Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr Zitat:
Zitat von
marlen101 Hallo,
FRST Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dorina Heller (administrator) on MARLEN-NOTEBOOK on 13-09-2014 16:13:29
Running from C:\Users\Dorina Heller\Documents\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
(Creative Island Media, LLC) C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Creative Island Media, LLC) C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe
(Creative Island Media, LLC) C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Just Develop It) C:\Program Files (x86)\JustCloud\BackupStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Yontoo LLC) C:\Users\Dorina Heller\AppData\Roaming\Yontoo\YontooDesktop.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
() C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Smartbar) C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\QuickShare.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(JustCloud.com) C:\Program Files (x86)\JustCloud\JustCloud.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Lrcnta.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-25] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [714104 2011-03-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1561768 2012-05-04] (Ask)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\.DEFAULT\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\.DEFAULT\...\RunOnce: [{90140000-0018-0407-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-26] (FileHippo.com)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [Yontoo Desktop] => C:\Users\Dorina Heller\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-23] (Yontoo LLC)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\QuickShare.exe [26904 2014-03-09] (Smartbar)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [BackgroundContainerV2] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Dorina Heller\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\MountPoints2: {f7019ca8-fa93-11e1-b924-806e6f6e6963} - E:\index.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-02] (Client Connect LTD)
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [226920 2011-05-11] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-03-18] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-02] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\JustCloud\JustCloud.exe (JustCloud.com)
Startup: C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: 1AMPCBOK -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => C:\windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1AMPCBSyncing -> {4d87b7a7-23f1-470c-aa45-96b25b9bd138} => No File
ShellIconOverlayIdentifiers-x32: 1AMPCBOK -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: 1AMPCBSyncing -> {4d87b7a7-23f1-470c-aa45-96b25b9bd138} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:61807;https=127.0.0.1:61807
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
URLSearchHook: HKLM-x32 - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Users\Dorina Heller\AppData\LocalLow\entrusted\prxtbent0.dll (ClientConnect Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {BCF6A707-0D01-49AD-B6F4-DC341F125C3E} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.max-start.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
SearchScopes: HKCU - {1D303A1D-70FD-45BE-85A4-202D8A512A15} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN30337172355168272&UM=2
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120911193311.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: mixidj Helper Object -> {4D6A9BBF-402C-4301-B1EF-28D04F71D761} -> C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120911193312.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DealPly Shopping -> {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} -> C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: entrusted Toolbar -> {e44a1809-4d10-4ab8-b343-3326b64c7cdd} -> C:\Users\Dorina Heller\AppData\LocalLow\entrusted\prxtbent0.dll (ClientConnect Ltd.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Users\Dorina Heller\AppData\LocalLow\entrusted\prxtbent0.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ)
Toolbar: HKCU - No Name - {E44A1809-4D10-4AB8-B343-3326B64C7CDD} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default
FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvTcAB5AJeHBURnFF6uAFa6bQzwdrpmJfww8cvQmsKemc8OTNEvvXemzbZmQyc0qQ,
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Delta Toolbar - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\ffxtlbr@delta.com [2013-05-10]
FF Extension: MixiDJ Toolbar - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\ffxtlbr@mixidj.com [2013-09-17]
FF Extension: Ask Toolbar - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\toolbar@ask.com [2012-09-10]
FF Extension: Wajam - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [2013-09-17]
FF Extension: SaveSense - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2013-12-27]
FF Extension: DealPly Shopping - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f} [2013-09-17]
FF Extension: WOT - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: QuickShare Widget - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{b5a625b8-017c-4e0c-a7b1-1b991e439265} [2014-03-10]
FF Extension: NoScript - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-03]
FF Extension: Adblock Plus - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-06-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-05-25]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP08C621C6-6C4F-4FA4-A536-CEA88C711E8A&SSPV="
CHR DefaultSearchKeyword: Default -> enhanced-search.com
CHR DefaultSearchProvider: Default -> Search the web
CHR DefaultSearchURL: Default -> hxxp://www.enhanced-search.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
CHR Profile: C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (QuickShare Widget) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-10-09]
CHR Extension: (Google Docs) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-21]
CHR Extension: (Google Drive) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-21]
CHR Extension: (MixiDJ Toolbar) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp [2013-09-17]
CHR Extension: (McAfee Security Scan+) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google-Suche) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-21]
CHR Extension: (Delta Toolbar) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-05-10]
CHR Extension: (SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-01-21]
CHR Extension: (SaveSense) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk [2013-12-27]
CHR Extension: (DealPly Germany) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf [2013-09-17]
CHR Extension: (Yontoo) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [2014-06-02]
CHR Extension: (DVDVideoSoft) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-06-29]
CHR Extension: (Google Wallet) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-21]
CHR Extension: (Extutil) - C:\Users\DORINA~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-16]
CHR Extension: (Managera) - C:\Users\DORINA~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-01-02]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Dorina Heller\AppData\Local\Smartbar/Application\1Extension.crx []
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-07]
CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\Dorina Heller\AppData\Roaming\BabSolution\CR\mixiDj.crx [2013-09-17]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Dorina Heller\AppData\Roaming\BabSolution\CR\delta2.crx [2013-05-10]
CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx [2013-04-19]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2014-05-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [186496 2014-03-18] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 BackupStack; C:\Program Files (x86)\JustCloud\BackupStack.exe [38440 2013-09-20] (Just Develop It)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-17] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-17] (DealPly Technologies Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-09-10] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-07-17] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-07-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-07-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-12-27] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-12-27] (SaveSense)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-24] (TOSHIBA Corporation) [File not signed]
R2 TosCoSrv; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [480256 2011-04-20] (TOSHIBA Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
R2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [303616 2014-07-29] (Wajam Internet Technologies Inc.) [File not signed]
R2 Websteroids; C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe [42872 2014-05-03] (Creative Island Media, LLC)
R2 Yontoo Desktop Updater; C:\Users\Dorina Heller\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-23] (Yontoo LLC)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.)
S3 sxtap; C:\Windows\System32\sxtap.sys [29696 2012-02-05] (iiNES GmbH)
S3 Tosrfcom; No ImagePath
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 SPPD; \??\C:\windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-13 16:13 - 2014-09-13 16:13 - 00000000 ____D () C:\FRST
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-09 20:02 - 2014-09-12 05:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-08 10:59 - 2014-09-08 10:59 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\onlysearch
2014-08-28 18:16 - 2014-09-12 05:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-08-28 12:27 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 12:27 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 12:27 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-25 15:28 - 2014-08-25 15:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{EA2B0657-401B-4D0C-B581-5AD576911003}
2014-08-20 18:08 - 2014-08-20 18:09 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Anki
2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 ____D () C:\ProgramData\Browser
2014-08-19 21:05 - 2014-08-19 21:18 - 247843736 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\OfficeLangPack2013_ChnTrad_x86.exe
2014-08-17 11:06 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-17 11:06 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-17 11:06 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-17 11:06 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-17 11:06 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-17 11:06 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-17 11:06 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-17 11:06 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-16 16:22 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-16 16:22 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-16 16:21 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-16 16:21 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-16 16:21 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-16 16:21 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-16 16:21 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-16 16:21 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-16 16:21 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-16 16:21 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-16 16:21 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-16 16:21 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-16 16:21 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-16 16:21 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-16 16:21 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-16 16:21 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-16 16:21 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-16 16:21 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-16 16:21 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-16 16:21 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-16 16:21 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-16 16:21 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-16 16:21 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-16 16:21 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-16 16:21 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-16 16:21 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-16 16:21 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-16 16:21 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 16:21 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-16 16:21 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-16 16:21 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-16 16:21 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-16 16:21 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-16 16:21 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-16 16:21 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-16 16:21 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-16 16:21 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-16 16:21 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-16 16:21 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-16 16:21 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-16 16:21 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 16:21 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-16 16:21 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-16 16:21 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-16 16:21 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-16 16:21 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-16 16:21 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-16 16:21 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-16 16:21 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-16 16:21 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-16 16:21 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-16 16:21 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-16 16:21 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-16 16:21 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-16 16:21 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-16 16:21 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-16 16:21 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-16 16:21 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-16 16:21 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-16 16:21 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-16 16:21 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-16 16:21 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-16 16:21 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-16 16:21 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-16 16:21 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-16 16:21 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-16 16:21 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-16 16:21 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-16 16:16 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-16 16:16 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-16 16:16 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-16 16:16 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-13 16:13 - 2014-09-13 16:13 - 00000000 ____D () C:\FRST
2014-09-13 16:12 - 2012-09-09 17:32 - 01247166 _____ () C:\windows\WindowsUpdate.log
2014-09-13 15:56 - 2013-12-27 10:51 - 00000946 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-09-13 15:51 - 2013-12-27 10:50 - 00000314 _____ () C:\windows\Tasks\SaveSense.job
2014-09-13 15:43 - 2013-01-21 18:37 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 15:41 - 2012-09-09 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 15:40 - 2014-06-18 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 15:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-13 15:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-13 15:31 - 2014-03-24 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-13 15:30 - 2014-03-24 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-13 15:29 - 2013-10-24 12:14 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 15:27 - 2013-09-17 00:22 - 00000920 _____ () C:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-09-13 15:22 - 2013-09-17 00:22 - 00000312 _____ () C:\windows\Tasks\Dealply.job
2014-09-13 15:22 - 2013-04-02 19:58 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Yontoo
2014-09-13 15:15 - 2013-12-27 10:51 - 00000942 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-09-13 15:14 - 2013-09-17 00:22 - 00000916 _____ () C:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-09-13 15:14 - 2013-01-21 18:37 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 15:12 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-13 15:12 - 2009-07-14 06:51 - 00085381 _____ () C:\windows\setupact.log
2014-09-13 14:04 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Gedanken
2014-09-13 14:04 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bewerbungen
2014-09-13 13:57 - 2014-02-22 12:26 - 00031232 ___SH () C:\Users\Dorina Heller\Documents\Thumbs.db
2014-09-13 13:28 - 2013-12-21 20:22 - 00000223 _____ () C:\Users\Dorina Heller\AppData\Roaming\WB.CFG
2014-09-13 09:52 - 2013-12-22 16:33 - 00003990 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{174F0087-2257-44CC-8E99-A8AAB004518F}
2014-09-12 20:49 - 2013-01-21 19:03 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 13:01 - 2014-03-18 18:15 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Websteroids
2014-09-12 10:16 - 2012-09-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 10:15 - 2014-02-26 03:38 - 01594964 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 10:15 - 2011-02-11 10:21 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-09-12 10:15 - 2011-02-11 10:21 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-09-12 10:14 - 2009-07-14 07:13 - 01594964 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-12 10:13 - 2013-08-16 00:11 - 00000000 ____D () C:\windows\system32\MRT
2014-09-12 09:55 - 2012-09-09 20:04 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-12 05:41 - 2014-05-07 02:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-12 05:41 - 2011-05-25 21:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-09-12 05:41 - 2011-05-25 20:58 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-09-12 05:41 - 2011-05-25 20:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-09-12 05:41 - 2011-05-25 20:49 - 00000000 ____D () C:\Program Files\PlayReady
2014-09-12 05:41 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\SysWOW64\de
2014-09-12 05:41 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-12 05:41 - 2010-11-21 09:06 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\uk-UA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\th-TH
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sr-Latn-CS
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sl-SI
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ro-RO
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Recovery
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ras
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lv-LV
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lt-LT
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\InstallShield
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\icsxml
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\hr-HR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\he-IL
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\et-EE
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\com
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\bg-BG
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ar-SA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\servicing
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\L2Schemas
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-12 05:38 - 2012-09-09 18:05 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-12 05:38 - 2012-09-09 17:55 - 00000000 ____D () C:\windows\SysWOW64\SDA
2014-09-12 05:38 - 2012-09-09 17:47 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-09-12 05:38 - 2012-09-09 17:43 - 00000000 ____D () C:\windows\SysWOW64\Microsoft.VC80.MFC
2014-09-12 05:38 - 2012-09-09 17:42 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-09-12 05:37 - 2012-09-11 20:07 - 00000000 ____D () C:\windows\system32\Macromed
2014-09-12 05:37 - 2012-09-10 22:03 - 00000000 ____D () C:\windows\System32\Tasks\Apple
2014-09-12 05:37 - 2012-09-09 20:33 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-12 05:37 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\system32\de
2014-09-12 05:37 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\system32\restore
2014-09-12 05:37 - 2009-07-14 07:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-09-12 05:37 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-12 05:36 - 2010-11-21 09:16 - 00000000 ____D () C:\windows\ShellNew
2014-09-12 05:35 - 2014-09-09 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-12 05:35 - 2014-08-28 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-12 05:35 - 2014-06-07 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-09-12 05:35 - 2014-03-18 18:15 - 00000000 ____D () C:\ProgramData\Websteroids
2014-09-12 05:35 - 2014-03-18 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-09-12 05:35 - 2014-03-18 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
2014-09-12 05:35 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-12 05:35 - 2014-01-02 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-09-12 05:35 - 2013-12-27 10:50 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-09-12 05:35 - 2013-11-22 02:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-09-12 05:35 - 2013-11-19 23:43 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud
2014-09-12 05:35 - 2013-11-13 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-12 05:35 - 2013-09-17 00:22 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-12 05:35 - 2013-09-17 00:22 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2014-09-12 05:35 - 2013-05-19 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 05:35 - 2013-03-16 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 05:35 - 2013-01-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 05:35 - 2012-11-15 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-09-12 05:35 - 2012-10-01 18:54 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\GameCenter
2014-09-12 05:35 - 2012-09-09 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-12 05:35 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Coeurier
2014-09-12 05:35 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Artikel_Reports_Letters_Family
2014-09-12 05:35 - 2012-09-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-09-12 05:35 - 2012-09-09 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2012-09-09 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA VIDEO PLAYER
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2011-05-25 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Service
2014-09-12 05:34 - 2014-06-07 15:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-09-12 05:34 - 2014-01-02 17:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-09-12 05:34 - 2013-09-17 00:22 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-09-12 05:34 - 2013-06-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-12 05:34 - 2013-05-19 20:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 05:34 - 2013-05-19 20:12 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 05:34 - 2013-04-02 19:58 - 00000000 ____D () C:\Program Files (x86)\Yontoo
2014-09-12 05:34 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 05:34 - 2012-10-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GoforFiles
2014-09-12 05:34 - 2012-10-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GameCenter
2014-09-12 05:34 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-12 05:34 - 2012-09-10 21:06 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\Program Files\Amazon
2014-09-12 05:34 - 2012-09-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2014-09-12 05:33 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-12 05:33 - 2013-12-27 10:50 - 00000000 ____D () C:\Program Files (x86)\SaveSense
2014-09-12 05:33 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 05:33 - 2012-09-09 19:09 - 00000000 ____D () C:\Program Files (x86)\Panda USB Vaccine
2014-09-12 05:33 - 2011-05-25 21:18 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2014-09-12 05:33 - 2011-05-25 20:57 - 00000000 ____D () C:\Program Files (x86)\Photo-Service
2014-09-12 05:32 - 2014-05-11 22:46 - 00000000 ____D () C:\Program Files (x86)\Anki
2014-09-12 05:32 - 2014-03-18 18:14 - 00000000 ____D () C:\Program Files (x86)\InstallConverter
2014-09-12 05:32 - 2013-11-19 23:43 - 00000000 ____D () C:\Program Files (x86)\JustCloud
2014-09-12 05:32 - 2013-09-17 00:22 - 00000000 ____D () C:\Program Files (x86)\DealPly
2014-09-12 05:32 - 2013-06-07 14:25 - 00000000 ____D () C:\Program Files (x86)\entrusted
2014-09-12 05:32 - 2013-06-07 14:23 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-12 05:32 - 2013-05-19 20:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-12 05:32 - 2012-10-01 18:53 - 00000000 ____D () C:\Program Files (x86)\GoforFiles
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-12 05:32 - 2012-09-10 21:20 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-09-12 05:32 - 2012-09-09 19:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-12 05:32 - 2012-09-09 19:08 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-09-12 05:32 - 2012-09-09 18:26 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-09-12 05:20 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-09-12 04:59 - 2011-05-25 21:33 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 04:57 - 2014-03-24 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 22:30 - 2013-10-24 12:14 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 22:30 - 2012-09-11 20:07 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 22:30 - 2012-09-11 20:07 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 20:39 - 2012-09-09 18:20 - 00000000 ____D () C:\Users\Dorina Heller
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 20:38 - 2014-04-13 20:30 - 00000000 ____D () C:\windows\Minidump
2014-09-11 20:37 - 2014-04-13 20:29 - 878928776 _____ () C:\windows\MEMORY.DMP
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-09 20:02 - 2011-05-25 21:36 - 00001839 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-09-08 10:59 - 2014-09-08 10:59 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\onlysearch
2014-09-05 15:05 - 2010-11-21 05:47 - 00377788 _____ () C:\windows\PFRO.log
2014-09-05 14:52 - 2014-05-17 00:50 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Windows Live
2014-09-03 16:46 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 19:21 - 2013-09-30 21:01 - 00000000 ____D () C:\Users\Dorina Heller\Documents\1_SOAS
2014-08-29 10:42 - 2009-07-14 06:45 - 00341344 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-28 00:23 - 2013-10-12 12:34 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Skype
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-27 14:23 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bilder
2014-08-25 15:28 - 2014-08-25 15:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{EA2B0657-401B-4D0C-B581-5AD576911003}
2014-08-25 15:23 - 2011-05-25 21:21 - 00000925 _____ () C:\windows\DirectX.log
2014-08-23 04:07 - 2014-08-28 12:27 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:27 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:27 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-20 18:09 - 2014-08-20 18:08 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Anki
2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 ____D () C:\ProgramData\Browser
2014-08-19 21:18 - 2014-08-19 21:05 - 247843736 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\OfficeLangPack2013_ChnTrad_x86.exe
2014-08-17 12:42 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-08-17 11:50 - 2009-07-14 07:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Dorina Heller\AppData\Local\Temp\APNStub.exe
C:\Users\Dorina Heller\AppData\Local\Temp\avgnt.exe
C:\Users\Dorina Heller\AppData\Local\Temp\BackupSetup.exe
C:\Users\Dorina Heller\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Dorina Heller\AppData\Local\Temp\htmlayout.dll
C:\Users\Dorina Heller\AppData\Local\Temp\Launcher_i215689629.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsb6C66.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsb72CE.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsh5991.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsl3973.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsq3462.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsr2C19.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsr6F83.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsw36A5.exe
C:\Users\Dorina Heller\AppData\Local\Temp\setup.exe
C:\Users\Dorina Heller\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Dorina Heller\AppData\Local\Temp\setup__3862.exe
C:\Users\Dorina Heller\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Dorina Heller\AppData\Local\Temp\tbv5dzl1.dll
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar32794732.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar401920.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar426959.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar448206.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar609854.exe
C:\Users\Dorina Heller\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update167498.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update190633.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update216903.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update223159.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update250568.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update411062.exe
C:\Users\Dorina Heller\AppData\Local\Temp\uti91F8.tmp.exe
C:\Users\Dorina Heller\AppData\Local\Temp\wajam_install.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert3729718752265838003.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert4803162099771479836.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert4910208191893167553.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert5454748389629447788.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert5902075233786785821.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-09 20:00
==================== End Of Log ============================
--- --- ---
15.09.2014, 20:55
Hybrid-Darstellung
