FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Laura (administrator) on TYSIA on 21-02-2015 15:15:34
Running from C:\Users\Laura\Contacts\Desktop
Loaded Profiles: Laura & (Available profiles: Laura & Catsitter & Administrator)
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM\...\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: []
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\Explorer: []
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\Explorer: []
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: I - I:\Setup.exe
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {7f1d8254-13fa-11e2-b7af-6c626d90f5d1} - I:\Setup.exe
IFEO\appvlp.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\cvh.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\divxcontrolpanellauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\icloud.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\iclouddrive.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\icloudweb.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\msoev.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\msotd.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\msouc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\sftdde.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\shellstreamsshortcut.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3161636880-329456100-441217609-1005\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
URLSearchHook: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
URLSearchHook: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 - (No Name) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1001 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4B2C0209-C85F-4093-B5F2-112754D6F35A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DzytD0FyD0DtCyB0C0AyDtN0D0Tzu0SzytBtDtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzztCtA0D0EtGyDtC0DyDtGyByDtDtBtGtD0FyD0AtGtA0B0Fzy0FyCzzyE0C0EyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0AtAzzzzzz0FtBtGtA0A0AzztG0C0EtDtCtG0CtC0E0BtGtDyDtB0D0D0E0CzytDyCtBtB2Q&cr=2143589514&ir=
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111123130204745&tb_oid=23-11-2011&tb_mrud=23-11-2011
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {4B2C0209-C85F-4093-B5F2-112754D6F35A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DzytD0FyD0DtCyB0C0AyDtN0D0Tzu0SzytBtDtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzztCtA0D0EtGyDtC0DyDtGyByDtDtBtGtD0FyD0AtGtA0B0Fzy0FyCzzyE0C0EyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0AtAzzzzzz0FtBtGtA0A0AzztG0C0EtDtCtG0CtC0E0BtGtDyDtB0D0D0E0CzytDyCtBtB2Q&cr=2143589514&ir=
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111123130204745&tb_oid=23-11-2011&tb_mrud=23-11-2011
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {4B2C0209-C85F-4093-B5F2-112754D6F35A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DzytD0FyD0DtCyB0C0AyDtN0D0Tzu0SzytBtDtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzztCtA0D0EtGyDtC0DyDtGyByDtDtBtGtD0FyD0AtGtA0B0Fzy0FyCzzyE0C0EyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0AtAzzzzzz0FtBtGtA0A0AzztG0C0EtDtCtG0CtC0E0BtGtDyDtB0D0D0E0CzytDyCtBtB2Q&cr=2143589514&ir=
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111123130204745&tb_oid=23-11-2011&tb_mrud=23-11-2011
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4B2C0209-C85F-4093-B5F2-112754D6F35A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DzytD0FyD0DtCyB0C0AyDtN0D0Tzu0SzytBtDtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzztCtA0D0EtGyDtC0DyDtGyByDtDtBtGtD0FyD0AtGtA0B0Fzy0FyCzzyE0C0EyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0AtAzzzzzz0FtBtGtA0A0AzztG0C0EtDtCtG0CtC0E0BtGtDyDtB0D0D0E0CzytDyCtBtB2Q&cr=2143589514&ir=
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111123130204745&tb_oid=23-11-2011&tb_mrud=23-11-2011
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {4B2C0209-C85F-4093-B5F2-112754D6F35A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DzytD0FyD0DtCyB0C0AyDtN0D0Tzu0SzytBtDtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzztCtA0D0EtGyDtC0DyDtGyByDtDtBtGtD0FyD0AtGtA0B0Fzy0FyCzzyE0C0EyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0AtAzzzzzz0FtBtGtA0A0AzztG0C0EtDtCtG0CtC0E0BtGtDyDtB0D0D0E0CzytDyCtBtB2Q&cr=2143589514&ir=
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111123130204745&tb_oid=23-11-2011&tb_mrud=23-11-2011
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {4B2C0209-C85F-4093-B5F2-112754D6F35A} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0DzytD0FyD0DtCyB0C0AyDtN0D0Tzu0SzytBtDtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtByDzztCtA0D0EtGyDtC0DyDtGyByDtDtBtGtD0FyD0AtGtA0B0Fzy0FyCzzyE0C0EyEtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0AtAzzzzzz0FtBtGtA0A0AzztG0C0EtDtCtG0CtC0E0BtGtDyDtB0D0D0E0CzytDyCtBtB2Q&cr=2143589514&ir=
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {63F40060-DE7B-4061-A99E-D270C610D41B} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111123130204745&tb_oid=23-11-2011&tb_mrud=23-11-2011
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart Print Helper -> {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} -> C:\Program Files\Hewlett-Packard\Smart Print 2.7\Espresso.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\biV8Jwpq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\biV8Jwpq.default\Extensions\abs@avira.com [2015-02-20]
Chrome:
=======
CHR HomePage: Default -> hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Star Stable Online) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhalcddeebgbegbfkgngofgldddanae\1.0.0.5_0\npstudioruntime.dll (World of Horsecraft AB)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 8.0.110.12) - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 8 U11) - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (A Quotation) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg [2015-02-20]
CHR Extension: (StudyMode.com) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\afhaomgjckjnioommpjdnanglalimoon [2015-02-20]
CHR Extension: (oTranscribe) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcepnaeajjgbbagpgaihnljdadhhibb [2015-02-20]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-02-20]
CHR Extension: (Newsela) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfpeiapdhnegnfcfkdfihabadngjagfj [2015-02-20]
CHR Extension: (Todoist for Chromebook) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjohebimpjdhhocbknplfelpmdhifhd [2015-02-20]
CHR Extension: (Quizlet) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgofflgeghkhocbociocnckocbjmomjh [2015-02-20]
CHR Extension: (Gliffy Diagrams) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2015-02-20]
CHR Extension: (WOT) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-02-19]
CHR Extension: (YouTube) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-20]
CHR Extension: (CurriculumLoft) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnmoibmekgcegldojdjnhjfhcjkhoihd [2015-02-20]
CHR Extension: (FastFig) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bogefeobnkbodnohkifkjfdipjmdljkd [2015-02-20]
CHR Extension: (EasyBib) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbpiiblghhnlalifiaddecedaeaijdpe [2015-02-20]
CHR Extension: (Flashcard Stash) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgopclnilgekngdlkfkegddejocmmmim [2015-02-20]
CHR Extension: (Bookalize) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coibmloalinjcpcboimmeibmdhonfhad [2015-02-20]
CHR Extension: (Wörterbuch Latein) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmklgjkhbekncoffnedmenihggbcbpd [2015-02-20]
CHR Extension: (iVocab: GRE, TOEFL and SAT) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddbfkngjokojcmmadaaipmjiacnnmgbl [2015-02-20]
CHR Extension: (Davitily Math Academy) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgkencbhniekejnjmlkpfmcambmikj [2015-02-20]
CHR Extension: (Brilliant) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\eommhbliilafdkodaijeejngbjiiaccl [2015-02-20]
CHR Extension: (Type Scout) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2015-02-20]
CHR Extension: (Avira Browser Safety) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-06]
CHR Extension: (Science Penguin) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gimenpegjajnbdolclaoenakboibojfd [2015-02-20]
CHR Extension: (Days Until) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjoncaelhmjienakbbocmlceofcjpdlg [2015-02-20]
CHR Extension: (Google Calendar (by Google)) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2015-02-20]
CHR Extension: (Typo Express) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\haijhjgfgmgemgjeoomhobpcfgekifcj [2015-02-20]
CHR Extension: (Pomodoro Timer) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjlgjnpkpmnpojkkpfkogapiclopop [2015-02-20]
CHR Extension: (KanbanFlow) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhhlbmjihokflibmbfmldajolmkaemhi [2015-02-20]
CHR Extension: (Send Anywhere (File Transfer)) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihbikoooaenkpdooehgemieligjejcb [2015-02-20]
CHR Extension: (Popular Math) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldopnmmmjmhibkkhjihpejkbpnnnmkm [2015-02-20]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-02-20]
CHR Extension: (Cram.com Flashcards) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnbbdmpeahiaeeiadlfamiomkomeijh [2015-02-20]
CHR Extension: (wikiHow Survival Kit) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickaeddjnhfofihhibhnjemlphjmnchl [2015-02-20]
CHR Extension: (Memrise) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipanemchpnjhopmgcmmjhjcniogmoooc [2015-02-20]
CHR Extension: (Anatomy Games) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbplkkegndhkgnendpdhcffamoplajga [2015-02-20]
CHR Extension: (RechnungXXL) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfpokejaigabbkedehdmkdoblcamilok [2015-02-20]
CHR Extension: (ProProfs Flashcards Software) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmgkcoagcbljcbdnapoioiifghiioaba [2015-02-20]
CHR Extension: (Star Stable Online starstable.sat1spiele.de) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhalcddeebgbegbfkgngofgldddanae [2015-02-18]
CHR Extension: (iDoneThis) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lokihmieoechcdpifjfhokeamedacaed [2015-02-20]
CHR Extension: (Word Counter Notepad - Counts what you write.) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbmbpobpcglgjninpmpmdocbjdjimid [2015-02-20]
CHR Extension: (Ghostery) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-02-20]
CHR Extension: (Math Science Engineering Calculators) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnaaclhkigagfmmmejenjpgjmemgkipa [2015-02-20]
CHR Extension: (DropTask) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjipcefkmoefanpmoknoeagoaokhifa [2015-02-20]
CHR Extension: (TeacherTube) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbnaepfkikcjdhaciekglfcjnfbgpmdn [2015-02-20]
CHR Extension: (BrainShare) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nokdnmolecgbjheobnnnloifgilgimof [2015-02-20]
CHR Extension: (TypingClub) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2015-02-20]
CHR Extension: (Artezio Chronometers) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfanegcbhiaecibiehjcgobhbaibepg [2015-02-20]
CHR Extension: (Wunderlist for Chrome) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2015-02-20]
CHR Extension: (Freelancy Time Tracker) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkajbcicgbkoefeclmjjbdhidnnmgkh [2015-02-20]
CHR Extension: (Reference.com) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooffafbjcjgjinobbfdgkefebeiodngk [2015-02-20]
CHR Extension: (k-12 Mathematical Simulations) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\phibhpccfjfcchdcmkjlfflancpppomn [2015-02-20]
CHR Extension: (Evernote Web Clipper) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-02-08]
CHR Extension: (Gmail) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-11-10] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
S4 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1679536 2014-11-11] (Microsoft Corporation)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1087792 2014-11-10] (Flexera Software LLC)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1729336 2013-12-10] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2013-03-08] (Advanced Micro Devices Inc.)
R0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [15528 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [62592 2010-05-14] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [24192 2010-05-14] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [23136 2012-07-16] (JMicron Technology Corp.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [28464 2011-12-29] (COMPAL ELECTRONIC INC.)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 MxEFUF; C:\Windows\System32\DRIVERS\MxEFUF32.sys [108544 2011-08-15] (Matrox Graphics Inc.) [File not signed]
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U3 ugtdipod; \??\C:\Users\Laura\AppData\Local\Temp\ugtdipod.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 15:14 - 2015-02-21 15:14 - 00000000 _____ () C:\Users\Laura\defogger_reenable
2015-02-21 03:02 - 2015-02-21 03:02 - 00000000 ____D () C:\Windows\system32\SPReview
2015-02-20 19:08 - 2015-02-20 19:08 - 00132100 _____ () C:\Windows\PFRO.log
2015-02-20 16:45 - 2015-02-20 16:45 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Avira
2015-02-20 16:44 - 2015-02-20 16:41 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-20 16:40 - 2015-02-20 16:40 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Mozilla
2015-02-20 16:35 - 2014-11-24 10:23 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-20 16:35 - 2014-11-24 10:23 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-20 16:35 - 2014-11-24 10:23 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-02-20 16:35 - 2014-11-24 10:23 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2015-02-20 16:29 - 2015-02-20 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-20 16:03 - 2015-02-20 19:08 - 00000112 _____ () C:\Windows\setupact.log
2015-02-20 16:03 - 2015-02-20 16:03 - 00459320 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-20 16:03 - 2015-02-20 16:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-20 00:17 - 2015-02-20 00:17 - 00001717 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-02-20 00:17 - 2015-02-20 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-20 00:06 - 2015-02-20 00:06 - 00117776 _____ () C:\Users\Laura\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-20 00:05 - 2015-02-20 00:13 - 00000000 ____D () C:\Users\Laura\Downloads\chrome-youtube-downloader-2.6.20
2015-02-20 00:02 - 2015-02-20 00:02 - 00099158 _____ () C:\Users\Laura\Downloads\chrome-youtube-downloader-2.6.20.zip
2015-02-19 17:26 - 2015-02-21 13:31 - 00000000 ____D () C:\AdwCleaner
2015-02-19 11:29 - 2015-02-19 11:29 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-19 11:28 - 2015-02-20 21:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-19 05:16 - 2015-02-19 11:45 - 00000000 ____D () C:\Program Files\ESET
2015-02-18 21:42 - 2015-02-21 15:15 - 00000000 ____D () C:\FRST
2015-02-18 21:32 - 2015-02-18 21:32 - 00001230 _____ () C:\Users\Public\Desktop\herdProtect.lnk
2015-02-18 21:32 - 2015-02-18 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2015-02-18 21:32 - 2015-02-18 21:32 - 00000000 ____D () C:\Program Files\Reason
2015-02-18 19:28 - 2015-02-18 19:28 - 00000000 ____D () C:\Users\Laura\Tracing
2015-02-18 19:27 - 2015-02-18 19:27 - 00000000 ___RD () C:\Program Files\Skype
2015-02-18 19:27 - 2015-02-18 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-18 19:27 - 2015-02-18 19:27 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-02-18 16:16 - 2015-02-18 16:17 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-02-18 14:00 - 2015-02-21 13:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-18 13:59 - 2015-02-18 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-18 13:59 - 2015-02-18 13:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-18 13:59 - 2015-02-18 13:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-18 13:59 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-18 13:59 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-18 13:59 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-17 14:24 - 2015-02-18 13:05 - 00000000 ____D () C:\Users\Laura\AppData\Local\EvernoteNW
2015-02-17 00:16 - 2013-12-10 18:43 - 00030520 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2015-02-17 00:16 - 2013-12-10 18:43 - 00022328 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-02-17 00:10 - 2015-02-17 00:10 - 00002111 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2015-02-17 00:10 - 2015-02-17 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2015-02-17 00:10 - 2013-12-10 18:43 - 00032568 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-02-16 23:59 - 2015-02-16 23:59 - 00000000 ____D () C:\Users\Catsitter\AppData\Local\Apple Computer
2015-02-16 16:09 - 2015-02-19 04:49 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-15 22:54 - 2015-02-15 22:54 - 00002211 _____ () C:\Users\Laura\AppData\Local\recently-used.xbel
2015-02-15 22:50 - 2015-02-15 22:54 - 00000000 ____D () C:\Users\Laura\AppData\Local\gtk-2.0
2015-02-11 00:31 - 2015-02-11 00:31 - 00001353 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDMaker - Shortcut.lnk
2015-02-11 00:26 - 2015-02-11 00:26 - 00000000 ____D () C:\Users\Laura\Documents\My Weblog Posts
2015-02-10 23:33 - 2015-02-10 23:33 - 00000000 ____D () C:\Users\Laura\Documents\The Lord of the Rings Online
2015-02-10 23:30 - 2015-02-18 16:17 - 00000000 ___RD () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Player
2015-02-10 22:17 - 2015-02-11 00:35 - 00000000 ___RD () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creatives
2015-02-10 20:37 - 2015-02-10 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-09 05:48 - 2015-02-20 16:34 - 00000000 ____D () C:\Program Files\Avira
2015-02-09 02:50 - 2015-02-09 02:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2015-02-09 02:49 - 2015-02-09 02:49 - 00000000 ____D () C:\Program Files\Evernote
2015-02-09 00:57 - 2015-02-19 17:44 - 00000000 ___RD () C:\Users\Laura\.thumbnails
2015-02-09 00:47 - 2015-02-15 22:54 - 00000000 ____D () C:\Users\Laura\.gimp-2.8
2015-02-09 00:47 - 2015-02-09 00:47 - 00000000 ____D () C:\Users\Laura\AppData\Local\gegl-0.2
2015-02-09 00:47 - 2015-02-09 00:47 - 00000000 ____D () C:\Users\Laura\AppData\Local\fontconfig
2015-02-09 00:39 - 2009-07-14 02:14 - 01971200 _____ (Microsoft Corporation) C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDMaker.exe
2015-02-09 00:31 - 2015-02-09 00:31 - 00000000 ____D () C:\Users\Public\CyberLink
2015-02-09 00:31 - 2010-01-06 22:37 - 00415016 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerDVDCopy.exe
2015-02-09 00:30 - 2009-12-03 00:37 - 02684200 _____ (CyberLink Corp.) C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power2GoExpress.exe
2015-02-09 00:29 - 2009-12-03 00:32 - 02508072 _____ (CyberLink Corp.) C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Power2Go.exe
2015-02-09 00:28 - 2010-01-15 22:47 - 00664872 _____ (CyberLink Corp.) C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LabelPrint.exe
2015-02-09 00:18 - 2011-06-01 16:57 - 00561984 _____ (Apple Inc.) C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftwareUpdate.exe
2015-02-09 00:08 - 2015-02-10 22:19 - 00000000 ___RD () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-02-09 00:07 - 2015-02-08 00:11 - 00001012 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shareaza.lnk
2015-02-09 00:07 - 2014-07-07 20:18 - 00002505 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Skype.lnk
2015-02-09 00:07 - 2011-11-25 20:23 - 00001124 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2015-02-09 00:07 - 2011-10-28 15:34 - 00001121 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger.lnk
2015-02-09 00:06 - 2015-02-08 16:22 - 00001717 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iTunes.lnk
2015-02-09 00:06 - 2015-02-08 01:23 - 00001181 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wp7EasyBackup.lnk
2015-02-09 00:02 - 2014-07-21 14:22 - 00001971 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetBeans IDE 8.0.lnk
2015-02-09 00:02 - 2014-07-21 13:59 - 00001992 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Java Mission Control.lnk
2015-02-09 00:02 - 2012-11-29 01:26 - 00002114 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotro.lnk
2015-02-08 23:57 - 2015-02-08 02:28 - 00001322 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wordpad.lnk
2015-02-08 23:57 - 2015-01-15 06:52 - 00000896 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote.lnk
2015-02-08 23:57 - 2014-07-11 02:38 - 00002458 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002516 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InfoPath Designer 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002496 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InfoPath Filler 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002455 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002451 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002441 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\An OneNote 2013 senden.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002430 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002406 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lync 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002405 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Publisher 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002372 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Access 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002369 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneNote 2013.lnk
2015-02-08 23:57 - 2013-10-03 17:30 - 00002341 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook 2013.lnk
2015-02-08 21:09 - 2013-10-03 17:28 - 01804512 _____ () C:\WindowsGABRIOLA.tt2
2015-02-08 20:27 - 2015-02-08 20:27 - 00000000 ____D () C:\Users\Laura\.jmc
2015-02-08 20:27 - 2015-02-08 20:27 - 00000000 ____D () C:\Users\Laura\.eclipse
2015-02-08 16:45 - 2015-02-17 15:15 - 00000000 ____D () C:\Users\Laura\Downloads\Icons and Vectors
2015-02-08 02:08 - 2015-02-10 22:19 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-08 00:53 - 2015-02-08 00:53 - 00000000 ____D () C:\Wp7EasyBackup
2015-02-08 00:12 - 2015-02-08 00:12 - 00000000 ____D () C:\Users\Laura\AppData\Local\Shareaza
2015-02-08 00:11 - 2015-02-08 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shareaza
2015-02-08 00:11 - 2015-02-08 00:12 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Shareaza
2015-02-08 00:09 - 2015-02-08 02:35 - 00000000 ____D () C:\Program Files\Shareaza
2015-02-08 00:07 - 2015-02-08 00:24 - 00000000 ____D () C:\Shareaza_2.7.8.0
2015-02-07 23:23 - 2015-02-08 00:42 - 00000000 ____D () C:\Program Files\GIMP 2
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 15:15 - 2013-02-25 05:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 15:15 - 2011-10-28 13:31 - 01103776 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 15:14 - 2011-10-28 13:32 - 00000000 ____D () C:\Users\Laura
2015-02-20 19:17 - 2014-07-09 16:01 - 00000000 ___RD () C:\Users\Laura\Downloads\Programme Setups
2015-02-20 19:16 - 2009-07-14 05:34 - 00010096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 19:16 - 2009-07-14 05:34 - 00010096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 19:08 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 16:34 - 2013-08-06 23:04 - 00000000 ____D () C:\ProgramData\Avira
2015-02-20 16:25 - 2014-08-05 11:45 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-20 00:17 - 2014-10-17 12:38 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-20 00:17 - 2014-09-17 09:48 - 00000000 ____D () C:\Program Files\iTunes
2015-02-20 00:16 - 2014-09-17 09:48 - 00000000 ____D () C:\Program Files\iPod
2015-02-20 00:16 - 2012-10-11 16:33 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-20 00:06 - 2013-12-25 02:36 - 00105903 _____ () C:\Users\Laura\Downloads\chrome-youtube-downloader-2.6.20.crx
2015-02-19 04:53 - 2012-10-14 17:18 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2015-02-19 02:10 - 2011-11-03 14:24 - 00000000 ____D () C:\Users\Laura\AppData\Local\Windows Live
2015-02-19 00:42 - 2011-10-28 13:29 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-19 00:42 - 2011-10-28 13:29 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-18 21:13 - 2013-05-01 13:01 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Skype
2015-02-18 19:27 - 2013-05-01 13:00 - 00000000 ____D () C:\ProgramData\Skype
2015-02-18 17:45 - 2012-10-14 17:37 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TuneUp Software
2015-02-18 17:30 - 2012-10-14 17:35 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-18 16:18 - 2013-10-03 17:24 - 00000000 ____D () C:\Program Files\Microsoft Office 2013
2015-02-18 13:11 - 2014-10-08 06:50 - 00000000 ___RD () C:\Users\Laura\iCloudDrive
2015-02-18 13:07 - 2009-07-14 05:53 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-18 10:38 - 2014-11-10 11:58 - 00000000 ____D () C:\Users\Laura\AppData\Local\Akamai
2015-02-17 00:15 - 2012-10-14 17:37 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2013
2015-02-17 00:00 - 2013-01-17 10:58 - 00000000 ____D () C:\Users\Catsitter\AppData\Roaming\Apple Computer
2015-02-16 06:34 - 2009-07-14 03:04 - 00000497 _____ () C:\Windows\win.ini
2015-02-15 22:00 - 2011-10-28 13:36 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Adobe
2015-02-14 16:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-12 15:12 - 2014-10-08 06:55 - 00000000 ____D () C:\Users\Laura\AppData\Local\20FF9895-9903-4559-85FC-E4E697E8854B.aplzod
2015-02-12 07:11 - 2012-10-11 16:41 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Apple Computer
2015-02-12 07:11 - 2012-10-11 16:41 - 00000000 ____D () C:\Users\Laura\AppData\Local\Apple Computer
2015-02-11 00:52 - 2011-11-02 15:41 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\TS3Client
2015-02-11 00:40 - 2010-11-12 00:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-02-11 00:26 - 2012-04-13 15:03 - 00000000 ____D () C:\Users\Laura\AppData\Local\Windows Live Writer
2015-02-10 23:45 - 2012-03-10 12:45 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-02-10 23:38 - 2011-11-02 15:10 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-02-10 23:37 - 2010-09-15 14:00 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-10 21:59 - 2012-10-11 16:35 - 00000000 ____D () C:\Users\Laura\AppData\Local\Apple
2015-02-10 11:52 - 2012-05-29 01:37 - 00117776 _____ () C:\Users\Catsitter\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-10 11:50 - 2012-05-29 01:36 - 00000000 ____D () C:\Users\Catsitter
2015-02-09 05:27 - 2014-11-10 11:57 - 00000000 ____D () C:\Autodesk
2015-02-09 03:03 - 2010-09-15 14:43 - 00000000 ____D () C:\Program Files\CyberLink
2015-02-09 02:52 - 2014-07-11 14:50 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-02-09 00:54 - 2012-10-11 16:35 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-09 00:34 - 2011-10-28 15:55 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\DivX
2015-02-09 00:31 - 2011-10-30 02:23 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\CyberLink
2015-02-09 00:31 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2015-02-09 00:14 - 2012-01-31 21:03 - 00000000 ____D () C:\Users\Laura\AppData\Local\Adobe
2015-02-08 22:18 - 2012-05-07 21:43 - 00000000 ___RD () C:\Users\Laura\Documents\Hauswirtschaft
2015-02-08 21:16 - 2009-07-14 08:48 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-02-08 21:09 - 2013-10-03 17:23 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-08 16:09 - 2014-09-01 01:19 - 00000000 ____D () C:\Users\Laura\Documents\Magazine
2015-02-08 14:32 - 2014-07-11 14:38 - 00000000 ____D () C:\Users\Laura\AppData\Local\HP
2015-02-08 14:32 - 2013-02-21 08:42 - 00000000 ____D () C:\Users\Laura\AppData\Local\PluginCompendium
2015-02-08 14:32 - 2012-11-28 21:33 - 00000000 ____D () C:\Users\Laura\.swt
2015-02-08 14:32 - 2012-02-01 22:02 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\dvdcss
2015-02-08 14:32 - 2011-11-08 17:12 - 00000000 ____D () C:\Users\Laura\AppData\Local\Turbine
2015-02-08 14:32 - 2011-10-28 13:32 - 00000000 ___RD () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-08 14:32 - 2011-10-28 13:32 - 00000000 ___RD () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-08 14:31 - 2014-11-10 13:30 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Java Development Kit
2015-02-08 14:31 - 2014-02-24 13:03 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Java
2015-02-08 14:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-02-08 14:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-02-08 01:10 - 2014-10-13 14:08 - 00000000 ____D () C:\Users\Laura\Documents\Life Management
2015-02-07 23:40 - 2010-07-06 21:23 - 00809232 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-07 23:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 20:15 - 2013-02-25 05:59 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 20:15 - 2013-02-25 05:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2011-11-08 17:12 - 2011-11-08 17:12 - 0000093 _____ () C:\Users\Laura\AppData\Local\fusioncache.dat
2015-02-15 22:54 - 2015-02-15 22:54 - 0002211 _____ () C:\Users\Laura\AppData\Local\recently-used.xbel
2013-09-02 15:34 - 2013-09-02 15:34 - 0000017 _____ () C:\Users\Laura\AppData\Local\resmon.resmoncfg
2014-07-11 14:49 - 2014-07-11 14:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-10-05 13:51 - 2014-10-05 13:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-03-10 12:45 - 2015-02-10 23:45 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2014-11-10 12:48 - 2014-11-10 12:48 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\Catsitter\AppData\Local\Temp\avgnt.exe
C:\Users\Laura\AppData\Local\Temp\avgnt.exe
C:\Users\Laura\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Laura\AppData\Local\Temp\HPPSdr.exe
C:\Users\Laura\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Laura\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Laura\AppData\Local\Temp\Setup.x86.de-DE_ProPlusRetail_XFYDJ-8N7VQ-6YCWB-2VXRP-3YF3D_act_1_.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-20 20:28
==================== End Of Log ============================
--- --- ---
--- --- --- Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by Laura at 2015-02-21 15:16:31
Running from C:\Users\Laura\Contacts\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Der Herr der Ringe Online™“ v03.08.00.8025 (HKLM\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8025 - Turbine, Inc.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3161636880-329456100-441217609-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{586647DB-C4AC-6691-FD95-9A1B3B603502}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (Version: 2010.0930.2237.38732 - ATI) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Evernote v. 5.8.3 (HKLM\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
Fotogalerija Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
herdProtect Anti-Malware Scanner (HKLM\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{61268BF7-3EC8-4CDC-922B-C8F718A0D46F}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Smart Print 2.7 (HKLM\...\{06B3D8C2-AAF2-4154-A4BD-71806AC41172}) (Version: 2.7.0.238 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java SE Development Kit 8 Update 11 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LOTRO Plugin Compendium (HKLM\...\{3BF7818D-2482-4676-A237-915A11A97847}) (Version: 1.0.3 - Lunarwater)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Română (HKLM\...\{90150000-001F-0418-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shareaza 2.7.8.0 (HKLM\...\Shareaza_is1) (Version: 2.7.8.0 - Shareaza Development Team)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.179 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.179 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.179 - TuneUp Software) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{04CC76C7-1ED7-4CAE-9762-B8664ED008ED}\localserver32 -> C:\Program Files\Shareaza\MediaImageServices.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{0EEA2A0F-AD1F-4555-9827-0DD9335611A4}\localserver32 -> C:\Program Files\Shareaza\WindowsThumbnail.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}\InprocServer32 -> C:\Program Files\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{0F74BA53-C842-4CB5-B388-DD5663F62479}\InprocServer32 -> C:\Program Files\Shareaza\Preview.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{18D11ED9-1264-48A1-9E14-20F2C633242B}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 -> C:\Program Files\Shareaza\ImageViewer.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{2F74AA28-2498-4805-911A-04C39858D529}\InprocServer32 -> C:\Program Files\Shareaza\ZIPBuilder.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{30FC662A-D72A-4F79-B63A-ACD4FBFE68A3}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{34791E02-51DC-4CF4-9E34-018166D91D0E}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\localserver32 -> C:\Program Files\Shareaza\MediaPlayer.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{570C197C-FE9C-4D1F-B6E0-EFA44D36399F}\localserver32 -> C:\Program Files\Shareaza\MediaLibraryBuilder.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{61700EEC-D5D3-4793-BD1F-514896D67F44}\InprocServer32 -> C:\Program Files\Shareaza\RatDVDReader.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{6C9E61BE-E58F-4AE1-A304-6FF1D183804C}\InprocServer32 -> C:\Program Files\Shareaza\GFLLibraryBuilder.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{76F13243-9F62-4241-AC07-3B359BBE4EC5}\InprocServer32 -> C:\Program Files\Shareaza\VirusTotal.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{76F13243-9F62-4241-AC07-3B359BBE4EC6}\InprocServer32 -> C:\Program Files\Shareaza\ShortURL.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 -> C:\Program Files\Shareaza\SkinScanSKS.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{B69F80CD-FB15-45E8-B359-92A41CC571A7}\InprocServer32 -> C:\Program Files\Shareaza\7ZipBuilder.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{B978F591-5137-4612-873A-DC2081BAD6CD}\InprocServer32 -> C:\Program Files\Shareaza\SWFPlugin.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{D73ABD28-3A2A-4E36-AD6F-2AA8F011FBE3}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{E1A67AE5-7041-4AE1-94F7-DE03EF759E27}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{E9B2EF9B-4A0C-451E-801F-257861B87FAD}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{E9F51B1E-DB0F-4EEE-9B36-46151994C715}\InprocServer32 -> C:\Program Files\Shareaza\DocumentReader.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{F801DAD7-F08D-48EF-B0DF-6B120377E835}\InprocServer32 -> C:\Program Files\Shareaza\RARBuilder.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{FC4D8F69-0B18-49BB-8AB7-87EB77AA1A9D}\InprocServer32 -> C:\Program Files\Shareaza\SWFPlugin.dll (Shareaza Development Team)
CustomCLSID: HKU\S-1-5-21-3161636880-329456100-441217609-1001_Classes\CLSID\{FF5FCD00-2C20-49D8-84F6-888D2E2C95DA}\InprocServer32 -> C:\Program Files\Shareaza\GFLImageServices.dll (Shareaza Development Team)
==================== Restore Points =========================
20-02-2015 00:30:16 Windows 7 Service Pack 1
21-02-2015 03:00:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {08251061-8C9E-4F9E-9C93-33ACFCAB6736} - System32\Tasks\{F9576C69-BA64-42CE-8842-189EA62ABA9F} => pcalua.exe -a I:\Setup.exe -d I:\
Task: {08F76391-B9CF-4BE0-B7BA-0CD75FDAAD58} - \Driver Booster SkipUAC (Laura) No Task File <==== ATTENTION
Task: {1891B555-4C37-4979-988A-1B7260EF256E} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10] ()
Task: {2E5C040A-1A02-4598-843B-681EC1735B25} - System32\Tasks\{8F158000-C2CC-4C5D-9591-A23BE9C60112} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\setup.exe" -d "C:\Program Files\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}"
Task: {36A20614-A150-4C2E-ADDD-4A20FB4B7F5C} - System32\Tasks\{3A5DCAC7-B53A-49CC-AD8C-5D2E00DB4856} => pcalua.exe -a "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\Motorola Driver Installer.exe" -d "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\"
Task: {38DB3B4A-13A9-48BD-9636-33C4EC9992CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {5EA5C6AB-10A0-42C6-B42E-7AA61E0B899D} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {759C3EE7-4C81-4F91-88DE-CE7F7E2449E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {835095BE-A1DE-43DB-B2E8-0779607076F3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {86EEFBBD-E8F7-4608-A4AE-10BD2107B920} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {A2413964-91BC-4C84-A816-508DEC800870} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {A45B1DE8-888F-4DF6-BC88-2093CC0939FF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {ACDDA307-9ADC-44E5-8B90-8EC1F23C591C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {D7D16B22-A9A0-47BF-89A1-DFF45EBD5BA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {D9ABCF42-8789-49E6-9ADC-5CA81C62EE63} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {E7F313B0-9544-45D7-83E3-F033CC5261CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {EB2B8194-AFF3-4106-9C51-91E164F0A046} - System32\Tasks\{EF75C393-DCA7-4157-A2E6-D11990B0763B} => pcalua.exe -a "C:\Program Files\Avira\AntiVir Desktop\setup.exe" -d "C:\Program Files\TuneUp Utilities 2013" -c /REMOVE
Task: {F05B3057-F143-4215-AA01-9FDDEB4CE809} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-10 18:45 - 2013-12-10 18:45 - 00500024 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2015-02-06 17:16 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 17:16 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 17:16 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files\Google\Chrome\Application\40.0.2214.111\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Shareaza_2.7.8.0:Shareaza.GUID
AlternateDataStreams: C:\Users\Laura\Downloads:Shareaza.GUID
AlternateDataStreams: C:\Users\Laura\Downloads\Programme Setups:Shareaza.GUID
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3161636880-329456100-441217609-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Catsitter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Catsitter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\Catsitter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3161636880-329456100-441217609-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3161636880-329456100-441217609-500 - Administrator - Disabled) => C:\Users\Administrator
ASPNET (S-1-5-21-3161636880-329456100-441217609-1004 - Limited - Enabled)
Catsitter (S-1-5-21-3161636880-329456100-441217609-1005 - Limited - Enabled) => C:\Users\Catsitter
Guest (S-1-5-21-3161636880-329456100-441217609-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3161636880-329456100-441217609-1007 - Limited - Enabled)
Laura (S-1-5-21-3161636880-329456100-441217609-1001 - Administrator - Enabled) => C:\Users\Laura
==================== Faulty Device Manager Devices =============
Name: G:\
Description: SD MS Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: H:\
Description: SMC xD Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: F:\
Description: CF Card Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/21/2015 03:16:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/21/2015 03:05:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/20/2015 09:15:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/20/2015 09:11:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/20/2015 08:29:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (02/21/2015 03:09:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200d: Windows 7 Service Pack 1 (KB976932).
Error: (02/20/2015 09:26:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (02/21/2015 03:16:57 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1510 series\DriverStore\Yeti\V3\amd64\hpinkinsc111.exe
Error: (02/21/2015 03:05:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1510 series\DriverStore\Yeti\V3\amd64\hpinkinsc111.exe
Error: (02/20/2015 09:15:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1510 series\DriverStore\Yeti\V3\amd64\hpinkinsc111.exe
Error: (02/20/2015 09:11:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1510 series\DriverStore\Yeti\V3\amd64\hpinkinsc111.exe
Error: (02/20/2015 08:29:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Deskjet 1510 series\DriverStore\Yeti\V3\amd64\hpinkinsc111.exe
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X3 440 Processor
Percentage of memory in use: 68%
Total physical RAM: 3327.29 MB
Available physical RAM: 1043.18 MB
Total Pagefile: 6652.86 MB
Available Pagefile: 3685.98 MB
Total Virtual: 3071.88 MB
Available Virtual: 2932.32 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:900.41 GB) (Free:728.81 GB) NTFS
Drive d: (Drive) (Fixed) (Total:30 GB) (Free:29.91 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=900.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
So funktioniert es: