Zitat:
Zitat von schrauber
(Beitrag 1293076)
hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
| FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by Annemarie at 2014-04-29 18:55:16
Running from C:\Users\Annemarie\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Activeris AntiMalware (HKLM-x32\...\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1) (Version: 1.0.0.1 - Activeris)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30620 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{399CF2C5-569E-98B2-8823-073041A3F9F5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0620.342.4745 - Ihr Firmenname) Hidden
AMD Start Now (Version: 2013.0620.342.4745 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2013.0620.342.4745 - Ihr Firmenname) Hidden
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0620.342.4745 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0620.342.4745 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0620.342.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0620.0341.4745 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0620.342.4745 - Advanced Micro Devices, Inc.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3919 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.1.3919 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2817 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Freeven pro 1.2 (HKLM-x32\...\Freeven pro 1.2) (Version: 1.34.4.10 - Freeven) <==== ATTENTION
fst_de_7 (HKLM-x32\...\fst_de_7_is1) (Version: - free_soft_today)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.10.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{F86C62DC-1600-426B-981C-F398EF7CCB24}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 10.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{90EB00F7-A0D2-419B-82DE-59AADCA11790}) (Version: 1.0.6 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{2AFEFC93-F0C7-4390-BB51-F914EC546B30}) (Version: 2.1.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.4.10 - Freeven) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.25.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.29057 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.13.314.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.3.3 - Uniblue Systems Limited) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version: - webssearches) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
21-02-2014 08:37:23 Windows Update
01-04-2014 16:13:10 Windows Update
06-04-2014 15:57:27 Windows Update
24-04-2014 12:24:45 Installed Java 8 Update 5 (64-bit)
29-04-2014 15:08:38 Uniblue SpeedUpMyPC installation
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {13091EA6-D16A-479B-820B-D4E9F184604B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {1610B760-3457-4F36-A2EF-CB21346A96DF} - System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-1 => C:\Program Files (x86)\Freeven pro 1.2\Freeven pro 1.2-codedownloader.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {19790962-01BD-44BB-B972-075B2357B41C} - System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-2 => C:\Program Files (x86)\MediaPlayerplus\48782ae5-b338-4216-a537-e1868ae58073-2.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1AF58742-7C3D-4482-8D9B-BA3C4AAF7257} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {1C253943-4269-4A31-A860-26583F9A4CB6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {20F4D224-401F-4600-A87F-02A50B61DF80} - System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {268889B3-C824-41D2-B0BD-1694DB2A841F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {32503853-736A-4542-AFC6-36A6CF3640BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {3F84C9C4-D8D6-4F36-AA8D-297D6C091686} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-29] (AnyProtect by CMI) <==== ATTENTION
Task: {4B88A718-1EF1-40EC-B51C-6C708430C35F} - System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-5 => C:\Program Files (x86)\Freeven pro 1.2\38a42648-bd73-4777-8dc8-b17dc2695900-5.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {4FEB91F0-03D8-4BEF-9963-E297F8769C37} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-29] (AnyProtect by CMI) <==== ATTENTION
Task: {522CD129-EA02-44A4-9267-24B1C6BCE5CC} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [2014-01-23] (Activeris)
Task: {69B67946-647A-446A-BC03-1DE7E74016E3} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {7780E567-7E65-4314-9CE1-4537D8DD6121} - System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-3 => C:\Program Files (x86)\Freeven pro 1.2\38a42648-bd73-4777-8dc8-b17dc2695900-3.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {7E216137-A09C-4519-B980-8D786F09AF3D} - System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-5 => C:\Program Files (x86)\MediaPlayerplus\48782ae5-b338-4216-a537-e1868ae58073-5.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {84D27124-2A3D-408D-83B1-900865482CE0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {869C66D9-5CE9-420C-A8B0-106F2DA6B090} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8EEF30C2-94A3-4387-89EE-C849032AEB96} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {9D1A96DA-4319-45DC-A952-A48E0459D99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {9DC995FE-C0C7-4B39-AF81-37DC1D689C6C} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-24] (Uniblue Systems Limited) <==== ATTENTION
Task: {A28AD1CD-D4AA-4691-88BD-3A991FF1952E} - System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-2 => C:\Program Files (x86)\Freeven pro 1.2\38a42648-bd73-4777-8dc8-b17dc2695900-2.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {A2E63F5D-7FA8-418C-AD12-0E3BC23A1720} - System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-3 => C:\Program Files (x86)\MediaPlayerplus\48782ae5-b338-4216-a537-e1868ae58073-3.exe [2014-04-29] (Freeven) <==== ATTENTION
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B11703F9-9581-4394-A0E0-5E98317507F0} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-29] (AnyProtect by CMI) <==== ATTENTION
Task: {C4D1AEFD-AFA0-489A-B7E0-FD08DFB52821} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-24] (AVAST Software)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D32AF669-9A1B-4B82-88E2-34F9331CF506} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-01] (Google Inc.)
Task: {E23A0352-00D1-4F9D-963D-4EA6BFF7A570} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-24] (Uniblue Systems Limited) <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-1.job => C:\Program Files (x86)\Freeven pro 1.2\Freeven pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-2.job => C:\Program Files (x86)\Freeven pro 1.2\38a42648-bd73-4777-8dc8-b17dc2695900-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-3.job => C:\Program Files (x86)\Freeven pro 1.2\38a42648-bd73-4777-8dc8-b17dc2695900-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-5.job => C:\Program Files (x86)\Freeven pro 1.2\38a42648-bd73-4777-8dc8-b17dc2695900-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-2.job => C:\Program Files (x86)\MediaPlayerplus\48782ae5-b338-4216-a537-e1868ae58073-2.exe
Task: C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-3.job => C:\Program Files (x86)\MediaPlayerplus\48782ae5-b338-4216-a537-e1868ae58073-3.exe
Task: C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-5.job => C:\Program Files (x86)\MediaPlayerplus\48782ae5-b338-4216-a537-e1868ae58073-5.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-06-20 03:53 - 2013-06-20 03:53 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-06-20 03:53 - 2013-06-20 03:53 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\system32\BsTrace.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\Windows\system32\BsExtendFunc.dll
2013-06-20 03:53 - 2013-06-20 03:53 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2013-06-20 03:53 - 2013-06-20 03:53 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-29 17:09 - 2014-04-28 11:09 - 03267536 _____ () C:\Users\Annemarie\AppData\Local\fst_de_7\upfst_de_7.exe
2014-04-26 19:58 - 2014-04-26 19:58 - 00052736 _____ () C:\Users\Annemarie\AppData\Roaming\VOPackage\VOsrv.exe
2014-04-29 16:55 - 2014-04-29 16:55 - 00078848 _____ () C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe
2014-04-26 00:07 - 2014-04-26 00:07 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042501\algo.dll
2014-04-29 17:09 - 2014-04-29 17:09 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042801\algo.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-10 13:30 - 2013-01-10 13:30 - 00022528 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00009728 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll
2013-01-10 13:35 - 2013-01-10 13:35 - 00055296 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll
2013-03-22 10:06 - 2013-03-22 10:06 - 00387936 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll
2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll
2013-12-26 12:10 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-01-31 17:04 - 2013-01-31 17:04 - 00080120 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll
2013-01-10 11:25 - 2013-01-10 11:25 - 00364544 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll
2014-04-24 17:44 - 2014-04-24 17:44 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-29 17:09 - 2012-09-26 15:31 - 00886272 _____ () C:\Program Files (x86)\Activeris AntiMalware\System.Data.SQLite.dll
2014-04-29 17:09 - 2014-01-23 19:04 - 01718264 _____ () C:\Program Files (x86)\Activeris AntiMalware\acrissys.dll
2014-04-29 17:10 - 2012-09-26 15:31 - 00168448 _____ () C:\Program Files (x86)\Activeris AntiMalware\UNRAR.DLL
2014-04-29 17:16 - 2014-04-29 17:16 - 00117248 _____ () C:\Users\Annemarie\AppData\Local\Temp\nsq9524.tmp\IpConfig.dll
2014-04-29 17:16 - 2014-04-29 17:16 - 00020992 _____ () C:\Users\Annemarie\AppData\Local\Temp\nsq9524.tmp\inetc.dll
2014-03-29 13:08 - 2014-03-29 13:08 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-29 17:45 - 2014-04-29 17:45 - 00117248 _____ () C:\Users\Annemarie\AppData\Local\Temp\nshEFF1.tmp\IpConfig.dll
2014-04-11 18:36 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-04-11 18:36 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-11 18:36 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/29/2014 05:50:43 PM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 34.0.1847.116 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2e28
Startzeit: 01cf63c2b74f3791
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 03ac84fe-cfb6-11e3-be80-3c77e617fd52
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/29/2014 05:50:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ANNICOMPUTER)
Description: Das Paket „DefaultBrowser_NOPUBLISHERID“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (04/29/2014 05:15:50 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 28.0.0.5186 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1fa8
Startzeit: 01cf63bdb1c6c7de
Endzeit: 169
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 20cdea95-cfb1-11e3-be80-3c77e617fd52
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/29/2014 05:09:31 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/28/2014 09:37:23 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 28.0.0.5186 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b64
Startzeit: 01cf630fbc4758d1
Endzeit: 268
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 7f8c9437-cf0c-11e3-be80-3c77e617fd52
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/27/2014 05:53:30 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 28.0.0.5186 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3e8
Startzeit: 01cf622b3b233243
Endzeit: 359
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: 1067f82e-ce24-11e3-be80-3c77e617fd52
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/26/2014 06:28:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9152
Name des fehlerhaften Moduls: Microsoft.WindowsLive.ClientAccessLibrary.dll, Version: 16.4.4388.928, Zeitstempel: 0x50656efe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000277cb5
ID des fehlerhaften Prozesses: 0x1f34
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5
Error: (04/26/2014 02:18:40 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (04/26/2014 01:39:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: atieclxx.exe, Version: 6.14.11.1143, Zeitstempel: 0x51c2ab8e
Name des fehlerhaften Moduls: atieclxx.exe, Version: 6.14.11.1143, Zeitstempel: 0x51c2ab8e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002ea19
ID des fehlerhaften Prozesses: 0x718
Startzeit der fehlerhaften Anwendung: 0xatieclxx.exe0
Pfad der fehlerhaften Anwendung: atieclxx.exe1
Pfad des fehlerhaften Moduls: atieclxx.exe2
Berichtskennung: atieclxx.exe3
Vollständiger Name des fehlerhaften Pakets: atieclxx.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: atieclxx.exe5
Error: (04/26/2014 00:16:02 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed
System errors:
=============
Error: (04/29/2014 05:53:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/29/2014 05:52:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! EmHWID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/29/2014 05:36:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/29/2014 05:28:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/29/2014 05:19:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/29/2014 05:10:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/28/2014 05:55:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/27/2014 02:52:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/26/2014 07:28:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (04/26/2014 01:40:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! HardwareID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Microsoft Office Sessions:
=========================
Error: (04/29/2014 05:50:43 PM) (Source: Application Hang)(User: )
Description: chrome.exe34.0.1847.1162e2801cf63c2b74f37914294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe03ac84fe-cfb6-11e3-be80-3c77e617fd52
Error: (04/29/2014 05:50:37 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ANNICOMPUTER)
Description: DefaultBrowser_NOPUBLISHERID
Error: (04/29/2014 05:15:50 PM) (Source: Application Hang)(User: )
Description: firefox.exe28.0.0.51861fa801cf63bdb1c6c7de169C:\Program Files (x86)\Mozilla Firefox\firefox.exe20cdea95-cfb1-11e3-be80-3c77e617fd52
Error: (04/29/2014 05:09:31 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (04/28/2014 09:37:23 PM) (Source: Application Hang)(User: )
Description: firefox.exe28.0.0.51862b6401cf630fbc4758d1268C:\Program Files (x86)\Mozilla Firefox\firefox.exe7f8c9437-cf0c-11e3-be80-3c77e617fd52
Error: (04/27/2014 05:53:30 PM) (Source: Application Hang)(User: )
Description: firefox.exe28.0.0.51863e801cf622b3b233243359C:\Program Files (x86)\Mozilla Firefox\firefox.exe1067f82e-ce24-11e3-be80-3c77e617fd52
Error: (04/26/2014 06:28:10 PM) (Source: Application Error)(User: )
Description: wwahost.exe6.2.9200.16420505a9152Microsoft.WindowsLive.ClientAccessLibrary.dll16.4.4388.92850656efec00000050000000000277cb51f3401cf616c747a7ee1C:\Windows\system32\wwahost.exeC:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.ClientAccessLibrary.dllc132d281-cd5f-11e3-be80-3c77e617fd52microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos
Error: (04/26/2014 02:18:40 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (04/26/2014 01:39:15 PM) (Source: Application Error)(User: )
Description: atieclxx.exe6.14.11.114351c2ab8eatieclxx.exe6.14.11.114351c2ab8ec0000005000000000002ea1971801cf60d43b03fe15C:\Windows\system32\atieclxx.exeC:\Windows\system32\atieclxx.exe647ddd53-cd37-11e3-be80-3c77e617fd52
Error: (04/26/2014 00:16:02 AM) (Source: ATIeRecord)(User: )
Description:
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 3546.25 MB
Available physical RAM: 1599.11 MB
Total Pagefile: 4186.25 MB
Available Pagefile: 1869.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:447.16 GB) (Free:400.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.83 GB) (Free:1.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B4D436BA)
Partition: GPT Partition Type.
==================== End Of Log ============================
--- --- --- Zitat:
Zitat von schrauber
(Beitrag 1293076)
hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
| FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by Annemarie (administrator) on ANNICOMPUTER on 29-04-2014 18:46:58
Running from C:\Users\Annemarie\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\core-static\CCC.exe
() C:\Users\Annemarie\AppData\Local\fst_de_7\upfst_de_7.exe
(Activeris) C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe
() C:\Users\Annemarie\AppData\Roaming\VOPackage\VOsrv.exe
( ) C:\Users\Annemarie\AppData\Roaming\VOPackage\VOPackage.exe
() C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
( ) C:\Users\Annemarie\AppData\Roaming\VOPackage\vopackage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904 2013-01-10] (IVT Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-02-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-24] (AVAST Software)
HKLM-x32\...\Run: [fst_de_7] => "C:\Program Files (x86)\fst_de_7\fst_de_7.exe"
HKLM-x32\...\RunOnce: [upfst_de_7.exe] - C:\Users\Annemarie\AppData\Local\fst_de_7\upfst_de_7.exe -runonce [3267536 2014-04-28] ()
HKLM-x32\...\RunOnce: [VOPackage] - C:\Users\Annemarie\AppData\Roaming\VOPackage\VOPackage.exe /runonce [296161 2014-04-29] ( )
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\de15d3b9-2e74-4153-8c14-385c97120fe0.exe /check [181136 2014-04-29] (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
SearchScopes: HKLM - {742F5B54-2814-4148-98A2-519FD76D0944} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
SearchScopes: HKLM-x32 - {742F5B54-2814-4148-98A2-519FD76D0944} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
SearchScopes: HKCU - {742F5B54-2814-4148-98A2-519FD76D0944} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO: Freeven pro 1.2 - {11111111-1111-1111-1111-110511421153} - C:\Program Files (x86)\Freeven pro 1.2\Freeven pro 1.2-bho64.dll (Freeven)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Freeven pro 1.2 - {11111111-1111-1111-1111-110511421153} - C:\Program Files (x86)\Freeven pro 1.2\Freeven pro 1.2-bho.dll (Freeven)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Annemarie\AppData\Roaming\Mozilla\Firefox\Profiles\xmrj6eug.default
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Quick Start - C:\Users\Annemarie\AppData\Roaming\Mozilla\Firefox\Profiles\xmrj6eug.default\Extensions\quick_start@gmail.com [2014-04-29]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-24]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Annemarie\AppData\Roaming\Mozilla\Firefox\Profiles\xmrj6eug.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Annemarie\AppData\Roaming\Mozilla\Firefox\Profiles\xmrj6eug.default\extensions\quick_start@gmail.com [2014-04-29]
Chrome:
=======
CHR HomePage: hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hp&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707"
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=ds&ts=1398784127&from=tugs&uid=WDCXWD5000LPVX-60V0TT0_WD-WX51A73U0707U0707&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-01]
CHR Extension: (Google Drive) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-01]
CHR Extension: (YouTube) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-01]
CHR Extension: (Google Search) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-01]
CHR Extension: (Freeven pro 1.2) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgpbjjcdccinnndjdgmegndbmhbgglb [2014-04-29]
CHR Extension: (MediaPlayerplus) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-29]
CHR Extension: (Norton Identity Protection) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-01]
CHR Extension: (Google Wallet) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-01]
CHR Extension: (Gmail) - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-24]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Annemarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-29]
==================== Services (Whitelisted) =================
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-06-20] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-06-20] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-24] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704 2013-03-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-04-11] (Hewlett-Packard Development Company, L.P.)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 vosr; C:\Users\Annemarie\AppData\Roaming\VOPackage\VOsrv.exe [52736 2014-04-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-29] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-24] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-24] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-24] (Advanced Micro Devices)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-25] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140221.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140222.007\ENG64.SYS [126040 2013-12-25] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140222.007\EX64.SYS [2099288 2013-12-25] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288840 2013-03-29] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-12-26] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-29 18:46 - 2014-04-29 18:48 - 00025649 _____ () C:\Users\Annemarie\Downloads\FRST.txt
2014-04-29 18:46 - 2014-04-29 18:46 - 00000000 ____D () C:\FRST
2014-04-29 18:45 - 2014-04-29 18:45 - 02061824 _____ (Farbar) C:\Users\Annemarie\Downloads\FRST64.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001859 _____ () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-04-29 17:28 - 2014-04-29 18:05 - 00003106 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-04-29 17:20 - 2014-04-29 17:44 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-29 17:20 - 2014-04-29 17:20 - 00002818 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-29 17:20 - 2014-04-29 17:20 - 00002816 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-29 17:20 - 2014-04-29 17:20 - 00002816 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-29 17:20 - 2014-04-29 17:20 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-29 17:20 - 2014-04-29 17:20 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-29 17:19 - 2014-04-29 17:23 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-29 17:19 - 2014-04-29 17:19 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\SupTab
2014-04-29 17:19 - 2014-04-29 17:19 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-29 17:18 - 2014-04-29 17:20 - 00001202 _____ () C:\Users\Annemarie\AppData\Roaming\aps.scan.quick.results
2014-04-29 17:18 - 2014-04-29 17:20 - 00000318 _____ () C:\Users\Annemarie\AppData\Roaming\aps.uninstall.scan.results
2014-04-29 17:18 - 2014-04-29 17:18 - 00000000 _____ () C:\Users\Annemarie\AppData\Roaming\aps.scan.results
2014-04-29 17:17 - 2014-04-29 17:18 - 00000000 ____D () C:\ProgramData\WPM
2014-04-29 17:17 - 2014-04-29 17:17 - 00004570 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-5
2014-04-29 17:17 - 2014-04-29 17:17 - 00004522 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-5
2014-04-29 17:17 - 2014-04-29 17:17 - 00004458 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-2
2014-04-29 17:17 - 2014-04-29 17:17 - 00001566 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-5.job
2014-04-29 17:17 - 2014-04-29 17:17 - 00001518 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-5.job
2014-04-29 17:17 - 2014-04-29 17:17 - 00001454 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-2.job
2014-04-29 17:17 - 2014-04-29 17:17 - 00001052 _____ () C:\Users\Annemarie\Desktop\AnyProtect.lnk
2014-04-29 17:17 - 2014-04-29 17:17 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-04-29 17:16 - 2014-04-29 17:17 - 00004410 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-2
2014-04-29 17:16 - 2014-04-29 17:17 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-29 17:16 - 2014-04-29 17:16 - 00004486 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-1
2014-04-29 17:16 - 2014-04-29 17:16 - 00004438 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-1
2014-04-29 17:16 - 2014-04-29 17:16 - 00001482 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-1.job
2014-04-29 17:16 - 2014-04-29 17:16 - 00001434 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-1.job
2014-04-29 17:16 - 2014-04-29 17:16 - 00001406 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-2.job
2014-04-29 17:16 - 2014-04-29 17:15 - 01745360 _____ (AnyProtect.com) C:\Users\Annemarie\AppData\Local\nsf9C00.tmp
2014-04-29 17:14 - 2014-04-29 17:14 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\VOPackage
2014-04-29 17:14 - 2014-04-29 17:14 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-29 17:12 - 2014-04-29 18:12 - 00000312 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-04-29 17:12 - 2014-04-29 17:12 - 00003230 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-04-29 17:11 - 2014-04-29 17:12 - 00002534 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-04-29 17:11 - 2014-04-29 17:12 - 00000306 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-04-29 17:11 - 2014-04-29 17:11 - 00001172 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-04-29 17:11 - 2014-04-29 17:11 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Activeris
2014-04-29 17:11 - 2014-04-29 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2014-04-29 17:10 - 2014-04-29 17:10 - 00001165 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-04-29 17:10 - 2014-04-29 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-04-29 17:10 - 2014-04-29 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
2014-04-29 17:09 - 2014-04-29 17:17 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-29 17:09 - 2014-04-29 17:13 - 00000000 ____D () C:\Users\Annemarie\AppData\Local\fst_de_7
2014-04-29 17:09 - 2014-04-29 17:10 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-04-29 17:09 - 2014-04-29 17:10 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-04-29 17:09 - 2014-04-29 17:09 - 00005452 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-3
2014-04-29 17:09 - 2014-04-29 17:09 - 00005452 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-3
2014-04-29 17:09 - 2014-04-29 17:09 - 00002448 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-3.job
2014-04-29 17:09 - 2014-04-29 17:09 - 00002448 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-3.job
2014-04-29 17:09 - 2014-04-29 17:09 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Uniblue
2014-04-29 17:09 - 2014-04-29 17:09 - 00000000 ____D () C:\ProgramData\Activeris
2014-04-29 17:09 - 2014-04-29 17:09 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-04-29 17:09 - 2012-09-26 19:03 - 00020480 _____ () C:\Windows\system32\acrisnative64.exe
2014-04-29 17:08 - 2014-04-29 17:17 - 00000000 ____D () C:\Program Files (x86)\Freeven pro 1.2
2014-04-24 17:45 - 2014-04-24 17:45 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-24 17:45 - 2014-04-24 17:45 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\AVAST Software
2014-04-24 17:45 - 2014-04-24 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-24 17:44 - 2014-04-24 17:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-24 17:44 - 2014-04-24 17:44 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-24 17:44 - 2014-04-24 17:44 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-24 17:44 - 2014-04-24 17:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-24 17:43 - 2014-04-24 17:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-24 17:42 - 2014-04-24 17:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-24 17:40 - 2014-04-24 17:42 - 88882192 _____ (AVAST Software) C:\Users\Annemarie\Downloads\avast_free18_antivirus_setup.exe
2014-04-24 14:26 - 2014-04-24 14:25 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 14:25 - 2014-04-24 14:25 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 14:25 - 2014-04-24 14:25 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 14:25 - 2014-04-24 14:25 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 14:25 - 2014-04-24 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-24 14:25 - 2014-04-24 14:25 - 00000000 ____D () C:\Program Files\Java
2014-04-24 14:22 - 2014-04-24 14:23 - 34131368 _____ (Oracle Corporation) C:\Users\Annemarie\Downloads\jre-8u5-windows-x64.exe
2014-04-11 18:12 - 2014-04-11 18:13 - 00318592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 13:52 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 13:52 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-09 13:52 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-09 13:52 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-02 15:46 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-02 15:46 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-02 15:43 - 2014-02-23 10:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-02 15:43 - 2014-02-23 08:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-02 15:42 - 2014-02-23 10:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-02 15:42 - 2014-02-23 08:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-01 18:56 - 2014-02-23 10:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-01 18:56 - 2014-02-23 10:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-01 18:56 - 2014-02-23 10:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-01 18:56 - 2014-02-23 10:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-01 18:56 - 2014-02-23 10:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-01 18:56 - 2014-02-23 10:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-01 18:56 - 2014-02-23 10:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-01 18:56 - 2014-02-23 10:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-01 18:56 - 2014-02-23 08:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-01 18:56 - 2014-02-23 08:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-01 18:56 - 2014-02-23 08:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-01 18:56 - 2014-02-23 08:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-01 18:56 - 2014-02-23 08:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-01 18:56 - 2014-02-23 08:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-01 18:56 - 2014-02-23 06:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-01 18:56 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-01 18:55 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-01 18:55 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-01 18:55 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-01 18:55 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-01 18:55 - 2013-12-07 08:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-01 18:55 - 2013-12-07 07:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-30 19:08 - 2014-04-12 12:00 - 00000000 ____D () C:\Users\Annemarie\Documents\H&M Bestellung-Dateien
2014-03-30 19:08 - 2014-03-30 19:08 - 00015027 _____ () C:\Users\Annemarie\Documents\H&M Bestellung.htm
==================== One Month Modified Files and Folders =======
2014-04-29 18:48 - 2014-04-29 18:46 - 00025649 _____ () C:\Users\Annemarie\Downloads\FRST.txt
2014-04-29 18:46 - 2014-04-29 18:46 - 00000000 ____D () C:\FRST
2014-04-29 18:45 - 2014-04-29 18:45 - 02061824 _____ (Farbar) C:\Users\Annemarie\Downloads\FRST64.exe
2014-04-29 18:37 - 2013-12-25 00:49 - 01673508 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 18:27 - 2014-01-01 12:42 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-29 18:14 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-29 18:12 - 2014-04-29 17:12 - 00000312 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-04-29 18:05 - 2014-04-29 17:28 - 00003106 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-04-29 18:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-29 17:50 - 2014-04-29 17:50 - 00001859 _____ () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-04-29 17:44 - 2014-04-29 17:20 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-29 17:23 - 2014-04-29 17:19 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-29 17:20 - 2014-04-29 17:20 - 00002818 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-29 17:20 - 2014-04-29 17:20 - 00002816 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-29 17:20 - 2014-04-29 17:20 - 00002816 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-29 17:20 - 2014-04-29 17:20 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-29 17:20 - 2014-04-29 17:20 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-29 17:20 - 2014-04-29 17:18 - 00001202 _____ () C:\Users\Annemarie\AppData\Roaming\aps.scan.quick.results
2014-04-29 17:20 - 2014-04-29 17:18 - 00000318 _____ () C:\Users\Annemarie\AppData\Roaming\aps.uninstall.scan.results
2014-04-29 17:19 - 2014-04-29 17:19 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\SupTab
2014-04-29 17:19 - 2014-04-29 17:19 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-29 17:18 - 2014-04-29 17:18 - 00000000 _____ () C:\Users\Annemarie\AppData\Roaming\aps.scan.results
2014-04-29 17:18 - 2014-04-29 17:17 - 00000000 ____D () C:\ProgramData\WPM
2014-04-29 17:17 - 2014-04-29 17:17 - 00004570 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-5
2014-04-29 17:17 - 2014-04-29 17:17 - 00004522 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-5
2014-04-29 17:17 - 2014-04-29 17:17 - 00004458 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-2
2014-04-29 17:17 - 2014-04-29 17:17 - 00001566 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-5.job
2014-04-29 17:17 - 2014-04-29 17:17 - 00001518 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-5.job
2014-04-29 17:17 - 2014-04-29 17:17 - 00001454 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-2.job
2014-04-29 17:17 - 2014-04-29 17:17 - 00001052 _____ () C:\Users\Annemarie\Desktop\AnyProtect.lnk
2014-04-29 17:17 - 2014-04-29 17:17 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-04-29 17:17 - 2014-04-29 17:16 - 00004410 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-2
2014-04-29 17:17 - 2014-04-29 17:16 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-29 17:17 - 2014-04-29 17:09 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-29 17:17 - 2014-04-29 17:08 - 00000000 ____D () C:\Program Files (x86)\Freeven pro 1.2
2014-04-29 17:16 - 2014-04-29 17:16 - 00004486 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-1
2014-04-29 17:16 - 2014-04-29 17:16 - 00004438 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-1
2014-04-29 17:16 - 2014-04-29 17:16 - 00001482 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-1.job
2014-04-29 17:16 - 2014-04-29 17:16 - 00001434 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-1.job
2014-04-29 17:16 - 2014-04-29 17:16 - 00001406 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-2.job
2014-04-29 17:15 - 2014-04-29 17:16 - 01745360 _____ (AnyProtect.com) C:\Users\Annemarie\AppData\Local\nsf9C00.tmp
2014-04-29 17:14 - 2014-04-29 17:14 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\VOPackage
2014-04-29 17:14 - 2014-04-29 17:14 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-29 17:13 - 2014-04-29 17:09 - 00000000 ____D () C:\Users\Annemarie\AppData\Local\fst_de_7
2014-04-29 17:12 - 2014-04-29 17:12 - 00003230 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-04-29 17:12 - 2014-04-29 17:11 - 00002534 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-04-29 17:12 - 2014-04-29 17:11 - 00000306 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-04-29 17:12 - 2014-01-01 12:44 - 00002406 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 17:12 - 2014-01-01 12:39 - 00001378 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-29 17:12 - 2013-12-25 00:54 - 00001681 _____ () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-29 17:11 - 2014-04-29 17:11 - 00001172 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-04-29 17:11 - 2014-04-29 17:11 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Activeris
2014-04-29 17:11 - 2014-04-29 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2014-04-29 17:10 - 2014-04-29 17:10 - 00001165 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-04-29 17:10 - 2014-04-29 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-04-29 17:10 - 2014-04-29 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
2014-04-29 17:10 - 2014-04-29 17:09 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-04-29 17:10 - 2014-04-29 17:09 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-04-29 17:10 - 2014-01-01 12:39 - 00001390 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-29 17:09 - 2014-04-29 17:09 - 00005452 _____ () C:\Windows\System32\Tasks\48782ae5-b338-4216-a537-e1868ae58073-3
2014-04-29 17:09 - 2014-04-29 17:09 - 00005452 _____ () C:\Windows\System32\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-3
2014-04-29 17:09 - 2014-04-29 17:09 - 00002448 _____ () C:\Windows\Tasks\48782ae5-b338-4216-a537-e1868ae58073-3.job
2014-04-29 17:09 - 2014-04-29 17:09 - 00002448 _____ () C:\Windows\Tasks\38a42648-bd73-4777-8dc8-b17dc2695900-3.job
2014-04-29 17:09 - 2014-04-29 17:09 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\Uniblue
2014-04-29 17:09 - 2014-04-29 17:09 - 00000000 ____D () C:\ProgramData\Activeris
2014-04-29 17:09 - 2014-04-29 17:09 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-04-29 16:36 - 2013-03-22 10:00 - 00000983 _____ () C:\Windows\SysWOW64\bscs.ini
2014-04-29 16:34 - 2014-01-01 12:42 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-29 16:34 - 2013-09-20 17:59 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-04-29 16:33 - 2013-09-20 17:59 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-04-28 22:06 - 2013-09-20 17:41 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-04-26 17:03 - 2013-07-19 00:18 - 00830120 _____ () C:\Windows\system32\perfh007.dat
2014-04-26 17:03 - 2013-07-19 00:18 - 00188224 _____ () C:\Windows\system32\perfc007.dat
2014-04-26 17:03 - 2012-07-26 09:28 - 01949368 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-26 13:42 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-26 00:18 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 00:17 - 2012-08-04 00:23 - 00018220 _____ () C:\Windows\PFRO.log
2014-04-26 00:16 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-24 17:45 - 2014-04-24 17:45 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-24 17:45 - 2014-04-24 17:45 - 00000000 ____D () C:\Users\Annemarie\AppData\Roaming\AVAST Software
2014-04-24 17:45 - 2014-04-24 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-24 17:45 - 2014-04-24 17:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-24 17:44 - 2014-04-24 17:44 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-24 17:44 - 2014-04-24 17:44 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-24 17:44 - 2014-04-24 17:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-24 17:44 - 2014-04-24 17:44 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-24 17:43 - 2014-04-24 17:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-04-24 17:43 - 2014-04-24 17:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-24 17:42 - 2014-04-24 17:40 - 88882192 _____ (AVAST Software) C:\Users\Annemarie\Downloads\avast_free18_antivirus_setup.exe
2014-04-24 14:25 - 2014-04-24 14:26 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-24 14:25 - 2014-04-24 14:25 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-24 14:25 - 2014-04-24 14:25 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-24 14:25 - 2014-04-24 14:25 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-24 14:25 - 2014-04-24 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-24 14:25 - 2014-04-24 14:25 - 00000000 ____D () C:\Program Files\Java
2014-04-24 14:23 - 2014-04-24 14:22 - 34131368 _____ (Oracle Corporation) C:\Users\Annemarie\Downloads\jre-8u5-windows-x64.exe
2014-04-21 18:13 - 2014-01-26 12:49 - 00000000 ____D () C:\Users\Annemarie\Schule
2014-04-12 12:00 - 2014-03-30 19:08 - 00000000 ____D () C:\Users\Annemarie\Documents\H&M Bestellung-Dateien
2014-04-11 18:13 - 2014-04-11 18:12 - 00318592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 17:54 - 2013-12-29 00:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 17:50 - 2013-12-29 00:20 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 19:07 - 2013-12-25 00:54 - 00000000 ___RD () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-08 19:07 - 2013-12-25 00:54 - 00000000 ___RD () C:\Users\Annemarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-07 20:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-07 20:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-07 20:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-07 20:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-07 20:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-02 16:22 - 2014-01-01 12:42 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 16:22 - 2014-01-01 12:42 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 18:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-04-01 18:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\en-GB
2014-03-31 23:18 - 2013-12-29 11:53 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2013-12-29 11:53 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-30 19:08 - 2014-03-30 19:08 - 00015027 _____ () C:\Users\Annemarie\Documents\H&M Bestellung.htm
2014-03-30 16:17 - 2014-01-01 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Annemarie\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Annemarie\AppData\Local\Temp\GoogleSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-26 20:21
==================== End Of Log ============================
--- --- ---
--- --- --- |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
