904 _____ () C:\Users\Christina\Downloads\mapserv.exe
2014-10-29 13:02 - 2014-10-22 04:34 - 00010777 _____ () C:\Windows\system32\AutoconfigV2.cab
2014-10-29 13:02 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-29 13:02 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 13:02 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-29 13:02 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 13:02 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 13:02 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-10-28 18:46 - 2014-10-28 18:46 - 00000000 ____D () C:\Users\Christina\AppData\Local\Intel_Corporation
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 15:22 - 2014-01-04 17:51 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2103582913-709214951-153368262-1002
2014-11-27 15:21 - 2013-11-13 19:52 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 15:21 - 2013-11-13 19:52 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 15:21 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-27 15:15 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-27 15:14 - 2013-08-02 15:50 - 00180896 _____ () C:\Windows\PFRO.log
2014-11-27 15:14 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-27 15:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-27 14:32 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-27 14:30 - 2014-07-21 12:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-27 12:28 - 2014-01-04 18:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 12:19 - 2014-02-23 15:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-27 12:19 - 2013-11-13 11:10 - 01144140 _____ () C:\Windows\WindowsUpdate.log
2014-11-26 20:59 - 2014-10-27 14:45 - 00000000 ____D () C:\Users\Christina\Desktop\GIS
2014-11-26 18:12 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-11-26 17:02 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-26 11:38 - 2014-03-04 14:50 - 00141968 _____ () C:\Users\Christina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-26 11:38 - 2014-01-08 12:51 - 00000000 ____D () C:\Users\Christina\AppData\Local\Deployment
2014-11-26 10:57 - 2014-09-26 17:55 - 00002114 _____ () C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2014-11-26 10:56 - 2014-10-25 14:15 - 00513768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 22:16 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-11-25 21:33 - 2014-07-21 12:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 18:22 - 2014-10-27 14:52 - 00000000 ____D () C:\arcgis
2014-11-25 14:27 - 2014-01-04 17:42 - 00000000 ____D () C:\Users\Christina\AppData\Local\Packages
2014-11-25 13:03 - 2014-01-04 18:28 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\Skype
2014-11-23 21:33 - 2014-01-21 12:09 - 01169920 ___SH () C:\Users\Christina\Desktop\Thumbs.db
2014-11-23 21:31 - 2012-07-26 08:21 - 01611993 _____ () C:\Windows\setupact.log
2014-11-23 11:35 - 2014-01-05 20:28 - 00002285 _____ () C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-11-23 00:44 - 2014-01-04 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-21 20:16 - 2014-10-19 13:20 - 00000000 ____D () C:\Users\Christina\Desktop\Fortbildung Hydrogeologie
2014-11-21 08:40 - 2014-01-08 12:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-17 22:59 - 2014-10-16 10:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-17 22:59 - 2014-02-23 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-17 22:51 - 2014-07-21 12:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-17 22:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-11-17 22:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-17 22:51 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-17 22:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-17 22:51 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-17 22:50 - 2014-01-05 23:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-17 22:47 - 2014-01-05 23:24 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-14 12:22 - 2014-01-08 10:12 - 00000000 ____D () C:\Users\Christina\AppData\Local\Akamai
2014-11-07 22:50 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-11-07 20:30 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-11-06 21:53 - 2014-03-07 23:05 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-11-06 21:53 - 2014-03-07 23:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-06 21:53 - 2014-01-04 18:27 - 00000000 ____D () C:\ProgramData\Skype
2014-11-04 10:17 - 2014-10-27 14:45 - 00000000 ____D () C:\Users\Christina\Desktop\Sonstiges
2014-10-30 12:25 - 2014-02-23 13:24 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 20:22 - 2014-10-27 14:41 - 00000000 ____D () C:\Users\Christina\AppData\Local\ESRI
Files to move or delete:
====================
C:\Users\Christina\SETUP.EXE
Some content of TEMP:
====================
C:\Users\Christina\AppData\Local\Temp\avgnt.exe
C:\Users\Christina\AppData\Local\Temp\Quarantine.exe
C:\Users\Christina\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-24 13:55
==================== End Of Log ============================ --- --- ---
--- --- --- |