Steffi/Wolf | 04.08.2014 20:01 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Andrea (administrator) on ANDREA on 04-08-2014 20:50:41
Running from C:\Users\Andrea\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Users\Andrea\AppData\Local\fst_de_89\upfst_de_89.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Smartbar) C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\fst_de_89\fst_de_89.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-12] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-31] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [fst_de_89] => C:\Program Files (x86)\fst_de_89\fst_de_89.exe [3975136 2014-07-04] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [189520 2014-07-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [upfst_de_89.exe] => C:\Users\Andrea\AppData\Local\fst_de_89\upfst_de_89.exe [3354616 2014-07-04] ()
HKU\S-1-5-21-2994636758-1569343115-1192238883-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-09-10] (Spotify Ltd)
HKU\S-1-5-21-2994636758-1569343115-1192238883-1001\...\Run: [PriceMeterW] => "C:\Users\Andrea\AppData\Local\PriceMeter\pricemeterw.exe"
HKU\S-1-5-21-2994636758-1569343115-1192238883-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.exe [29728 2014-06-16] (Smartbar)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [105072 2014-06-19] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [92272 2014-06-19] (Skytech Co., Ltd.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWuxdzq8_YEUM9KuTHrqsiX2lBdz7nrrzYQfM0QBE14648M9RGENEsjizSTN664o3w,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403776969&from=cor&uid=TOSHIBAXMQ01ABF050_Z3JFSWKNSXXZ3JFSWKNS&q={searchTerms}
SearchScopes: HKLM - {58E083F7-DE32-4E5F-8B74-DB1B24E8107B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q={searchTerms}
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
FireFox:
========
FF ProfilePath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: about:home
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeZne7-K03gfKodR-F1QSvvcP9w5Awdv7KWrVNLVqlhaVpMn9mMw3k8oeaFWLtceFWu9oEQa9VgwzU9RSmrvIB58AIjcbgVugt-z_sEr1kvW0wwLdkE3L7-FFfeYXUiS2A,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF user.js: detected! => C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\user.js
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\abs@avira.com [2014-08-04]
FF Extension: Fast Start - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\faststartff@gmail.com [2014-07-13]
FF Extension: Shopping Helper Smartbar - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\{c10c45df-f421-79ef-18ae-151e5b23a31c} [2014-07-08]
FF Extension: Rocket New Tab - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b} [2014-07-07]
FF Extension: Adblock Plus - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-22]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\pgug0xm2.default\extensions\faststartff@gmail.com
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-31] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-07] (Avira Operations GmbH & Co. KG)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-08] (BitRaider, LLC)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-07-20] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [757872 2014-06-19] (Cherished Technololgy LIMITED)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-06-16] ()
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S4 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED)
S2 Update NetCrawl; "C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-07-10] (BitRaider)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys [61112 2014-07-05] (StdLib)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-04 20:50 - 2014-08-04 20:51 - 00020261 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-08-04 20:50 - 2014-08-04 20:50 - 00000000 ____D () C:\FRST
2014-08-04 20:49 - 2014-08-04 20:49 - 02094080 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2014-08-03 13:49 - 2014-08-03 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 20:24 - 2014-07-27 20:24 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-14 22:38 - 2014-07-14 22:38 - 00020652 _____ () C:\Users\Steffi\Documents\borderline.odt
2014-07-14 22:31 - 2014-07-14 22:31 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\OpenOffice
2014-07-14 22:05 - 2014-07-16 15:28 - 00001150 _____ () C:\Users\Andrea\Desktop\Continue VuuPC Installation.lnk
2014-07-14 20:30 - 2014-07-14 22:38 - 00026112 ___SH () C:\Users\Steffi\Documents\Thumbs.db
2014-07-13 19:38 - 2014-07-13 19:38 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\WinRAR
2014-07-13 15:42 - 2014-07-13 15:43 - 00000795 _____ () C:\Windows\setupact.log
2014-07-13 15:42 - 2014-07-13 15:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 04:17 - 2014-07-13 04:17 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Macromedia
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Macromedia
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Mozilla
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Mozilla
2014-07-12 22:17 - 2014-07-15 07:14 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{03BAD60E-FD30-4629-B053-FAF8E5C6DF30}
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieUserList
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieSiteList
2014-07-12 22:12 - 2014-07-12 22:12 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Avira
2014-07-12 22:11 - 2014-07-16 19:09 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2994636758-1569343115-1192238883-1004
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\ATI
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Local\ATI
2014-07-12 22:09 - 2014-07-16 18:53 - 00000000 __RDO () C:\Users\Steffi\OneDrive
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\TOSHIBA
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\fst_de_89
2014-07-12 22:05 - 2014-07-12 22:08 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Packages
2014-07-12 22:05 - 2014-07-12 22:05 - 00001465 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Adobe
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Local\VirtualStore
2014-07-12 22:04 - 2014-07-12 22:09 - 00000000 ____D () C:\Users\Steffi
2014-07-12 22:04 - 2014-07-12 22:04 - 00000020 ___SH () C:\Users\Steffi\ntuser.ini
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Vorlagen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Startmenü
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Netzwerkumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Lokale Einstellungen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Eigene Dateien
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Druckumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Musik
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Bilder
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Verlauf
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Anwendungsdaten
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Anwendungsdaten
2014-07-12 22:04 - 2014-07-10 18:06 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-12 22:04 - 2014-06-06 15:34 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-12 22:04 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-12 22:04 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-12 22:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-12 22:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-12 21:43 - 2014-06-26 22:55 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-12 21:43 - 2014-06-26 22:55 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-12 21:41 - 2014-07-12 21:41 - 00001672 _____ () C:\Windows\PFRO.log
2014-07-10 18:06 - 2014-07-10 18:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 13:10 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-10 13:09 - 2014-08-04 15:53 - 02014199 _____ () C:\Windows\WindowsUpdate.log
2014-07-10 01:36 - 2014-07-10 01:36 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTOR
2014-07-09 23:57 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 23:57 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 23:57 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 23:57 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 23:57 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-09 23:57 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-09 23:57 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-09 23:57 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-07-09 23:57 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-09 23:57 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 23:56 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 23:56 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 23:56 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 23:56 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 23:55 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 23:54 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 23:54 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 23:54 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 23:54 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 23:54 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 23:54 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 23:54 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 23:54 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 23:54 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 23:54 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 23:54 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 23:54 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 23:54 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 23:54 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 23:54 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 23:54 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 23:54 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 23:54 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 23:54 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 23:54 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 23:54 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 23:54 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 23:53 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 23:53 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 23:53 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 23:53 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 23:53 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 23:52 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-09 23:52 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-07-09 23:52 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-09 23:52 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-09 23:52 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 23:52 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-09 23:52 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-09 23:52 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 23:52 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-09 23:52 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-09 23:52 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-09 23:52 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-09 23:52 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 23:52 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-09 23:52 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 23:22 - 2014-07-09 23:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-08 12:23 - 2014-07-10 01:36 - 00000000 ____D () C:\ProgramData\BitRaider
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTORPerf
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-08 12:21 - 2014-07-08 12:22 - 00015811 _____ () C:\Users\Andrea\Documents\Install STAR WARS The Old Republic.log
2014-07-08 12:21 - 2014-07-08 12:22 - 00000000 _____ () C:\end
2014-07-08 12:20 - 2014-07-08 12:21 - 29720272 _____ () C:\Users\Andrea\Downloads\SWTOR_setup.exe
2014-07-08 07:45 - 2014-07-08 07:46 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-08 07:45 - 2014-07-08 07:45 - 00002473 _____ () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Smartbar
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\LPT
2014-07-07 01:28 - 2014-07-07 01:28 - 00591320 _____ (ClickMeIn Limited) C:\Users\Andrea\AppData\Local\nsqAE4C.tmp
2014-07-07 01:08 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2014-07-07 01:08 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-07-07 01:08 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-07-07 01:08 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2014-07-07 01:08 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-07-07 01:08 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-07-07 01:08 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2014-07-07 01:08 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-07-07 01:08 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-07-07 01:08 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-07-07 01:07 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-07-07 01:07 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-07-07 01:07 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2014-07-07 01:07 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-07-07 01:07 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2014-07-07 01:07 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-07-07 01:07 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-07-07 01:07 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-07-07 01:07 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2014-07-07 01:07 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2014-07-07 01:07 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-07-07 01:07 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-07-07 01:07 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2014-07-07 01:07 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2014-07-07 01:07 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-07-07 01:07 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2014-07-07 01:07 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-07-07 01:07 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2014-07-07 01:07 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2014-07-07 01:07 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-07-07 01:07 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-07-07 01:07 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-07-07 01:07 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2014-07-07 01:07 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-07-07 01:07 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2014-07-07 01:07 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-07-07 01:07 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2014-07-07 01:07 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-07-07 01:07 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-07-07 01:07 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2014-07-07 01:07 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-07-07 01:07 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2014-07-07 01:07 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-07-07 01:07 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-07-07 01:07 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-07-07 01:07 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-07-07 01:07 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-07-07 01:07 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2014-07-07 01:07 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-07-07 01:07 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2014-07-07 01:07 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2014-07-07 01:07 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-07-07 01:07 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-07-07 01:07 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-07-07 01:07 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2014-07-07 01:07 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-07-07 01:07 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2014-07-07 01:07 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-07-07 01:07 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2014-07-07 01:07 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2014-07-07 01:07 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-07-07 01:07 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-07-07 01:07 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2014-07-07 01:07 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-07-07 01:07 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2014-07-07 01:07 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2014-07-07 01:07 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-07-07 01:07 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-07-07 01:07 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-07-07 01:07 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2014-07-07 01:07 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2014-07-07 01:07 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2014-07-07 01:07 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-07-07 01:07 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-07-07 01:07 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2014-07-07 01:07 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-07-07 01:07 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2014-07-07 01:06 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-07-07 01:06 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2014-07-07 01:06 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-07-07 01:06 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2014-07-07 01:06 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-07-07 01:06 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2014-07-07 01:06 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-07-07 01:06 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2014-07-07 01:06 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-07-07 01:06 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2014-07-07 01:06 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-07-07 01:06 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2014-07-07 01:06 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-07-07 01:06 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2014-07-07 01:06 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-07-07 01:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-07-07 01:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-07-07 01:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-07-07 01:02 - 2014-07-08 11:50 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 00:52 - 2014-07-08 07:41 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-07 00:52 - 2014-07-07 00:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-07 00:51 - 2014-08-04 18:05 - 00000000 ____D () C:\Users\Andrea\AppData\Local\fst_de_89
2014-07-07 00:51 - 2014-07-07 00:51 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-07 00:50 - 2014-07-10 12:54 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-07 00:50 - 2014-07-07 00:50 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-07 00:50 - 2014-07-07 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 00:49 - 2014-07-07 00:49 - 01141680 _____ () C:\Users\Andrea\Downloads\SteamSetup.exe
2014-07-07 00:31 - 2014-07-07 00:38 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter Express
2014-07-07 00:29 - 2014-08-04 20:29 - 00000310 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-07-07 00:29 - 2014-07-07 01:49 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-07 00:29 - 2014-07-07 01:29 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-07 00:29 - 2014-07-07 01:29 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-07 00:29 - 2014-07-07 01:29 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-07 00:29 - 2014-07-07 01:29 - 00000326 _____ () C:\Users\Andrea\AppData\Roaming\aps.uninstall.scan.results
2014-07-07 00:29 - 2014-07-07 00:29 - 00002648 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-07 00:29 - 2014-07-07 00:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\RocketUpdater
2014-07-07 00:28 - 2014-07-07 00:38 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter
2014-07-07 00:28 - 2014-07-07 00:28 - 00003294 _____ () C:\Windows\System32\Tasks\pricemeterdownloader
2014-07-07 00:28 - 2014-07-04 13:23 - 00575887 _____ (ClickMeIn Limited) C:\Users\Andrea\AppData\Local\AnyProtectScannerSetup.exe
2014-07-07 00:16 - 2014-07-27 17:28 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\VOPackage
2014-07-07 00:16 - 2014-07-07 00:41 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Genesis_07062216
2014-07-07 00:16 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-07 00:13 - 2014-07-07 00:16 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-07 00:12 - 2014-07-07 00:12 - 00000000 ____D () C:\Program Files (x86)\dumps
2014-07-06 23:59 - 2014-07-07 00:06 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-07-06 23:55 - 2014-07-06 23:56 - 00568240 _____ () C:\Users\Andrea\Downloads\installer_age_of_empires_2_hd_steam_free_Deutsch.exe
2014-07-06 14:50 - 2014-07-05 06:22 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-04 20:51 - 2014-08-04 20:50 - 00020261 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-08-04 20:50 - 2014-08-04 20:50 - 00000000 ____D () C:\FRST
2014-08-04 20:49 - 2014-08-04 20:49 - 02094080 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2014-08-04 20:44 - 2014-02-19 18:00 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{278F692E-AFAA-4968-9A2E-4586BA110827}
2014-08-04 20:36 - 2014-04-09 14:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-04 20:29 - 2014-07-07 00:29 - 00000310 _____ () C:\Windows\Tasks\Rocket Updater.job
2014-08-04 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-04 18:05 - 2014-07-07 00:51 - 00000000 ____D () C:\Users\Andrea\AppData\Local\fst_de_89
2014-08-04 15:53 - 2014-07-10 13:09 - 02014199 _____ () C:\Windows\WindowsUpdate.log
2014-08-04 12:19 - 2013-09-10 00:53 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-04 12:19 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-08-04 12:19 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2014-08-04 12:06 - 2014-02-19 17:49 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2994636758-1569343115-1192238883-1001
2014-08-04 12:02 - 2014-02-19 18:01 - 00000000 __RDO () C:\Users\Andrea\SkyDrive
2014-08-04 04:12 - 2013-12-30 22:17 - 01404094 _____ () C:\Users\Public\CAFADEBUG.log
2014-08-04 04:12 - 2013-12-30 21:48 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-08-04 01:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-04 00:12 - 2014-04-13 22:47 - 00000000 ____D () C:\Users\Andrea\Documents\Steffi
2014-08-03 13:49 - 2014-08-03 13:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 20:24 - 2014-07-27 20:24 - 00001164 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-27 20:24 - 2014-05-05 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-27 20:24 - 2014-05-05 10:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-27 20:24 - 2013-12-30 21:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-27 17:28 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\VOPackage
2014-07-20 17:25 - 2013-12-30 22:33 - 00002535 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
2014-07-20 17:25 - 2013-12-30 22:33 - 00002519 ____N () C:\Users\Public\Desktop\WildTangent Games App - toshiba.lnk
2014-07-20 17:25 - 2013-12-30 22:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-20 17:25 - 2013-12-30 22:33 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-20 15:13 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-07-16 19:09 - 2014-07-12 22:11 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2994636758-1569343115-1192238883-1004
2014-07-16 18:53 - 2014-07-12 22:09 - 00000000 __RDO () C:\Users\Steffi\OneDrive
2014-07-16 15:28 - 2014-07-14 22:05 - 00001150 _____ () C:\Users\Andrea\Desktop\Continue VuuPC Installation.lnk
2014-07-15 14:53 - 2014-05-05 19:31 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 07:14 - 2014-07-12 22:17 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{03BAD60E-FD30-4629-B053-FAF8E5C6DF30}
2014-07-14 22:38 - 2014-07-14 22:38 - 00020652 _____ () C:\Users\Steffi\Documents\borderline.odt
2014-07-14 22:38 - 2014-07-14 20:30 - 00026112 ___SH () C:\Users\Steffi\Documents\Thumbs.db
2014-07-14 22:31 - 2014-07-14 22:31 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\OpenOffice
2014-07-14 17:56 - 2014-06-26 00:54 - 00012288 ___SH () C:\Users\Andrea\Downloads\Thumbs.db
2014-07-13 19:38 - 2014-07-13 19:38 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\WinRAR
2014-07-13 16:53 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-07-13 15:43 - 2014-07-13 15:42 - 00000795 _____ () C:\Windows\setupact.log
2014-07-13 15:42 - 2014-07-13 15:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-13 14:10 - 2014-02-22 13:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-13 04:17 - 2014-07-13 04:17 - 00000000 ____D () C:\Windows\System32\Tasks\GenericSettingsHandler
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Macromedia
2014-07-12 22:21 - 2014-07-12 22:21 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Macromedia
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Mozilla
2014-07-12 22:20 - 2014-07-12 22:20 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Mozilla
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieUserList
2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 __SHD () C:\Users\Steffi\AppData\Local\EmieSiteList
2014-07-12 22:12 - 2014-07-12 22:12 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Avira
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\ATI
2014-07-12 22:11 - 2014-07-12 22:11 - 00000000 ____D () C:\Users\Steffi\AppData\Local\ATI
2014-07-12 22:09 - 2014-07-12 22:04 - 00000000 ____D () C:\Users\Steffi
2014-07-12 22:08 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Local\Packages
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\TOSHIBA
2014-07-12 22:06 - 2014-07-12 22:06 - 00000000 ____D () C:\Users\Steffi\AppData\Local\fst_de_89
2014-07-12 22:06 - 2014-02-19 17:52 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-12 22:05 - 2014-07-12 22:05 - 00001465 _____ () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Roaming\Adobe
2014-07-12 22:05 - 2014-07-12 22:05 - 00000000 ____D () C:\Users\Steffi\AppData\Local\VirtualStore
2014-07-12 22:04 - 2014-07-12 22:04 - 00000020 ___SH () C:\Users\Steffi\ntuser.ini
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Vorlagen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Startmenü
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Netzwerkumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Lokale Einstellungen
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Eigene Dateien
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Druckumgebung
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Musik
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Documents\Eigene Bilder
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Verlauf
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\AppData\Local\Anwendungsdaten
2014-07-12 22:04 - 2014-07-12 22:04 - 00000000 _SHDL () C:\Users\Steffi\Anwendungsdaten
2014-07-12 21:42 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-12 21:41 - 2014-07-12 21:41 - 00001672 _____ () C:\Windows\PFRO.log
2014-07-12 21:41 - 2013-08-22 16:44 - 00360600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 18:08 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-10 18:06 - 2014-07-12 22:04 - 00000000 ___RD () C:\Users\Steffi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:06 - 2014-07-10 18:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 18:06 - 2014-04-09 18:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 18:06 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-10 13:12 - 2014-04-09 18:44 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 13:12 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 13:12 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-10 12:54 - 2014-07-07 00:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-10 02:22 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 01:36 - 2014-07-10 01:36 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTOR
2014-07-10 01:36 - 2014-07-08 12:23 - 00000000 ____D () C:\ProgramData\BitRaider
2014-07-09 23:22 - 2014-07-09 23:22 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-09 10:36 - 2014-04-09 14:23 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-07-08 12:23 - 2014-07-08 12:23 - 00000000 ____D () C:\Users\Andrea\AppData\Local\SWTORPerf
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2014-07-08 12:22 - 2014-07-08 12:22 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-08 12:22 - 2014-07-08 12:21 - 00015811 _____ () C:\Users\Andrea\Documents\Install STAR WARS The Old Republic.log
2014-07-08 12:22 - 2014-07-08 12:21 - 00000000 _____ () C:\end
2014-07-08 12:21 - 2014-07-08 12:20 - 29720272 _____ () C:\Users\Andrea\Downloads\SWTOR_setup.exe
2014-07-08 11:50 - 2014-07-07 01:02 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-08 07:46 - 2014-07-08 07:45 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-08 07:45 - 2014-07-08 07:45 - 00002473 _____ () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Smartbar
2014-07-08 07:44 - 2014-07-08 07:44 - 00000000 ____D () C:\Users\Andrea\AppData\Local\LPT
2014-07-08 07:41 - 2014-07-07 00:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-07-07 01:49 - 2014-07-07 00:29 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-07-07 01:29 - 2014-07-07 00:29 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-07-07 01:29 - 2014-07-07 00:29 - 00002828 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-07-07 01:29 - 2014-07-07 00:29 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-07-07 01:29 - 2014-07-07 00:29 - 00000326 _____ () C:\Users\Andrea\AppData\Roaming\aps.uninstall.scan.results
2014-07-07 01:28 - 2014-07-07 01:28 - 00591320 _____ (ClickMeIn Limited) C:\Users\Andrea\AppData\Local\nsqAE4C.tmp
2014-07-07 00:52 - 2014-07-07 00:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-07-07 00:52 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-07 00:52 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-07 00:51 - 2014-07-07 00:51 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-07 00:50 - 2014-07-07 00:50 - 00000990 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-07-07 00:50 - 2014-07-07 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-07 00:49 - 2014-07-07 00:49 - 01141680 _____ () C:\Users\Andrea\Downloads\SteamSetup.exe
2014-07-07 00:41 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Genesis_07062216
2014-07-07 00:38 - 2014-07-07 00:31 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter Express
2014-07-07 00:38 - 2014-07-07 00:28 - 00000000 ____D () C:\Users\Andrea\AppData\Local\PriceMeter
2014-07-07 00:29 - 2014-07-07 00:29 - 00002648 _____ () C:\Windows\System32\Tasks\Rocket Updater
2014-07-07 00:29 - 2014-07-07 00:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\RocketUpdater
2014-07-07 00:29 - 2014-02-22 13:35 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-07 00:28 - 2014-07-07 00:28 - 00003294 _____ () C:\Windows\System32\Tasks\pricemeterdownloader
2014-07-07 00:16 - 2014-07-07 00:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-07 00:16 - 2014-07-07 00:13 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-07-07 00:12 - 2014-07-07 00:12 - 00000000 ____D () C:\Program Files (x86)\dumps
2014-07-07 00:06 - 2014-07-06 23:59 - 00000000 ____D () C:\ProgramData\DSearchLink
2014-07-06 23:56 - 2014-07-06 23:55 - 00568240 _____ () C:\Users\Andrea\Downloads\installer_age_of_empires_2_hd_steam_free_Deutsch.exe
2014-07-06 14:49 - 2013-08-22 15:25 - 00000226 _____ () C:\Windows\win.ini
2014-07-05 06:22 - 2014-07-06 14:50 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys
Some content of TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\avgnt.exe
C:\Users\Steffi\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-13 14:49
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Andrea at 2014-08-04 20:54:35
Running from C:\Users\Andrea\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AMD Start Now (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{142be4a8-895b-4ed9-b1ff-11c76357e3df}) (Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.17.31000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
FreeSoftToday 014.89 (HKLM-x32\...\FreeSoftToday_is1) (Version: - FrEeSoFtOdAy) <==== ATTENTION
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{69513b34-18a1-48d6-9617-bdf9a2a4e685}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.46 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version: - sweet-page) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Addendum (x32 Version: 1.00 - TOSHIBA) Hidden
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)
TOSHIBA Password Utility (Version: 5.0.1.0 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.7 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-07-2014 00:19:10 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {023CD9B6-C4CF-42FD-9FEB-EFE25E7D2DE7} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D54BB98-DF56-411B-95F9-4B83D4ADF366} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31C4A738-D1A7-4537-B5AE-14E833504AC4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {33B15517-B5F9-41A7-9FC3-5D3037FE8145} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {419DE7D9-E1D6-4E9B-AFB5-BF15C476718D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5EFA7A98-73BB-431B-A9B9-354D550CB4E1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {69672A5B-F6F8-4159-B283-619085B939F1} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2994636758-1569343115-1192238883-1004
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6E84FF1D-1B8C-496D-B141-8C59B1A5351F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {846F7789-5CE9-4CD5-BF14-C60FC50F8640} - System32\Tasks\pricemeterdownloader => C:\Users\Andrea\AppData\Local\PriceMeter\pricemeterd.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8EA0C8F8-AC86-43F2-8A0D-E890DC55FB94} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AE8ABBD4-0CA3-4EBE-AC86-9263BB8CE68F} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {BB2C16DA-74E0-422C-8F52-F4C81B845698} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {C665A574-FC31-4C66-AA99-9318E6C8D257} - System32\Tasks\Rocket Updater => C:\Users\Andrea\AppData\Roaming\RocketUpdater\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D43061B6-F01F-478B-9330-AF059FA97794} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-28] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D8A25A4A-3E88-439B-B85F-B3CDBD7B96C7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DE8AC3F6-9DE0-4D99-B64E-1E806FCC5A6F} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\Andrea\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-08-31 05:47 - 2013-08-31 05:47 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-10 22:54 - 2013-09-10 22:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2014-07-07 00:51 - 2014-07-04 14:27 - 03354616 _____ () C:\Users\Andrea\AppData\Local\fst_de_89\upfst_de_89.exe
2013-12-30 22:06 - 2013-08-28 17:08 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-07-07 00:51 - 2014-07-04 15:02 - 03975136 _____ () C:\Program Files (x86)\fst_de_89\fst_de_89.exe
2014-05-28 00:55 - 2014-05-28 00:55 - 01459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll
2014-05-28 00:55 - 2014-05-28 00:55 - 00521216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll
2014-05-28 00:55 - 2014-05-28 00:55 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll
2013-08-31 05:47 - 2013-08-31 05:47 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2014-07-07 13:53 - 2014-07-07 13:53 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-07 13:52 - 2014-07-07 13:52 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00046624 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00071712 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srau.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00167456 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 02337824 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00068640 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\spbl.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00157216 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00015904 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\siem.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067616 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00698400 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00016416 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00080416 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00028704 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00060960 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srut.dll
2014-06-16 14:21 - 2014-06-16 14:21 - 00031264 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00067104 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00151072 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\smti.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032800 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srom.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00032288 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\smtu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00040992 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\smta.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00047648 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srbu.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026144 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\sgml.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00063520 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00026656 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-16 14:18 - 2014-06-16 14:18 - 00045088 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-16 14:10 - 2014-06-16 14:10 - 00026656 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00036896 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00194592 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 11:21 - 2014-05-12 11:21 - 00061440 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-06-16 14:20 - 2014-06-16 14:20 - 00257056 _____ () C:\Users\Andrea\AppData\Local\Smartbar\Application\srns.dll
2014-05-05 10:24 - 2014-07-07 13:53 - 00049744 _____ () C:\Users\Andrea\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-03 13:49 - 2014-08-03 13:49 - 03692656 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Andrea\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Steffi\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\Steffi\ntuser.dat
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\Steffi\ntuser.dat
Error: (07/22/2014 07:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/21/2014 09:51:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
System errors:
=============
Error: (08/04/2014 04:12:29 AM) (Source: DCOM) (EventID: 10010) (User: Andrea)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (08/03/2014 11:59:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingHealthAndFitness
Error: (08/03/2014 11:59:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.FreshPaint
Error: (08/03/2014 11:59:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingSports
Error: (08/03/2014 11:59:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Evernote.Evernote
Error: (08/03/2014 11:59:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: EnnovaResearch.ToshibaPlaces
Error: (08/03/2014 11:58:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingFoodAndDrink
Error: (08/03/2014 11:58:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.ZuneVideo
Error: (08/03/2014 11:58:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.BingNews
Error: (08/03/2014 11:58:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft.SkypeApp
Microsoft Office Sessions:
=========================
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description:
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description:
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (08/03/2014 11:49:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\Steffi\ntuser.dat
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Andrea)
Description:
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Andrea)
Description:
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Andrea)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (08/03/2014 11:46:32 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\Steffi\ntuser.dat
Error: (07/22/2014 07:45:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (07/21/2014 09:51:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 3533.51 MB
Available physical RAM: 1503.61 MB
Total Pagefile: 4701.68 MB
Available Pagefile: 1969.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (TI31197600A) (Fixed) (Total:454.83 GB) (Free:379.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================ |