Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse (https://www.trojaner-board.de/166859-keine-verbindung-benachrichtigungsdienst-systemereignisse.html)

cosinus 13.05.2015 20:16
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

http://saved.im/mtg0mjy4yjlu/2014-04...ryscantool.png

BlueAzure 13.05.2015 20:26

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2015
Ran by Flavia (administrator) on FLAVIA-PC on 13-05-2015 21:23:46
Running from C:\Users\Flavia\Desktop
Loaded Profiles: Flavia (Available profiles: Flavia)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Portrait Displays, Inc) C:\Program Files\Portrait Displays\forteManager\dthtml.exe
(Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab
DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File
FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] ()
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.)
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21]
FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21]
FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25]
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3}
FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30]

Chrome:
=======
CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24]
CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24]
CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24]
CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation)
R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed]
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] ()
R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] ()
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] ()
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] ()
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.)
S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.)
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT)
S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-13] ()
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 StarOpen; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 21:23 - 2015-05-13 21:24 - 00024271 _____ () C:\Users\Flavia\Desktop\Main.txt
2015-05-13 20:25 - 2015-05-13 20:25 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-05-13 19:50 - 2015-05-13 19:53 - 00069586 _____ () C:\Users\Flavia\Main.txt
2015-05-13 19:49 - 2015-05-13 19:49 - 00000000 ____D () C:\Users\Flavia\Desktop\FRST-OlderVersion
2015-05-13 19:31 - 2015-05-13 19:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Flavia\Downloads\revosetup95.exe
2015-05-13 19:31 - 2015-05-13 19:31 - 00001190 _____ () C:\Users\Flavia\Desktop\Revo Uninstaller.lnk
2015-05-13 19:31 - 2015-05-13 19:31 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-05-13 15:26 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:14 - 2015-05-13 15:23 - 00000000 ____D () C:\5e70d9db387db9995457cc6f15b48b
2015-05-13 10:35 - 2015-05-13 10:35 - 00145871 _____ () C:\Users\Flavia\Downloads\Robe-rose.package
2015-05-13 10:07 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-13 10:07 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:07 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:07 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:07 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:07 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:07 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:07 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:07 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:07 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:07 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:07 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:07 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:07 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:07 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:07 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:07 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:07 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:07 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:07 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:07 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:07 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:07 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:07 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:07 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:07 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:07 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:07 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:07 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:07 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:07 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:07 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:07 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:07 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:06 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:06 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:06 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:06 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:06 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:06 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:06 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:06 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:06 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:06 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:05 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 08:43 - 2015-05-13 08:43 - 00004390 _____ () C:\Users\Flavia\Desktop\AdwCleaner[S0].txt
2015-05-13 08:05 - 2015-05-13 19:53 - 00080012 _____ () C:\Users\Flavia\Addition.txt
2015-05-13 08:04 - 2015-05-13 19:53 - 00069586 _____ () C:\Users\Flavia\FRST.txt
2015-05-13 08:04 - 2015-05-13 19:49 - 01143808 _____ (Farbar) C:\Users\Flavia\Desktop\FRST.exe
2015-05-13 08:01 - 2015-05-13 08:01 - 00001465 _____ () C:\Users\Flavia\Desktop\JRT.txt
2015-05-13 07:59 - 2015-05-13 07:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FLAVIA-PC-Windows-7-Ultimate-(32-bit).dat
2015-05-13 07:59 - 2015-05-13 07:59 - 00000000 ____D () C:\RegBackup
2015-05-12 23:32 - 2015-05-12 23:33 - 00000000 ____D () C:\AdwCleaner
2015-05-12 23:29 - 2015-05-12 23:27 - 02720307 _____ (Thisisu) C:\Users\Flavia\Desktop\JRT.exe
2015-05-12 23:29 - 2015-05-12 23:26 - 02209792 _____ () C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe
2015-05-12 23:21 - 2015-05-12 23:21 - 00026009 _____ () C:\Users\Flavia\Desktop\mbam.txt
2015-05-12 22:31 - 2015-05-12 23:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-12 22:30 - 2015-05-12 22:30 - 00001028 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-12 22:30 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-12 22:30 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-12 22:30 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-12 22:29 - 2015-05-12 22:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Flavia\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-12 21:48 - 2015-05-12 21:50 - 00079509 _____ () C:\Users\Flavia\Downloads\Addition.txt
2015-05-12 21:47 - 2015-05-13 21:23 - 00000000 ____D () C:\FRST
2015-05-12 21:47 - 2015-05-12 21:50 - 00064531 _____ () C:\Users\Flavia\Downloads\FRST.txt
2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe
2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software
2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real
2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000
2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package
2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package
2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip
2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip
2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip
2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package
2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package
2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package
2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package
2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package
2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package
2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package
2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package
2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip
2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package
2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package
2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package
2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package
2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package
2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package
2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package
2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package
2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package
2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package
2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package
2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package
2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package
2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package
2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package
2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip
2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package
2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package
2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package
2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package
2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package
2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package
2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package
2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package
2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package
2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package
2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package
2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip
2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package
2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package
2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip
2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package
2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package
2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans  Classic Slip-On Core (male) by Pinzombiecupcake.package
2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package
2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package
2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip
2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip
2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip
2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip
2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip
2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip
2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package
2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package
2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package
2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package
2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package
2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package
2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package
2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package
2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package
2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package
2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package
2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package
2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip
2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package
2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package
2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package
2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package
2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package
2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package
2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package
2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip
2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package
2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package
2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package
2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package
2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package
2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package
2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package
2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games
2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games
2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames
2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip
2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package
2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package
2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package
2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package
2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package
2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package
2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package
2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package
2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package
2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package
2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package
2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package
2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip
2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package
2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package
2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package
2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package
2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package
2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package
2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip
2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package
2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip
2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package
2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package
2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package
2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package
2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package
2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package
2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package
2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package
2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package
2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package
2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package
2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip
2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package
2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package
2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package
2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package
2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip
2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package
2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package
2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package
2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package
2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip
2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip
2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package
2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games
2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts
2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin
2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk
2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4
2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin
2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts
2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04
2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList
2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead
2015-04-19 13:58 - 2015-05-13 21:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-13 21:23 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia
2015-05-13 20:57 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files
2015-05-13 20:34 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-13 20:34 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-13 20:32 - 2009-12-28 01:26 - 02076365 _____ () C:\Windows\WindowsUpdate.log
2015-05-13 20:27 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard
2015-05-13 20:25 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-05-13 20:25 - 2011-09-25 16:31 - 00625158 _____ () C:\Windows\PFRO.log
2015-05-13 20:25 - 2011-09-25 14:34 - 00146046 _____ () C:\Windows\setupact.log
2015-05-13 20:25 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-13 20:25 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 19:39 - 2014-01-16 17:13 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\0P1T1G1Q1F
2015-05-13 19:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-05-13 15:52 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat
2015-05-13 15:52 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat
2015-05-13 15:52 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat
2015-05-13 15:52 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat
2015-05-13 15:52 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat
2015-05-13 15:52 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat
2015-05-13 15:52 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 15:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-13 15:45 - 2009-07-14 06:33 - 02339336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 15:44 - 2010-04-28 09:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 15:26 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 15:23 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 15:14 - 2009-12-27 17:09 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 15:10 - 2010-06-04 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 08:02 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps
2015-05-12 23:11 - 2011-03-30 17:25 - 00000000 ____D () C:\Windows\Minidump
2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software
2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download
2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung
2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss
2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify
2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify
2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin
2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity
2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks
2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente
2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx
2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe
2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe
2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java
2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body

==================== Files in the root of some directories =======

2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG
2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin
2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat
2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel
2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg
2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2}
2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 10:31

==================== End Of Log ============================
--- --- ---

BlueAzure 13.05.2015 20:27
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-05-2015
Ran by Flavia at 2015-05-13 21:24:57
Running from C:\Users\Flavia\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled)
Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia
Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D)
Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version:  - )
Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.)
forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.)
PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version:  - )
SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version:  - Uniblue Systems Ltd)
Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios)
Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll ()
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-04-2015 10:07:45 Windows Backup
06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0.
06-04-2015 11:54:30 Removed Skype™ 6.11
10-04-2015 12:19:34 Windows Update
10-04-2015 17:34:27 avast! antivirus system restore point
12-04-2015 19:00:08 Windows Backup
15-04-2015 09:37:53 Windows Update
15-04-2015 10:02:58 Windows Update
16-04-2015 10:49:16 Installed Java 7 Update 75
18-04-2015 11:11:22 Windows Update
19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later.
20-04-2015 15:59:31 Windows Backup
23-04-2015 16:17:06 Removed Aeria Ignite
25-04-2015 10:07:27 Windows Update
26-04-2015 19:00:12 Windows Backup
29-04-2015 09:27:46 Windows Update
03-05-2015 12:21:03 avast! antivirus system restore point
03-05-2015 19:00:05 Windows Backup
03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
06-05-2015 08:53:50 Windows Update
11-05-2015 14:22:32 Windows Backup
12-05-2015 00:40:46 Removed Samsung Kies
13-05-2015 09:32:56 Windows Update
13-05-2015 15:02:49 Windows Update
13-05-2015 19:33:49 Revo Uninstaller's restore point - Pando Media Booster Packages

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe
Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall"
Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe
Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe
Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe
Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\
Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe
Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1
Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO
Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe
Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe
Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.)
Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE
Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe
Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\
Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe
Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe
Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe
Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe"
Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe
Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe
Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe
Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe
Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe
Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe
Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe
Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe
Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop
Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe
Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe
Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia
Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe
Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe
Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe
Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe
Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe
Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe
Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0
Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe
Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe
Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe
Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe
Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe
Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE
Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe
Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-13 15:46 - 2015-05-13 15:46 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051301\algo.dll
2012-02-22 12:43 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2014-10-19 09:06 - 2014-10-19 09:06 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-11-09 19:04 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00167936 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll
2009-12-27 18:54 - 2007-10-11 17:16 - 00102400 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
2009-12-27 18:54 - 2007-10-11 17:17 - 00077824 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
2009-12-27 18:55 - 2007-10-04 14:36 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\drivers\vista.dll
2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7571 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe
FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe
FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe
FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe
FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe
FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe
FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe
FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe
FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe
FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe
FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe
FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe
FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe
FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe
FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe
FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin
FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe
FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe
FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe
FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe
FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe
FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe
FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe
FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe
FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe
FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe
FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe
FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe
FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe
FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe
FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe
FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe
FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe
FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe
FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe
FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe
FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe
FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe
FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe
FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe
FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe
FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe
FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe
FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe
FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe
FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe
FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe
FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe
FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe
FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe
FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe
FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe
FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe
FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe
FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe

==================== Faulty Device Manager Devices =============

Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: USB Device(VID_1f3a_PID_efe8)
Description: USB Device(VID_1f3a_PID_efe8)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: USB Devices
Service: usbUDisc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2015 08:25:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (05/13/2015 08:25:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (05/13/2015 08:25:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (05/13/2015 08:25:46 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/13/2015 08:25:46 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0

Error: (05/13/2015 08:25:46 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::UpdateSASD          Failed to set the sleep time, error=0

Error: (05/13/2015 08:25:46 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CISCTPnpDriverApi::SetBIOSWakeTime  *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2

Error: (05/13/2015 07:33:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied.
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Operation:
  Gathering Writer Data

Context:
  Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
  Writer Name: System Writer
  Writer Instance ID: {b090ed1c-3667-4df4-a457-a49183ca9b15}

Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::ResetBIOS          Reset SASD failed, error=0


System errors:
=============
Error: (05/13/2015 08:25:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/13/2015 03:45:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/13/2015 03:10:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80080005 fehlgeschlagen: Security Update for Windows 7 (KB3046002)

Error: (05/13/2015 03:10:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (05/13/2015 08:28:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/13/2015 08:28:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎05.‎2015 um 08:27:13 unerwartet heruntergefahren.

Error: (05/13/2015 08:00:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Media Player Network Sharing Service" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.

Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2015-05-13 21:23:41.872
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 20:25:44.421
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 20:15:23.577
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 19:48:53.210
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 19:38:43.512
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 19:31:58.372
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 18:27:08.649
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 15:45:20.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 10:30:40.805
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-13 09:02:49.057
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
Percentage of memory in use: 37%
Total physical RAM: 3565.21 MB
Available physical RAM: 2243.2 MB
Total Pagefile: 7128.73 MB
Available Pagefile: 5310.9 MB
Total Virtual: 3071.88 MB
Available Virtual: 2944.42 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:101.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus 14.05.2015 22:35
Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


BlueAzure 15.05.2015 15:33
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 15.05.2015
Suchlauf-Zeit: 08:59:43
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.15.01
Rootkit Datenbank: v2015.05.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Flavia

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 371935
Verstrichene Zeit: 28 Min, 33 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 30
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31F12053-B618-4322-9500-5C9DD440A604}, In Quarantäne, [fcf1138079111521ae5ab8b58f76768a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75CE0034-CBDE-41DD-A27D-BB7989021866}, In Quarantäne, [4f9efb981674b97dd236c7a69d68d927],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CC43BC3-F723-4EB6-B035-84C15C8409E6}, In Quarantäne, [07e67f14602a73c35aadc7a65da8ee12],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F8B48D3-4887-4A62-A603-B04FDB046E70}, In Quarantäne, [ec01870c4c3e74c26b9c95d89174d62a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F067C815-F38B-4773-B8EE-2A86E92E98F1}, In Quarantäne, [6d80cac90c7e280e778f71fca06515eb],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D215FA-A482-4445-B024-11373864496E}, In Quarantäne, [9b524e45aedc9a9cb1559cd108fd6d93],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1567E27B-7BB4-4C33-BE56-CA815E4F63BD}, In Quarantäne, [b13cb2e1335738fea263a3cae0253dc3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1AF4DB00-992D-4169-B75D-87C6EBC41561}, In Quarantäne, [925be3b03f4b78bed2322647b45112ee],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31F12053-B618-4322-9500-5C9DD440A604}, In Quarantäne, [78758c071377cb6bbc49a8c5e81d0ef2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38B69DAE-AA2E-484B-A597-73B595C1C81C}, In Quarantäne, [f7f610830783c86e41c4224b689df40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E651986-2F93-4D79-8EA6-D6B5996128D7}, In Quarantäne, [69844350206a0234b64ebdb024e18c74],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ACB8A0C-E1C2-484A-95EB-882958DA85A0}, In Quarantäne, [3fae6231cdbd092dd92beb828d784db3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5768ECFD-C769-41F0-8327-3686F1C156EB}, In Quarantäne, [b538d8bb424893a3d72e95d8f312d52b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{708FD834-9D28-442B-B7D6-BC7174647392}, In Quarantäne, [e00d93007713ab8b49bba8c55ea7b14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78492A19-F7E0-4114-B05C-6AA5BD1A40D0}, In Quarantäne, [14d9a3f0117965d1ed18313c20e5c53b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{790808D0-4EF6-4EF1-BE53-2E4B59517982}, In Quarantäne, [e30acfc49ceec96d887c135a0302a060],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7CC43BC3-F723-4EB6-B035-84C15C8409E6}, In Quarantäne, [12dbcec5ddad3006cd3785e8cb3ad22e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{81578CC8-F7B8-4710-9055-3A64DBC8A126}, In Quarantäne, [eb02bed5583262d4cc38f07d7f86b749],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D6DFD13-2B71-47B4-8423-9F95FA64C1BB}, In Quarantäne, [25c8c1d28cfed3636a9a6d0094717d83],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F36D6BC-5735-4872-8E46-6EF3772CB925}, In Quarantäne, [17d63b58414951e59d672e3fae57ef11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{912AFA1C-4F24-42C8-B56A-E1185B9D2975}, In Quarantäne, [0be2f1a21971ef4743c2fe6f4eb7a45c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9623AB27-6BD1-4391-81BD-21B16173F1E0}, In Quarantäne, [b63740536723e353ab590d6011f422de],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9DCCC84A-3FBD-4A6C-8ED2-D6C1D26C3787}, In Quarantäne, [ad400c878505a6904cb8b2bb19ec6e92],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8B3A366-2D2A-4B21-9DA1-D73C98B0E250}, In Quarantäne, [46a7672c543637ffb45186e7798c0bf5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D830B82E-C469-4ECB-A729-11B7578268BF}, In Quarantäne, [0edf583b44469e98798b34390203da26],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8771649-FF88-401E-8FFF-AD98ED627C41}, In Quarantäne, [c4290f847515f145c93c1d50b154b64a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB8CFEE2-C2FE-4EDD-9A7B-EEE013A6C42F}, In Quarantäne, [b23b078c8ffba98d8c788be225e059a7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ECA5B9E5-3CD9-46E3-A2F1-E44EC7F4A218}, In Quarantäne, [44a9eea5602a4ee8a461581526df58a8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F827093D-623C-4C17-8561-347739214133}, In Quarantäne, [08e56a29ec9e84b2ba4b0e5f8580cb35],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D215FA-A482-4445-B024-11373864496E}, In Quarantäne, [6b823162e8a241f5f90ace9f927343bd],

Registrierungswerte: 30
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31f12053-b618-4322-9500-5c9dd440a604}|AppName, Plus-HD-2.5-codedownloader.exe, In Quarantäne, [fcf1138079111521ae5ab8b58f76768a]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75ce0034-cbde-41dd-a27d-bb7989021866}|AppName, HD Video Plugin-codedownloader.exe, In Quarantäne, [4f9efb981674b97dd236c7a69d68d927]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7cc43bc3-f723-4eb6-b035-84c15c8409e6}|AppName, Plus-HD-2.5-buttonutil.exe, In Quarantäne, [07e67f14602a73c35aadc7a65da8ee12]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9f8b48d3-4887-4a62-a603-b04fdb046e70}|AppName, HD Video Plugin-buttonutil.exe, In Quarantäne, [ec01870c4c3e74c26b9c95d89174d62a]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f067c815-f38b-4773-b8ee-2a86e92e98f1}|AppName, HD Video Plugin-bg.exe, In Quarantäne, [6d80cac90c7e280e778f71fca06515eb]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f9d215fa-a482-4445-b024-11373864496e}|AppName, Plus-HD-2.5-bg.exe, In Quarantäne, [9b524e45aedc9a9cb1559cd108fd6d93]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1567E27B-7BB4-4C33-BE56-CA815E4F63BD}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [b13cb2e1335738fea263a3cae0253dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1AF4DB00-992D-4169-B75D-87C6EBC41561}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [925be3b03f4b78bed2322647b45112ee]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31f12053-b618-4322-9500-5c9dd440a604}|AppName, Plus-HD-2.5-codedownloader.exe, In Quarantäne, [78758c071377cb6bbc49a8c5e81d0ef2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38B69DAE-AA2E-484B-A597-73B595C1C81C}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [f7f610830783c86e41c4224b689df40c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3E651986-2F93-4D79-8EA6-D6B5996128D7}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [69844350206a0234b64ebdb024e18c74]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4ACB8A0C-E1C2-484A-95EB-882958DA85A0}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [3fae6231cdbd092dd92beb828d784db3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5768ECFD-C769-41F0-8327-3686F1C156EB}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [b538d8bb424893a3d72e95d8f312d52b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{708FD834-9D28-442B-B7D6-BC7174647392}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [e00d93007713ab8b49bba8c55ea7b14f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78492A19-F7E0-4114-B05C-6AA5BD1A40D0}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [14d9a3f0117965d1ed18313c20e5c53b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{790808D0-4EF6-4EF1-BE53-2E4B59517982}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [e30acfc49ceec96d887c135a0302a060]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7cc43bc3-f723-4eb6-b035-84c15c8409e6}|AppName, Plus-HD-2.5-buttonutil.exe, In Quarantäne, [12dbcec5ddad3006cd3785e8cb3ad22e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{81578CC8-F7B8-4710-9055-3A64DBC8A126}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [eb02bed5583262d4cc38f07d7f86b749]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8D6DFD13-2B71-47B4-8423-9F95FA64C1BB}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [25c8c1d28cfed3636a9a6d0094717d83]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F36D6BC-5735-4872-8E46-6EF3772CB925}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [17d63b58414951e59d672e3fae57ef11]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{912AFA1C-4F24-42C8-B56A-E1185B9D2975}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [0be2f1a21971ef4743c2fe6f4eb7a45c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9623AB27-6BD1-4391-81BD-21B16173F1E0}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [b63740536723e353ab590d6011f422de]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9DCCC84A-3FBD-4A6C-8ED2-D6C1D26C3787}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [ad400c878505a6904cb8b2bb19ec6e92]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A8B3A366-2D2A-4B21-9DA1-D73C98B0E250}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [46a7672c543637ffb45186e7798c0bf5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D830B82E-C469-4ECB-A729-11B7578268BF}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [0edf583b44469e98798b34390203da26]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8771649-FF88-401E-8FFF-AD98ED627C41}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [c4290f847515f145c93c1d50b154b64a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB8CFEE2-C2FE-4EDD-9A7B-EEE013A6C42F}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, In Quarantäne, [b23b078c8ffba98d8c788be225e059a7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ECA5B9E5-3CD9-46E3-A2F1-E44EC7F4A218}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [44a9eea5602a4ee8a461581526df58a8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F827093D-623C-4C17-8561-347739214133}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, In Quarantäne, [08e56a29ec9e84b2ba4b0e5f8580cb35]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f9d215fa-a482-4445-b024-11373864496e}|AppName, Plus-HD-2.5-bg.exe, In Quarantäne, [6b823162e8a241f5f90ace9f927343bd]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=708fbf66879d8e4bba127ab2e84702c7
# engine=23858
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-15 02:30:10
# local_time=2015-05-15 04:30:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 25064 183331401 0 0
# scanned=312212
# found=7
# cleaned=0
# scan_time=24744
sh=4C929F89E59670E7CD0A9927AF9B9794D1136C4A ft=1 fh=c0469ad632bfa79c vn="Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Uniblue\RegistryBooster\Launcher.exe.vir"
sh=F58C8C3E7F612CE665EF652B9D7D42C3000471DB ft=1 fh=7db1bcabff80f6cc vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\AeriaGames\EOS\GameClient\System\EOS.exe"
sh=2182D74BE871130D6CBB7EC12503645FB69AF238 ft=1 fh=603965ef7d68fdd4 vn="Variante von Win32/Packed.VMProtect.AAA Trojaner" ac=I fn="C:\Program Files\The Sims 4\Game\Bin\3dmgame.dll"
sh=815CE918A2CF57F5E0A3A9346FD9A6F6B3D03D30 ft=1 fh=028c167410bf2336 vn="Win32/InstallCore.GI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flavia\AppData\Local\PMB Files\Upgrade41270\PMB_updater.exe"
sh=7C284FC4BED8207E9E6AE476FA9699CF67B89E50 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Flavia\AppData\Local\VirtualStore\Program Files\gPotato\AikaOnline\AIKAClientEN100211.zip"
sh=BD4E3221ECB01E8D985872EBED025052CAB33776 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\FLAVIA-PC\Backup Set 2013-01-19 143714\Backup Files 2013-01-19 143714\Backup files 14.zip"
sh=8E523D134FECA6D04275B3761E50937EF99D63F1 ft=0 fh=0000000000000000 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="D:\FLAVIA-PC\Backup Set 2015-03-02 112626\Backup Files 2015-03-02 112626\Backup files 7.zip"

cosinus 16.05.2015 12:08
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\AeriaGames\EOS\GameClient\System\EOS.exe
C:\Program Files\The Sims 4\Game\Bin\3dmgame.dll
C:\Users\Flavia\AppData\Local\PMB Files
C:\Users\Flavia\AppData\Local\VirtualStore\Program Files\gPotato\AikaOnline\AIKAClientEN100211.zip
D:\FLAVIA-PC\Backup Set 2013-01-19 143714\Backup Files 2013-01-19 143714\Backup files 14.zip
D:\FLAVIA-PC\Backup Set 2015-03-02 112626\Backup Files 2015-03-02 112626\Backup files 7.zip
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


BlueAzure 16.05.2015 14:44
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-05-2015 02
Ran by Flavia at 2015-05-16 15:38:24 Run:2
Running from C:\Users\Flavia\Desktop
Loaded Profiles: Flavia (Available profiles: Flavia)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\AeriaGames\EOS\GameClient\System\EOS.exe
C:\Program Files\The Sims 4\Game\Bin\3dmgame.dll
C:\Users\Flavia\AppData\Local\PMB Files
C:\Users\Flavia\AppData\Local\VirtualStore\Program Files\gPotato\AikaOnline\AIKAClientEN100211.zip
D:\FLAVIA-PC\Backup Set 2013-01-19 143714\Backup Files 2013-01-19 143714\Backup files 14.zip
D:\FLAVIA-PC\Backup Set 2015-03-02 112626\Backup Files 2015-03-02 112626\Backup files 7.zip
EmptyTemp:
*****************

C:\AeriaGames\EOS\GameClient\System\EOS.exe => Moved successfully.
C:\Program Files\The Sims 4\Game\Bin\3dmgame.dll => Moved successfully.
C:\Users\Flavia\AppData\Local\PMB Files => Moved successfully.
C:\Users\Flavia\AppData\Local\VirtualStore\Program Files\gPotato\AikaOnline\AIKAClientEN100211.zip => Moved successfully.
D:\FLAVIA-PC\Backup Set 2013-01-19 143714\Backup Files 2013-01-19 143714\Backup files 14.zip => Moved successfully.
D:\FLAVIA-PC\Backup Set 2015-03-02 112626\Backup Files 2015-03-02 112626\Backup files 7.zip => Moved successfully.
EmptyTemp: => Removed 426.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 15:39:47 ====

cosinus 16.05.2015 14:53
Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

BlueAzure 16.05.2015 15:00
Okay, danke für die Tips! Das System läuft wieder normal und bootet auch schnell :)

Kann man eigentlich nun sagen, woran genau das ganze Aufgehänge und das Problem mit dem Benachrichtigungsdienst gelegen hat? Oder war das ein Mix aus mehreren Sachen?
Und kann ich die Scan Tools dann alle deinstallieren und löschen?

Vielen Dank für die Hilfe!! :)

cosinus 16.05.2015 15:11
Dann wären wir durch! :daumenhoc

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
   


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

BlueAzure 16.05.2015 15:38
Okay, alles erledigt! Habe keine Fragen mehr :)

cosinus 16.05.2015 18:21
Sehr schön! :daumenhoc


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:27 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131