Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Probleme mit "Continue VuuPC Installation"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.08.2014, 19:33   #1
Steffi/Wolf
 
Probleme mit "Continue VuuPC Installation" - Standard

Probleme mit "Continue VuuPC Installation"



Hey ho,
auf dem Rechner meiner Mutter erscheint seit kurzem der Ordner "Continue VuuPC Installation".
Seitdem gehen auch immer wieder werbungsseiten bei firefox auf.
Ich kann diesen Ordner leider nicht löschen, bzw. wenn ich es versuchen erscheint er wieder.
Avira kann diese Anwendung nicht finden.

Details zum pc: Windows 8.1 64-bit, AMD E1-2100 APU with Radeon HD Grapics, 4,0GB RAM, AMD Radeon HD 8210.

Über Hilfe hierbei würde ich mich freuen!

Lg steffi

Alt 04.08.2014, 19:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme mit "Continue VuuPC Installation" - Standard

Probleme mit "Continue VuuPC Installation"



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 04.08.2014, 20:01   #3
Steffi/Wolf
 
Probleme mit "Continue VuuPC Installation" - Standard

Probleme mit "Continue VuuPC Installation"




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Andrea (administrator) on ANDREA on 04-08-2014 20:50:41
Running from C:\Users\Andrea\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Users\Andrea\AppData\Local\fst_de_89\upfst_de_89.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Smartbar) C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\fst_de_89\fst_de_89.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-12] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [fst_de_89] => C:\Program Files (x86)\fst_de_89\fst_de_89.exe [3975136 2014-07-04] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [upfst_de_89.exe] => C:\Users\Andrea\AppData\Local\fst_de_89\upfst_de_89.exe [3354616 2014-07-04] ()
HKU\S-1-5-21-2994636758-1569343115-1192238883-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-09-10] (Spotify Ltd)
HKU\S-1-5-21-2994636758-1569343115-1192238883-1001\...\Run: [PriceMeterW] => "C:\Users\Andrea\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-2994636758-1569343115-1192238883-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.exe [29728 2014-06-16] (Smartbar)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [105072 2014-06-19] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [92272 2014-06-19] (Skytech Co., Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWuxdzq8_YEUM9KuTHrqsiX2lBdz7nrrzYQfM0QBE14648M9RGENEsjizSTN664o3w,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
SearchScopes: HKLM - {58E083F7-DE32-4E5F-8B74-DB1B24E8107B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: about:home
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF user.js: detected! => C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\user.js
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\abs@avira.com [2014-08-04]
FF Extension: Fast Start - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\faststartff@gmail.com [2014-07-13]
FF Extension: Shopping Helper Smartbar - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\{c10c45df-f421-79ef-18ae-151e5b23a31c} [2014-07-08]
FF Extension: Rocket New Tab - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b} [2014-07-07]
FF Extension: Adblock Plus - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\extensions\faststartff@gmail.com

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-31] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-08] (BitRaider, LLC)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-07-20] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [757872 2014-06-19] (Cherished Technololgy LIMITED)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-06-16] ()
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S4 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED)
S2 Update NetCrawl; "C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-07-10] (BitRaider)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys [61112 2014-07-05] (StdLib)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 20:50 - 2014-08-04 20:51 - 00020261 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-08-04 20:50 - 2014-08-04 20:50 - 00000000 ____D () C:\FRST
2014-08-04 20:49 - 2014-08-04 20:49 - 02094080 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2014-08-03 13:49 - 2014-08-03 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 20:24 - 2014-07-27 20:24 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-14 22:38 - 2014-07-14 22:38 - 00020652 _____ () C:\Users\Steffi\Documents\borderline.odt
2014-07-14 22:31 - 2014-07-14 22:31 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\OpenOffice
2014-07-14 22:05 - 2014-07-16 15:28 - 00001150 _____ () C:\Users\Andrea\Desktop\Continue VuuPC Installation.lnk
2014-07-14 20:30 - 2014-07-14 22:38 - 00026112 ___SH () C:\Users\Steffi\Documents\Thumbs.db
2014-07-13 19:38 - 2014-07-13 19:38 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\WinRAR
2014-07-13 15:42 - 2014-07-13 15:43 - 00000795 _____ () C:\Windows\setupact.log
2014-07-13 15:42 - 2014-07-13 15:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 04:17 - 2014-07-13 04:17 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Macromedia
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Macromedia
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Mozilla
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Mozilla
2014-07-12 22:17 - 2014-07-15 07:14 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{03BAD60E-FD30-4629-B053-FAF8E5C6DF30}
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieUserList
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieSiteList
2014-07-12 22:12 - 2014-07-12 22:12 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Avira
2014-07-12 22:11 - 2014-07-16 19:09 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2994636758-1569343115-1192238883-1004
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\ATI
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Local\ATI
2014-07-12 22:09 - 2014-07-16 18:53 - 00000000 __RDO () C:\Users\Steffi\OneDrive
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\TOSHIBA
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\fst_de_89
2014-07-12 22:05 - 2014-07-12 22:08 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Packages
2014-07-12 22:05 - 2014-07-12 22:05 - 00001465 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Adobe
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Local\VirtualStore
2014-07-12 22:04 - 2014-07-12 22:09 - 00000000 ____D () C:\Users\Steffi
2014-07-12 22:04 - 2014-07-12 22:04 - 00000020 ___SH () C:\Users\Steffi\ntuser.ini
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Vorlagen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Startmenü
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Netzwerkumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Lokale Einstellungen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Eigene Dateien
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Druckumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Musik
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Bilder
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Verlauf
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Anwendungsdaten
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Anwendungsdaten
2014-07-12 22:04 - 2014-07-10 18:06 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 22:04 - 2014-06-06 15:34 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-12 22:04 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-12 22:04 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-12 22:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-12 22:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-12 21:43 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-12 21:43 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-12 21:41 - 2014-07-12 21:41 - 00001672 _____ () C:\Windows\PFRO.log
2014-07-10 18:06 - 2014-07-10 18:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 13:10 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-10 13:09 - 2014-08-04 15:53 - 02014199 _____ () C:\Windows\WindowsUpdate.log
2014-07-10 01:36 - 2014-07-10 01:36 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTOR
2014-07-09 23:57 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 23:57 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 23:57 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 23:57 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 23:57 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-09 23:57 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-09 23:57 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-09 23:57 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-07-09 23:57 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-09 23:57 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 23:56 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 23:56 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 23:56 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 23:56 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 23:55 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 23:54 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 23:54 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 23:54 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 23:54 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 23:54 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 23:54 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 23:54 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 23:54 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 23:54 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 23:54 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 23:54 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 23:54 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 23:54 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 23:54 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 23:54 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 23:54 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 23:54 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 23:54 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 23:54 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 23:54 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 23:54 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 23:54 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 23:53 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 23:53 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 23:53 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 23:53 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 23:53 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 23:52 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-09 23:52 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-07-09 23:52 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-09 23:52 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-09 23:52 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 23:52 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-09 23:52 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-09 23:52 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 23:52 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-09 23:52 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-09 23:52 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-09 23:52 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-09 23:52 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 23:52 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-09 23:52 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 23:22 - 2014-07-09 23:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-08 12:23 - 2014-07-10 01:36 - 00000000 ____D () C:\ProgramData\BitRaider
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTORPerf
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-08 12:21 - 2014-07-08 12:22 - 00015811 _____ () C:\Users\Andrea\Documents\Install STAR WARS The Old Republic.log
2014-07-08 12:21 - 2014-07-08 12:22 - 00000000 _____ () C:\end
2014-07-08 12:20 - 2014-07-08 12:21 - 29720272 _____ () C:\Users\Andrea\Downloads\SWTOR_setup.exe
2014-07-08 07:45 - 2014-07-08 07:46 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-08 07:45 - 2014-07-08 07:45 - 00002473 _____ () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Smartbar
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\LPT
2014-07-07 01:28 - 2014-07-07 01:28 - 00591320 _____ (ClickMeIn Limited) C:\Users\Andrea\AppData\Local\nsqAE4C.tmp
2014-07-07 01:08 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-07-07 01:08 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-07-07 01:08 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-07-07 01:08 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-07-07 01:08 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-07-07 01:07 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-07-07 01:07 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-07-07 01:07 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-07-07 01:07 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-07-07 01:07 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-07-07 01:07 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-07-07 01:07 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-07-07 01:07 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-07-07 01:07 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-07-07 01:07 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-07-07 01:07 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-07-07 01:07 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-07-07 01:07 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-07-07 01:07 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-07-07 01:07 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-07-07 01:07 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-07-07 01:07 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-07-07 01:07 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-07-07 01:07 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-07-07 01:07 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-07-07 01:07 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-07-07 01:07 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-07-07 01:07 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-07-07 01:07 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-07-07 01:07 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-07-07 01:07 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-07-07 01:07 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-07-07 01:07 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-07-07 01:07 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-07-07 01:07 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-07-07 01:07 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-07-07 01:07 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-07-07 01:07 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-07-07 01:07 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-07-07 01:07 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-07-07 01:07 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-07-07 01:07 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-07-07 01:07 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-07-07 01:07 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-07-07 01:07 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-07-07 01:07 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-07-07 01:07 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-07-07 01:07 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-07-07 01:07 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-07-07 01:07 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-07-07 01:07 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-07-07 01:07 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-07-07 01:07 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-07-07 01:07 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-07-07 01:07 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-07-07 01:07 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-07-07 01:07 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-07-07 01:07 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-07-07 01:07 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-07-07 01:07 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-07-07 01:07 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-07-07 01:07 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-07-07 01:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-07-07 01:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-07-07 01:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-07-07 01:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-07-07 01:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-07-07 01:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-07-07 01:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-07-07 01:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-07-07 01:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-07-07 01:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-07-07 01:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-07-07 01:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-07-07 01:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-07-07 01:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-07-07 01:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-07-07 01:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-07-07 01:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-07-07 01:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-07-07 01:02 - 2014-07-08 11:50 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 00:52 - 2014-07-08 07:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-07 00:52 - 2014-07-07 00:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-07 00:51 - 2014-08-04 18:05 - 00000000 ____D () C:\Users\Andrea\AppData\Local\fst_de_89
2014-07-07 00:51 - 2014-07-07 00:51 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-07 00:50 - 2014-07-10 12:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-07 00:50 - 2014-07-07 00:50 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-07 00:50 - 2014-07-07 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 00:49 - 2014-07-07 00:49 - 01141680 _____ () C:\Users\Andrea\Downloads\SteamSetup.exe
2014-07-07 00:31 - 2014-07-07 00:38 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter Express
2014-07-07 00:29 - 2014-08-04 20:29 - 00000310 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-07 00:29 - 2014-07-07 01:49 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-07 00:29 - 2014-07-07 01:29 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-07 00:29 - 2014-07-07 01:29 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-07 00:29 - 2014-07-07 01:29 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-07 00:29 - 2014-07-07 01:29 - 00000326 _____ () C:\Users\Andrea\AppData\Roaming\aps.uninstall.scan.results
2014-07-07 00:29 - 2014-07-07 00:29 - 00002648 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-07 00:29 - 2014-07-07 00:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\RocketUpdater
2014-07-07 00:28 - 2014-07-07 00:38 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter
2014-07-07 00:28 - 2014-07-07 00:28 - 00003294 _____ () C:\Windows\System32\Tasks\pricemeterdownloader
2014-07-07 00:28 - 2014-07-04 13:23 - 00575887 _____ (ClickMeIn Limited) C:\Users\Andrea\AppData\Local\AnyProtectScannerSetup.exe
2014-07-07 00:16 - 2014-07-27 17:28 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\VOPackage
2014-07-07 00:16 - 2014-07-07 00:41 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Genesis_07062216
2014-07-07 00:16 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-07 00:13 - 2014-07-07 00:16 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-07 00:12 - 2014-07-07 00:12 - 00000000 ____D () C:\Program Files (x86)\dumps
2014-07-06 23:59 - 2014-07-07 00:06 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-07-06 23:55 - 2014-07-06 23:56 - 00568240 _____ () C:\Users\Andrea\Downloads\installer_age_of_empires_2_hd_steam_free_Deutsch.exe
2014-07-06 14:50 - 2014-07-05 06:22 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 20:51 - 2014-08-04 20:50 - 00020261 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-08-04 20:50 - 2014-08-04 20:50 - 00000000 ____D () C:\FRST
2014-08-04 20:49 - 2014-08-04 20:49 - 02094080 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2014-08-04 20:44 - 2014-02-19 18:00 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{278F692E-AFAA-4968-9A2E-4586BA110827}
2014-08-04 20:36 - 2014-04-09 14:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-04 20:29 - 2014-07-07 00:29 - 00000310 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-08-04 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-04 18:05 - 2014-07-07 00:51 - 00000000 ____D () C:\Users\Andrea\AppData\Local\fst_de_89
2014-08-04 15:53 - 2014-07-10 13:09 - 02014199 _____ () C:\Windows\WindowsUpdate.log
2014-08-04 12:19 - 2013-09-10 00:53 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-04 12:19 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-08-04 12:19 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-08-04 12:06 - 2014-02-19 17:49 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2994636758-1569343115-1192238883-1001
2014-08-04 12:02 - 2014-02-19 18:01 - 00000000 __RDO () C:\Users\Andrea\SkyDrive
2014-08-04 04:12 - 2013-12-30 22:17 - 01404094 _____ () C:\Users\Public\CAFADEBUG.log
2014-08-04 04:12 - 2013-12-30 21:48 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-08-04 01:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-04 00:12 - 2014-04-13 22:47 - 00000000 ____D () C:\Users\Andrea\Documents\Steffi
2014-08-03 13:49 - 2014-08-03 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 20:24 - 2014-07-27 20:24 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-27 20:24 - 2014-05-05 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-27 20:24 - 2014-05-05 10:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-27 20:24 - 2013-12-30 21:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-27 17:28 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\VOPackage
2014-07-20 17:25 - 2013-12-30 22:33 - 00002535 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-07-20 17:25 - 2013-12-30 22:33 - 00002519 ____N () C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2014-07-20 17:25 - 2013-12-30 22:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-20 17:25 - 2013-12-30 22:33 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-20 15:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-07-16 19:09 - 2014-07-12 22:11 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2994636758-1569343115-1192238883-1004
2014-07-16 18:53 - 2014-07-12 22:09 - 00000000 __RDO () C:\Users\Steffi\OneDrive
2014-07-16 15:28 - 2014-07-14 22:05 - 00001150 _____ () C:\Users\Andrea\Desktop\Continue VuuPC Installation.lnk
2014-07-15 14:53 - 2014-05-05 19:31 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 07:14 - 2014-07-12 22:17 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{03BAD60E-FD30-4629-B053-FAF8E5C6DF30}
2014-07-14 22:38 - 2014-07-14 22:38 - 00020652 _____ () C:\Users\Steffi\Documents\borderline.odt
2014-07-14 22:38 - 2014-07-14 20:30 - 00026112 ___SH () C:\Users\Steffi\Documents\Thumbs.db
2014-07-14 22:31 - 2014-07-14 22:31 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\OpenOffice
2014-07-14 17:56 - 2014-06-26 00:54 - 00012288 ___SH () C:\Users\Andrea\Downloads\Thumbs.db
2014-07-13 19:38 - 2014-07-13 19:38 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\WinRAR
2014-07-13 16:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-07-13 15:43 - 2014-07-13 15:42 - 00000795 _____ () C:\Windows\setupact.log
2014-07-13 15:42 - 2014-07-13 15:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 14:10 - 2014-02-22 13:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-13 04:17 - 2014-07-13 04:17 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Macromedia
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Macromedia
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Mozilla
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Mozilla
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieUserList
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieSiteList
2014-07-12 22:12 - 2014-07-12 22:12 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Avira
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\ATI
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Local\ATI
2014-07-12 22:09 - 2014-07-12 22:04 - 00000000 ____D () C:\Users\Steffi
2014-07-12 22:08 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Packages
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\TOSHIBA
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\fst_de_89
2014-07-12 22:06 - 2014-02-19 17:52 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-12 22:05 - 2014-07-12 22:05 - 00001465 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Adobe
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Local\VirtualStore
2014-07-12 22:04 - 2014-07-12 22:04 - 00000020 ___SH () C:\Users\Steffi\ntuser.ini
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Vorlagen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Startmenü
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Netzwerkumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Lokale Einstellungen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Eigene Dateien
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Druckumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Musik
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Bilder
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Verlauf
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Anwendungsdaten
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Anwendungsdaten
2014-07-12 21:42 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 21:41 - 2014-07-12 21:41 - 00001672 _____ () C:\Windows\PFRO.log
2014-07-12 21:41 - 2013-08-22 16:44 - 00360600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 18:08 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-10 18:06 - 2014-07-12 22:04 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:06 - 2014-07-10 18:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 18:06 - 2014-04-09 18:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 13:12 - 2014-04-09 18:44 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 13:12 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 13:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-10 12:54 - 2014-07-07 00:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-10 02:22 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 01:36 - 2014-07-10 01:36 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTOR
2014-07-10 01:36 - 2014-07-08 12:23 - 00000000 ____D () C:\ProgramData\BitRaider
2014-07-09 23:22 - 2014-07-09 23:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-09 10:36 - 2014-04-09 14:23 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTORPerf
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-08 12:22 - 2014-07-08 12:21 - 00015811 _____ () C:\Users\Andrea\Documents\Install STAR WARS The Old Republic.log
2014-07-08 12:22 - 2014-07-08 12:21 - 00000000 _____ () C:\end
2014-07-08 12:21 - 2014-07-08 12:20 - 29720272 _____ () C:\Users\Andrea\Downloads\SWTOR_setup.exe
2014-07-08 11:50 - 2014-07-07 01:02 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-08 07:46 - 2014-07-08 07:45 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-08 07:45 - 2014-07-08 07:45 - 00002473 _____ () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Smartbar
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\LPT
2014-07-08 07:41 - 2014-07-07 00:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-07 01:49 - 2014-07-07 00:29 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-07 01:29 - 2014-07-07 00:29 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-07 01:29 - 2014-07-07 00:29 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-07 01:29 - 2014-07-07 00:29 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-07 01:29 - 2014-07-07 00:29 - 00000326 _____ () C:\Users\Andrea\AppData\Roaming\aps.uninstall.scan.results
2014-07-07 01:28 - 2014-07-07 01:28 - 00591320 _____ (ClickMeIn Limited) C:\Users\Andrea\AppData\Local\nsqAE4C.tmp
2014-07-07 00:52 - 2014-07-07 00:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-07 00:52 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-07 00:52 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-07 00:51 - 2014-07-07 00:51 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-07 00:50 - 2014-07-07 00:50 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-07 00:50 - 2014-07-07 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 00:49 - 2014-07-07 00:49 - 01141680 _____ () C:\Users\Andrea\Downloads\SteamSetup.exe
2014-07-07 00:41 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Genesis_07062216
2014-07-07 00:38 - 2014-07-07 00:31 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter Express
2014-07-07 00:38 - 2014-07-07 00:28 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter
2014-07-07 00:29 - 2014-07-07 00:29 - 00002648 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-07 00:29 - 2014-07-07 00:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\RocketUpdater
2014-07-07 00:29 - 2014-02-22 13:35 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-07 00:28 - 2014-07-07 00:28 - 00003294 _____ () C:\Windows\System32\Tasks\pricemeterdownloader
2014-07-07 00:16 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-07 00:16 - 2014-07-07 00:13 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-07 00:12 - 2014-07-07 00:12 - 00000000 ____D () C:\Program Files (x86)\dumps
2014-07-07 00:06 - 2014-07-06 23:59 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-07-06 23:56 - 2014-07-06 23:55 - 00568240 _____ () C:\Users\Andrea\Downloads\installer_age_of_empires_2_hd_steam_free_Deutsch.exe
2014-07-06 14:49 - 2013-08-22 15:25 - 00000226 _____ () C:\Windows\win.ini
2014-07-05 06:22 - 2014-07-06 14:50 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys

Some content of TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\avgnt.exe
C:\Users\Steffi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-13 14:49

==================== End Of Log ============================
         
--- --- ---




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Andrea at 2014-08-04 20:54:35
Running from C:\Users\Andrea\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AMD Start Now (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{142be4a8-895b-4ed9-b1ff-11c76357e3df}) (Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
FreeSoftToday 014.89 (HKLM-x32\...\FreeSoftToday_is1) (Version:  - FrEeSoFtOdAy) <==== ATTENTION
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{69513b34-18a1-48d6-9617-bdf9a2a4e685}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.46 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version:  - sweet-page) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Addendum (x32 Version: 1.00 - TOSHIBA) Hidden
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)
TOSHIBA Password Utility (Version: 5.0.1.0 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-07-2014 00:19:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {023CD9B6-C4CF-42FD-9FEB-EFE25E7D2DE7} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D54BB98-DF56-411B-95F9-4B83D4ADF366} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31C4A738-D1A7-4537-B5AE-14E833504AC4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {33B15517-B5F9-41A7-9FC3-5D3037FE8145} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {419DE7D9-E1D6-4E9B-AFB5-BF15C476718D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5EFA7A98-73BB-431B-A9B9-354D550CB4E1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {69672A5B-F6F8-4159-B283-619085B939F1} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2994636758-1569343115-1192238883-1004
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E84FF1D-1B8C-496D-B141-8C59B1A5351F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {846F7789-5CE9-4CD5-BF14-C60FC50F8640} - System32\Tasks\pricemeterdownloader => C:\Users\Andrea\AppData\Local\PriceMeter\pricemeterd.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8EA0C8F8-AC86-43F2-8A0D-E890DC55FB94} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AE8ABBD4-0CA3-4EBE-AC86-9263BB8CE68F} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {BB2C16DA-74E0-422C-8F52-F4C81B845698} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {C665A574-FC31-4C66-AA99-9318E6C8D257} - System32\Tasks\Rocket Updater => C:\Users\Andrea\AppData\Roaming\RocketUpdater\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D43061B6-F01F-478B-9330-AF059FA97794} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-28] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D8A25A4A-3E88-439B-B85F-B3CDBD7B96C7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DE8AC3F6-9DE0-4D99-B64E-1E806FCC5A6F} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Andrea\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-08-31 05:47 - 2013-08-31 05:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-10 22:54 - 2013-09-10 22:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-07-07 00:51 - 2014-07-04 14:27 - 03354616 _____ () C:\Users\Andrea\AppData\Local\fst_de_89\upfst_de_89.exe
2013-12-30 22:06 - 2013-08-28 17:08 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-07-07 00:51 - 2014-07-04 15:02 - 03975136 _____ () C:\Program Files (x86)\fst_de_89\fst_de_89.exe
2014-05-28 00:55 - 2014-05-28 00:55 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll
2014-05-28 00:55 - 2014-05-28 00:55 - 00521216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll
2014-05-28 00:55 - 2014-05-28 00:55 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2013-08-31 05:47 - 2013-08-31 05:47 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2014-07-07 13:53 - 2014-07-07 13:53 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-07 13:52 - 2014-07-07 13:52 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00046624 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00071712 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srau.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00167456 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 02337824 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00068640 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\spbl.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00157216 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00015904 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\siem.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067616 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00698400 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00016416 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00080416 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00028704 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00060960 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srut.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00031264 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067104 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00151072 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\smti.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032800 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srom.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032288 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\smtu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00040992 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\smta.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047648 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srbu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026144 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\sgml.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00063520 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026656 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00045088 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-16 14:10 - 2014-06-16 14:10 - 00026656 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00036896 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00194592 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 11:21 - 2014-05-12 11:21 - 00061440 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00257056 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srns.dll
2014-05-05 10:24 - 2014-07-07 13:53 - 00049744 _____ () C:\Users\Andrea\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-03 13:49 - 2014-08-03 13:49 - 03692656 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Andrea\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Steffi\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKCU\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\Steffi\ntuser.dat

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\Steffi\ntuser.dat

Error: (07/22/2014 07:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/21/2014 09:51:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (08/04/2014 04:12:29 AM) (Source: DCOM) (EventID: 10010) (User: Andrea)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/03/2014 11:59:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingHealthAndFitness

Error: (08/03/2014 11:59:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.FreshPaint

Error: (08/03/2014 11:59:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingSports

Error: (08/03/2014 11:59:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Evernote.Evernote

Error: (08/03/2014 11:59:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: EnnovaResearch.ToshibaPlaces

Error: (08/03/2014 11:58:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingFoodAndDrink

Error: (08/03/2014 11:58:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.ZuneVideo

Error: (08/03/2014 11:58:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingNews

Error: (08/03/2014 11:58:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.SkypeApp


Microsoft Office Sessions:
=========================
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description: 

Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description: 

Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\Steffi\ntuser.dat

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description: 

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description: 

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\Steffi\ntuser.dat

Error: (07/22/2014 07:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/21/2014 09:51:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 3533.51 MB
Available physical RAM: 1503.61 MB
Total Pagefile: 4701.68 MB
Available Pagefile: 1969.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (TI31197600A) (Fixed) (Total:454.83 GB) (Free:379.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 05.08.2014, 14:51   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme mit "Continue VuuPC Installation" - Standard

Probleme mit "Continue VuuPC Installation"



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.08.2014, 20:34   #5
Steffi/Wolf
 
Probleme mit "Continue VuuPC Installation" - Standard

Probleme mit "Continue VuuPC Installation"



Danke erst mal für die schnelle hilfe!

Welches davon ist gemeint?


Angehängte Grafiken
Dateityp: jpg Screenshot (2).jpg (66,3 KB, 466x aufgerufen)

Alt 06.08.2014, 15:26   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Probleme mit "Continue VuuPC Installation" - Standard

Probleme mit "Continue VuuPC Installation"



Schau in die Addition.txt von FRST, dort findest du den Zusatz ATTENTION hinter einigen Programmen
__________________
--> Probleme mit "Continue VuuPC Installation"

Antwort

Themen zu Probleme mit "Continue VuuPC Installation"
64-bit, amd, amd radeon, anwendung, continue, erschein, erscheint, firefox, freue, hierbei, hilfe, immer wieder, installation, kurzem, löschen, mutter, nicht löschen, ordner, probleme, radeon, ram, rechner, versuche, vuupc, win 8, windows, windows 8.1, würde



Ähnliche Themen: Probleme mit "Continue VuuPC Installation"


  1. Windows 8: Ca. vor 1 Monat "continue live installation" eingefangen
    Plagegeister aller Art und deren Bekämpfung - 20.10.2015 (5)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Ich bekomme "Click to continue - smartshopping" nicht runter vom PC
    Log-Analyse und Auswertung - 06.11.2014 (1)
  4. Internet Explorer öffnet Pup ups von "lpcloudbox" nach Installation von FreeYoutubeDownloader "update"
    Log-Analyse und Auswertung - 07.09.2014 (5)
  5. Win7 64bit "Windows Version installer, Continue VuuPC Installation, MyPC Backup, Advanced System Protector,..."
    Log-Analyse und Auswertung - 03.07.2014 (21)
  6. "Continue VuuPC Installation" vom Rechner entfernen
    Log-Analyse und Auswertung - 19.06.2014 (16)
  7. "Continue VuuPC Installation" - Ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 11.05.2014 (9)
  8. "cdncache-a.akamaihd.net" - PopUp's, Werbebanner und "click to continue"-Links
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (39)
  9. "Please Install Lightspark Player Pro to Continue" entfernen
    Anleitungen, FAQs & Links - 07.02.2014 (2)
  10. "Please Install FLV Player Continue" entfernen
    Anleitungen, FAQs & Links - 18.01.2014 (2)
  11. "Please Install ViddyHD Media Player to Continue" entfernen
    Anleitungen, FAQs & Links - 17.01.2014 (2)
  12. Windows XP Nach Installation von HP Player immer zwei Startseiten beim Öffnen von Google chrome "start.iminent.com" und "Search gol"
    Log-Analyse und Auswertung - 08.10.2013 (5)
  13. Ich kann "click to continue > by coupon dropdown" im Firefox nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 18.05.2013 (2)
  14. Mit dem Titel "Click to Continue by Browse to Save" öffnen sich im Internet-Browser ein fremdes Werbefenster
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (5)
  15. "click to continue" oder "browse to save" entfernen
    Log-Analyse und Auswertung - 02.04.2013 (21)
  16. Malware: "Click to Continue > by CouponDropDown" entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.03.2013 (7)
  17. "click to continue" oder "browse to save" entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (2)

Zum Thema Probleme mit "Continue VuuPC Installation" - Hey ho, auf dem Rechner meiner Mutter erscheint seit kurzem der Ordner "Continue VuuPC Installation". Seitdem gehen auch immer wieder werbungsseiten bei firefox auf. Ich kann diesen Ordner leider nicht - Probleme mit "Continue VuuPC Installation"...
Archiv
Du betrachtest: Probleme mit "Continue VuuPC Installation" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.