Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   wurm oder was übles (https://www.trojaner-board.de/165959-wurm-uebles.html)

Joel14 09.04.2015 22:39
wurm oder was übles
 
Hallo
Ich glaub ich hab da etwas eingefangen. Keine internet seite geht mehr auf
Die internetverbindung ist jedoch einwandfrei. Was kann ich tun?

deeprybka 09.04.2015 22:49
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Joel14 09.04.2015 23:39
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Joël (administrator) on JOEL-HP on 10-04-2015 00:34:17
Running from P:\
Loaded Profiles: Joël (Available profiles: Joël & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(BitTorrent Inc.) C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Users\Joël\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
() C:\Users\Joël\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-15] (AVAST Software)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2012-01-18] (VMware, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DXM6Patch_981116] => C:\Windows\p_981116.exe [497376 1998-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [uTorrent] => C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-16] (BitTorrent Inc.)
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [GenieoUpdaterService] => C:\Users\Joël\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe [294240 2014-10-20] ()
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [GenieoSystemTray] => C:\Users\Joël\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe [539488 2014-10-20] ()
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.38.1.1736\jsdrv.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1424248093-816826443-285343795-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CA84F3A1-C833-4BCE-8DF7-4C8474995A97} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1424248093-816826443-285343795-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&ts=1428531375&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1424248093-816826443-285343795-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&ts=1428531375&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1424248093-816826443-285343795-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&ts=1428531375&type=default&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-09-15] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Swift Record 1.0.0.7 -> {2247a894-1cf2-41be-b39a-beaba7cadcdc} -> C:\Program Files (x86)\Swift Record\SwiftRecordbho.dll [2015-04-08] (Swift Record)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-15] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-18] (EasyBits Software Corp.)
Winsock: Catalog9 01 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 02 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 03 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 04 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 05 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 06 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 07 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 08 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 09 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 10 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Winsock: Catalog9 21 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{44C5EE26-39CC-4997-8768-FF5ABF9C2207}: [NameServer] 208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-03] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-03] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin HKU\S-1-5-21-1424248093-816826443-285343795-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-03] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-04-09] (Apple Inc.)
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\englische-ergebnisse.xml [2014-07-22]
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\gmx-suche.xml [2014-07-22]
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\lastminute.xml [2014-07-22]
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\webde-suche.xml [2014-07-22]
FF Extension: WEB.DE MailCheck - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\toolbar@web.de [2015-02-27]
FF Extension: Swift Record 1.0.1 - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\firefox@theswiftrecord.com.xpi [2015-04-08]
FF Extension: Popular Website Buddy - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\jid1-l6V8exwLVv1lBw@jetpack.xpi [2014-05-15]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\vdpure@link64.xpi [2015-02-25]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-26]
FF Extension: Adblock Plus - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-02]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-04]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-04-04]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-15]
FF HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX"
CHR DefaultSearchKeyword: Default -> istartsurf
CHR DefaultSearchURL: Default -> hxxp://www.istartsurf.com/web/?type=ds&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}
CHR Profile: C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-06]
CHR Extension: (Google Docs) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-06]
CHR Extension: (Google Drive) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-06]
CHR Extension: (Google Search) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-06]
CHR Extension: (Google Sheets) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-06]
CHR Extension: (Avira Browser Safety) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-06]
CHR Extension: (avast! Online Security) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-06]
CHR Extension: (Google Wallet) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-06]
CHR Extension: (Gmail) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-06]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-15] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed]
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-03-16] (XTab system)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-03-17] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-03-17] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
S2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-01-18] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-01-18] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-15] ()
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1873024 2012-06-27] (AVerMedia TECHNOLOGIES, Inc.)
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2014-12-08] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-08] (Disc Soft Ltd)
S3 ElgatoGC656Y; C:\Windows\System32\Drivers\ElgatoGC656.sys [94440 2014-07-07] (UB658)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-30] (REALiX(tm))
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 SPDRIVER_1.38.1.1736; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.38.1.1736\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 00:01 - 2015-04-09 23:50 - 40676944 _____ () C:\Users\Joël\Desktop\FirefoxSetup37.0.1.exe
2015-04-10 00:01 - 2015-04-09 23:49 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Joël\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-10 00:01 - 2015-04-09 23:49 - 02217984 _____ () C:\Users\Joël\Desktop\AdwCleaner_4.201.exe
2015-04-09 22:58 - 2015-04-09 22:58 - 02194168 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.200.exe
2015-04-09 22:57 - 2015-04-09 22:57 - 02201924 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.201.exe
2015-04-09 22:57 - 2015-04-09 22:57 - 02193164 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.201(1).exe
2015-04-09 00:17 - 2015-04-09 00:17 - 00004358 _____ () C:\Windows\System32\Tasks\Installer_iwebar
2015-04-09 00:17 - 2015-04-09 00:17 - 00004352 _____ () C:\Windows\System32\Tasks\Installer_sense
2015-04-09 00:17 - 2015-04-09 00:17 - 00004228 _____ () C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_323838363635333933352d3437415a556c2a3223346c41
2015-04-09 00:17 - 2015-04-09 00:17 - 00003440 _____ () C:\Windows\System32\Tasks\YTAUpdate
2015-04-09 00:17 - 2015-04-09 00:17 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-04-09 00:16 - 2015-04-09 00:16 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2015-04-09 00:16 - 2015-04-09 00:16 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashRpt
2015-04-09 00:16 - 2015-04-09 00:16 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-04-09 00:16 - 2015-04-09 00:16 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-09 00:16 - 2015-04-09 00:16 - 00000000 ____D () C:\Program Files (x86)\Swift Record
2015-04-09 00:15 - 2015-04-09 00:15 - 00001863 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tetris.lnk
2015-04-09 00:15 - 2015-04-09 00:15 - 00000000 ____D () C:\Program Files (x86)\Tetris
2015-04-09 00:14 - 2015-04-09 00:14 - 01033544 _____ (Crystal Office Systems ) C:\Users\Joël\Downloads\tetris.exe
2015-04-09 00:14 - 2015-04-09 00:14 - 00232216 _____ () C:\Users\Joël\Downloads\tetris-34033932.exe
2015-04-06 00:11 - 2015-04-06 00:11 - 00000890 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Street Fighter IV.lnk
2015-04-06 00:11 - 2015-04-06 00:11 - 00000878 _____ () C:\Users\Public\Desktop\Ultra Street Fighter IV.lnk
2015-04-05 23:58 - 2015-04-06 00:35 - 00000000 ____D () C:\Program Files (x86)\Ultra Street Fighter IV
2015-04-05 06:19 - 2015-04-05 13:38 - 00000000 ____D () C:\Users\Joël\Downloads\Ultra.Street.Fighter.IV-RELOADED
2015-04-04 15:26 - 2015-04-05 03:27 - 00000000 ____D () C:\Users\Joël\AppData\Local\{A22B5810-6701-4C13-AEF5-FCA5A1C50AD5}
2015-04-04 15:14 - 2015-04-04 15:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 13:58 - 2015-04-03 13:58 - 41844891 _____ () C:\Users\Joël\Downloads\Exhibit_B-(DatPiff.com).zip
2015-03-30 16:22 - 2015-03-30 16:15 - 29606756 _____ () C:\Users\Joël\Desktop\SuperMario64HD_Win.zip
2015-03-30 16:14 - 2015-03-30 16:15 - 29606756 _____ () C:\Users\Joël\Downloads\SuperMario64HD_Win.zip
2015-03-19 19:49 - 2015-04-09 22:36 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoël.job
2015-03-19 19:49 - 2015-04-09 21:10 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoël
2015-03-17 23:13 - 2015-03-17 23:13 - 00000000 __SHD () C:\Windows\ftpcache
2015-03-17 23:12 - 2015-03-17 23:12 - 00682280 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00002221 _____ () C:\Users\Public\Desktop\Call of Duty - World at War Multiplayer.lnk
2015-03-17 23:12 - 2015-03-17 23:12 - 00002209 _____ () C:\Users\Public\Desktop\Call of Duty - World at War Single Player.lnk
2015-03-16 22:38 - 2015-03-16 22:38 - 13223208 _____ (Disc Soft Ltd) C:\Users\Joël\Downloads\DTLite501-0406.exe
2015-03-14 22:05 - 2015-03-15 05:10 - 00000000 ____D () C:\ProgramData\Tunngle
2015-03-14 22:05 - 2015-03-15 03:55 - 00000000 ____D () C:\Users\Joël\Documents\Tunngle
2015-03-14 22:05 - 2015-03-15 03:02 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Tunngle
2015-03-14 22:05 - 2015-03-14 22:07 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2015-03-14 22:05 - 2015-03-14 22:05 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2015-03-14 22:05 - 2015-03-14 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-03-14 22:05 - 2009-09-16 08:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2015-03-14 22:00 - 2015-03-14 22:02 - 04800816 _____ (Tunngle.net GmbH ) C:\Users\Joël\Downloads\Tunngle_Setup_v5.2(1).exe
2015-03-14 21:57 - 2015-03-14 21:59 - 04800816 _____ (Tunngle.net GmbH ) C:\Users\Joël\Downloads\Tunngle_Setup_v5.2.exe
2015-03-14 20:16 - 2015-03-14 22:31 - 70164560 ____R () C:\Users\Joël\Downloads\Civ5_Patch_from_1.0.1.275_to_1.0.1.348 [Cracked].rar
2015-03-14 20:15 - 2015-03-14 20:18 - 70902489 ____R () C:\Users\Joël\Downloads\civ5_update-1.0.1.217.rar
2015-03-14 20:11 - 2015-03-14 20:11 - 40955564 _____ () C:\Users\Joël\Downloads\Full Game(Setup + Crack).rar
2015-03-14 19:56 - 2015-03-14 19:56 - 00000000 ____D () C:\Users\Joël\AppData\Local\My Games
2015-03-14 15:54 - 2015-03-14 15:54 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com)(3).zip
2015-03-14 15:54 - 2015-03-14 15:54 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com)(2).zip
2015-03-14 15:54 - 2015-03-14 15:54 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com)(1).zip
2015-03-14 15:53 - 2015-03-14 15:54 - 63164765 _____ () C:\Users\Joël\Downloads\The_Medication-(DatPiff.com).zip
2015-03-14 15:53 - 2015-03-14 15:53 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com).zip
2015-03-14 12:38 - 2015-03-14 12:38 - 74385898 _____ () C:\Users\Joël\Downloads\The_Prescription-(DatPiff.com).zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 00:34 - 2014-11-02 01:52 - 00000000 ____D () C:\FRST
2015-04-10 00:34 - 2014-04-09 00:49 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\uTorrent
2015-04-10 00:33 - 2011-07-18 02:26 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-10 00:32 - 2014-11-05 13:00 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
2015-04-10 00:32 - 2014-10-09 00:46 - 00000000 ____D () C:\ProgramData\VMware
2015-04-10 00:31 - 2014-11-06 04:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 00:31 - 2014-11-02 15:20 - 00019233 _____ () C:\Windows\setupact.log
2015-04-10 00:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 00:07 - 2014-04-01 20:32 - 01821769 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 00:06 - 2014-11-06 04:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 00:03 - 2011-07-18 01:54 - 00712990 _____ () C:\Windows\system32\perfh007.dat
2015-04-10 00:03 - 2011-07-18 01:54 - 00155952 _____ () C:\Windows\system32\perfc007.dat
2015-04-10 00:03 - 2009-07-14 07:13 - 01659220 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-09 23:23 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 23:23 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 23:15 - 2014-11-02 15:20 - 00008838 _____ () C:\Windows\PFRO.log
2015-04-09 23:14 - 2015-02-25 23:44 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2015-04-09 23:14 - 2014-11-02 00:55 - 00000000 ____D () C:\AdwCleaner
2015-04-09 23:14 - 2014-09-15 16:53 - 00001102 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-04-09 23:14 - 2014-04-01 23:24 - 00001166 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-09 23:14 - 2014-04-01 23:24 - 00000943 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-09 23:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-09 23:13 - 2014-11-06 04:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-09 23:13 - 2014-04-01 23:28 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-09 22:54 - 2014-04-09 00:08 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\vlc
2015-04-09 22:38 - 2014-11-05 22:12 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashDumps
2015-04-09 22:38 - 2014-04-10 00:58 - 00000000 ___RD () C:\Users\Joël\Dropbox
2015-04-09 22:38 - 2014-04-10 00:46 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Dropbox
2015-04-09 22:36 - 2011-07-18 02:17 - 00000000 ____D () C:\ProgramData\Temp
2015-04-09 21:09 - 2014-04-03 17:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-09 21:06 - 2014-04-03 17:54 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\HP Support Assistant
2015-04-09 21:06 - 2014-04-03 00:19 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\HpUpdate
2015-04-08 18:18 - 2014-04-10 00:47 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-06 05:24 - 2014-04-02 00:07 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Skype
2015-04-06 01:59 - 2014-11-02 00:02 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\OBS
2015-04-06 00:42 - 2014-07-29 09:28 - 00000000 ____D () C:\Users\Joël\Documents\CAPCOM
2015-04-05 22:46 - 2014-10-06 18:55 - 00000000 ____D () C:\Users\Joël\Downloads\KMS Activator for Windows + Office's + KMSpico Activator v9
2015-04-05 22:23 - 2014-04-01 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-05 13:48 - 2014-12-03 22:37 - 00000000 ____D () C:\Users\Joël\AppData\Local\FullTiltPoker
2015-04-05 13:48 - 2014-12-03 22:35 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2015-04-03 02:24 - 2014-11-02 00:02 - 00000000 ____D () C:\Program Files\OBS
2015-03-28 01:41 - 2014-08-24 12:29 - 00000000 ____D () C:\Windows\pss
2015-03-18 01:05 - 2014-11-01 02:58 - 00000000 ____D () C:\Users\Joël\Desktop\Programme
2015-03-18 00:36 - 2011-07-18 02:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-17 23:12 - 2014-12-25 22:05 - 00295468 _____ () C:\Windows\Directx.log
2015-03-17 23:05 - 2015-01-19 19:06 - 00002171 _____ () C:\Users\Public\Desktop\Call of Duty - World at War.lnk
2015-03-17 22:58 - 2014-10-29 22:15 - 00000000 ____D () C:\Program Files (x86)\Activision
2015-03-17 22:57 - 2014-11-01 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-03-15 13:41 - 2014-11-01 02:57 - 00000000 ____D () C:\Users\Joël\Desktop\Restsachen
2015-03-15 13:37 - 2014-04-01 23:23 - 00112288 _____ () C:\Users\Joël\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-15 13:36 - 2009-07-14 06:45 - 00446160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 22:03 - 2014-07-25 02:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-14 19:57 - 2014-07-27 20:06 - 00000000 ____D () C:\Users\Joël\AppData\Local\SKIDROW
2015-03-13 00:41 - 2014-04-01 20:31 - 00000000 ____D () C:\Users\Joël

==================== Files in the root of some directories =======

2015-01-31 19:57 - 2015-01-31 19:57 - 9303942 _____ () C:\Users\Joël\AppData\Roaming\7.1.zip
2014-10-02 13:01 - 2014-10-02 13:01 - 0000074 _____ () C:\Users\Joël\AppData\Roaming\Camdata.ini
2014-10-02 13:01 - 2014-10-02 13:01 - 0000408 _____ () C:\Users\Joël\AppData\Roaming\CamLayout.ini
2014-10-02 13:01 - 2014-10-02 13:01 - 0000408 _____ () C:\Users\Joël\AppData\Roaming\CamShapes.ini
2014-10-02 13:01 - 2014-10-02 13:01 - 0004535 _____ () C:\Users\Joël\AppData\Roaming\CamStudio.cfg
2014-04-10 02:46 - 2014-04-10 02:46 - 0000448 _____ () C:\Users\Joël\AppData\Roaming\com.appdynamic.airmediaserver.plist
2014-04-25 00:50 - 2014-10-02 12:40 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.1.txt
2014-04-25 00:50 - 2014-05-28 23:44 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.2.txt
2014-04-25 00:50 - 2014-05-28 23:44 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.3.txt
2014-04-25 00:50 - 2014-05-28 23:44 - 0000919 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.4.txt
2014-04-25 00:50 - 2014-05-03 18:45 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.5.txt
2014-04-25 00:50 - 2014-05-03 18:44 - 0000919 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.6.txt
2014-04-25 00:50 - 2014-05-03 18:39 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.7.txt
2014-04-25 00:50 - 2014-04-26 23:45 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.8.txt
2014-04-25 00:50 - 2014-04-25 19:56 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.9.txt
2014-04-25 00:50 - 2014-12-08 21:33 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.txt
2014-04-25 00:50 - 2014-12-08 21:33 - 0000000 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-10-02 12:57 - 2014-10-02 12:57 - 0000096 _____ () C:\Users\Joël\AppData\Roaming\version2.xml
2014-04-29 02:41 - 2015-03-10 22:13 - 0057856 _____ () C:\Users\Joël\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-30 23:13 - 2014-08-30 23:13 - 0000092 _____ () C:\Users\Joël\AppData\Local\fusioncache.dat
2014-06-18 11:28 - 2014-11-10 23:02 - 0007609 _____ () C:\Users\Joël\AppData\Local\resmon.resmoncfg
2014-11-27 19:44 - 2014-11-27 19:44 - 0000000 _____ () C:\Users\Joël\AppData\Local\{C9DCAE0A-7F66-423A-BF35-CD24979C9202}
2014-11-17 04:05 - 2014-11-17 04:05 - 0000000 _____ () C:\Users\Joël\AppData\Local\{F4041526-A54D-470D-A5CF-DCA31E44FFFA}
2014-07-17 09:16 - 2014-11-26 18:36 - 0006897 _____ () C:\ProgramData\hpzinstall.log
2014-06-12 16:20 - 2014-06-12 16:28 - 0004335 _____ () C:\ProgramData\RUNDLL32.EXE-3004-F.txt

Some content of TEMP:
====================
C:\Users\Joël\AppData\Local\Temp\appshat_generic.exe
C:\Users\Joël\AppData\Local\Temp\cabex.dll
C:\Users\Joël\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmsv8cz.dll
C:\Users\Joël\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Joël\AppData\Local\Temp\InstallGenieo.exe
C:\Users\Joël\AppData\Local\Temp\jna2356463815749035604.dll
C:\Users\Joël\AppData\Local\Temp\jna3459829698647988724.dll
C:\Users\Joël\AppData\Local\Temp\jna6533567052833355640.dll
C:\Users\Joël\AppData\Local\Temp\jna7004795854746553123.dll
C:\Users\Joël\AppData\Local\Temp\jna8818759043853338928.dll
C:\Users\Joël\AppData\Local\Temp\jreInstall.exe
C:\Users\Joël\AppData\Local\Temp\nvStInst.exe
C:\Users\Joël\AppData\Local\Temp\Quarantine.exe
C:\Users\Joël\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Joël\AppData\Local\Temp\setup.exe
C:\Users\Joël\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Joël\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\Joël\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Joël\AppData\Local\Temp\start.exe
C:\Users\Joël\AppData\Local\Temp\unelevate.exe
C:\Users\Joël\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2015-04-08 19:09

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Joël at 2015-04-10 00:35:32
Running from P:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age Of Empires 3 version 1.0.0.0 (HKLM-x32\...\{9723A036-AC58-4D9A-B677-8D5BD2F312EF}_is1) (Version: 1.0.0.0 - Strogino CS Portal)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AirParrot (HKLM\...\{D523F3B0-B5FE-43D0-BFE7-62CA0DD598BD}) (Version: 1.1.7 - Squirrels)
AnySend (HKLM-x32\...\ASPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION!
Apowersoft Smartphone Manager Version 1.1.8 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 1.1.8 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitcoin Core (64-bit) (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BrightiaPlusの削除 (HKLM-x32\...\BrightiaPlus) (Version:  - )
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
Call of Duty - World at War (HKLM-x32\...\Call of Duty - World at War_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clrmamepro (HKLM-x32\...\clrmamepro) (Version: 4.00.15.0 - Roman Scherzer)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Croc 2 (HKLM-x32\...\Croc 2) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkcoin (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Darkcoin) (Version: 0.10.17.26 - Darkcoin Project)
Dead Island Riptide (c) Deep Silver version 1 (HKLM-x32\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - )
Deadfall Adventures (HKLM-x32\...\RGVhZGZhbGxBZHZlbnR1cmVz_is1) (Version: 1 - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DUNGEONS (HKLM-x32\...\{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}) (Version: 1.0.0.1 - Realmforge Studios GmbH)
Earthworm Jim 1 and 2 (HKLM-x32\...\GOGPACKEARTHWORMJIM12_is1) (Version: 2.0.0.7 - GOG.com)
Earthworm Jim 3D (HKLM-x32\...\Earthworm Jim 3D) (Version:  - )
Elcomsoft Phone Password Breaker (HKLM-x32\...\{91E3CFF8-5A2F-4895-A6BE-6883A66C6CD8}) (Version: 3.00.106.2053 - Elcomsoft Co. Ltd.)
Elgato Game Capture HD (HKLM-x32\...\{A04501E6-ED4D-43C9-9D69-9C78224B5BDC}) (Version: 2.01.49.776 - Elgato Systems GmbH)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version:  - )
Empire Earth II Gold Edition (HKLM-x32\...\Empire Earth II Gold Edition_is1) (Version:  - GOG.com)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Converter version 5.0.39.430 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.39.430 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.219 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.219 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.5.923 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.5.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.24.2.WIN.FullTilt.COM - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Capture HD v2.3.3.38 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.38 - Elgato Systems)
Genieo (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\genieo) (Version: 1.0.400 - Genieo Innovation Ltd.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{79A72AAD-7ED4-49D8-872D-D1465061F9DB}) (Version:  - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5902.0 - IDT)
ILLUSION ジンコウガクエン (HKLM-x32\...\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}) (Version: 1.00.0000 - ILLUSION)
ILLUSION ジンコウガクエン きゃらめいく (HKLM-x32\...\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Litecoin (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Litecoin) (Version: 0.8.7.5 - Litecoin project)
Logix Product Key Viewer (HKLM-x32\...\Logix Product Key Viewer) (Version:  - S.C. Logix S.R.L.)
Logix Product Key Viewer (x32 Version: 1.2.1.11 - S.C. Logix S.R.L.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magic The Gathering Online  (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\35c9d60442fbb010) (Version: 3.4.81.404 - Wizards of the Coast)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - Deutsch (HKLM\...\{90150000-00BD-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Moorhuhnjagd (HKLM-x32\...\Moorhuhnjagd) (Version:  - )
MotioninJoy DS3 driver version 0.6.0004 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0004 - www.motioninjoy.com)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MultiMiner version 3.9.1 (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\{A59A265F-E97D-4A84-8E78-E8C59EB861CE}_is1) (Version: 3.9.1 - Nate Woolls)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NokiaFREE Unlock Codes Calculator (HKLM-x32\...\NokiaFREE Unlock Codes Calculator) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.1 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version:  - www.PerfectUninstaller.com)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.0.0 - PowerUp Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus500 (HKLM-x32\...\Plus500) (Version:  - )
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pong 1.0 (HKLM-x32\...\Pong) (Version: 1.0 - WorkHorse Games)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.0 - PS3 Media Server)
PS3.ProxyServer (HKLM-x32\...\{FE4086E1-FA7F-4A7A-8FC5-061337B5787E}) (Version: 1.0.0 - CF3B5)
PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rayman Legends (HKLM-x32\...\UmF5bWFuTGVnZW5kcw==_is1) (Version: 1 - )
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities_is1) (Version: 4.0 - SORCIM Technologies Pvt Ltd)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.0.4 - Reimage) <==== ATTENTION
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Republic Heroes (HKLM-x32\...\{5612C844-55BC-4B77-82C2-A2E28962418E}) (Version: 1.00.0000 - LucasArts)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
RomCenter 3.7.1 (HKLM-x32\...\romcenter_is1) (Version: 3.7.1 - Eric Bole-Feysot)
Savage 2.00e (HKLM-x32\...\Product) (Version:  - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simple CPU Miner - 64bit (HKLM-x32\...\{EC52D440-B5B9-4172-8DE1-5FB45B45D0D0}) (Version: 2.3 - Miner)
Simple GPU Miner (HKLM-x32\...\{7CDFCC48-3AA5-4D86-88F7-3799B4158A9B}) (Version: 1.6 - Miner)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic Generations (HKLM-x32\...\Sonic Generations_is1) (Version: 1.0 - SEGA)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version:  - )
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Swift Record (HKLM\...\Swift Record) (Version: 2015.04.08.092547 - Swift Record) <==== ATTENTION
Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version: 1.68 - Crystal Office Systems)
The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC (HKLM-x32\...\The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC_is1) (Version: The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC - Repack by Fenixx (02.05.2014))
Thief, âåðñèÿ 1.1.0.0 (HKLM-x32\...\Thief_is1) (Version: 1.1.0.0 - RePack by SEYTER)
Tomb Raider: The First Era (HKLM-x32\...\{9F5D630D-CBA3-4C4F-BDDA-3BAB7FD15541}_is1) (Version: Final - Eidos Interactive)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 3.5.0 - Universal Media Server)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
URL Snooper v2.37.01 (HKLM-x32\...\URLSnooper 2_is1) (Version:  - DonationCoder.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.2.28060 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.2.28060 - VMware, Inc.) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Worms Ultimate Mayhem - Deluxe Edition (HKLM-x32\...\Worms Ultimate Mayhem - Deluxe Edition_is1) (Version:  - )
XBMC (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\XBMC) (Version:  - Team XBMC)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3396(build_102) - Goobzo Ltd.) <==== ATTENTION
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

14-03-2015 22:05:54 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
17-03-2015 22:56:12 Eliminado Call of Duty(R) 4 - Modern Warfare(TM)
25-03-2015 20:10:44 Geplanter Prüfpunkt
08-04-2015 19:16:59 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-11-02 01:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01259730-6077-48F0-9749-23AEE8E60556} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {024A2859-258D-4493-A2BB-BB1C93878BCE} - System32\Tasks\{16AA9BA4-245E-4DDA-8018-7B94561E63E1} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {043146BB-350D-44C5-9B01-C4F240CA6696} - System32\Tasks\{2CFE9671-6269-4456-AE5B-52EBC7540F6D} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] ()
Task: {09CB5843-A520-4A5E-9DCC-407D53ED4DD8} - System32\Tasks\HPCeeScheduleForJoël => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {0EC8C87F-E64A-4F50-9234-2366982BF911} - \ea727281-8281-467f-bafd-cf5fb6f1777a-3 No Task File <==== ATTENTION
Task: {15B7FE36-4B39-4521-BC2B-2B6FE9C0DFE4} - System32\Tasks\{11A0E742-C5C3-4538-9EBF-B6872B79EAE2} => C:\Program Files (x86)\Activision\Modern Warfare 2\LauncherV3.exe [2014-08-15] ()
Task: {188242EE-F764-4F8C-AB26-17DFAAFCAF64} - System32\Tasks\Installer_iwebar => C:\Users\Joël\AppData\Local\Installer\Installiwebar_32685\DCytaiesmt_smtyc_setup.exe [2015-04-09] () <==== ATTENTION
Task: {1E5DAFCC-BAD7-4DB0-B551-553EFED2D933} - System32\Tasks\{896A5FB8-E31E-48C9-95A7-72FC5CDBB772} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] ()
Task: {1F6AE4F6-7C1C-4099-8CE4-6C82D2C0846C} - System32\Tasks\{3A66FE75-2B3C-42DE-AA81-A206009E7FDC} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {216E6893-9A96-4700-9819-C294ECCC79E5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2471713F-F155-45F6-AA8D-4585DA34BDA0} - System32\Tasks\{D85A24B3-D48F-4598-8E27-F76B2A8EF310} => L:\setup.exe [2014-08-08] (                                                            )
Task: {2BEC0B85-8E65-4951-B6AF-B17B275D3C3A} - System32\Tasks\{CF030C54-0A1D-4F7F-817C-F97C5889DADF} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {33E022D9-8641-4192-91AC-25B1ABC011F2} - System32\Tasks\{732E911D-7F7F-485E-810B-5D327D1BB2F0} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts)
Task: {36300EE4-0538-4B0C-952A-659D2BD3E586} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {364D25EC-3FBC-4F1F-B266-2EF6F61DDEC1} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {374B3FF1-863A-46E3-9B02-35B07303D7D3} - System32\Tasks\{956F7214-E483-4153-AADB-0108A6806404} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] ()
Task: {3A0E625C-B244-4682-BF86-FC6E98012BB7} - System32\Tasks\{03F02BC4-40A4-4673-85A2-9DC6E49E1A46} => pcalua.exe -a C:\Users\Joël\Desktop\ul_install.exe -d C:\Users\Joël\Desktop
Task: {424EF6F3-F3D4-4115-A33C-E748FC3539F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {46D76D72-A3BE-4CEF-9C84-983586B5C18E} - System32\Tasks\{FD379D52-1B1D-42B3-AFDB-3F2351039C4B} => pcalua.exe -a "C:\Users\Joël\AppData\Local\Temp\Rar$EXa0.023\Locale Emulator\LEInstaller.exe" -d "C:\Users\Joël\AppData\Local\Temp\Rar$EXa0.023\Locale Emulator"
Task: {4A6D28BD-B225-40D9-93E2-C6BA4AE2E205} - System32\Tasks\{AC2F21BE-3401-4A84-B69A-1E5406AA9993} => C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe [1999-12-12] (WB Games, Inc.)
Task: {4DC19360-704F-489B-A301-17B81CAE5FC9} - System32\Tasks\{48EDFEA8-3C6A-4B6F-A24C-E9E724B267C6} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {55360A86-21DC-4312-8C86-11C0D7ABBCA2} - \ea727281-8281-467f-bafd-cf5fb6f1777a-5 No Task File <==== ATTENTION
Task: {5621FBF6-ABE9-41B9-B953-43E1B91B5FEC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-15] (AVAST Software)
Task: {565627D2-DAD1-4FCF-957A-CB9FA6A15419} - System32\Tasks\{44C652B8-961D-44FE-899D-2219F72C7A22} => pcalua.exe -a L:\DirectX7\dxsetup.exe -d L:\DirectX7
Task: {583032CA-74F5-41DD-A5D8-08FB0AC2D041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-04-07] (Microsoft)
Task: {5DF9FE70-2F1E-45BA-B903-658003C2B0DF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-08] ()
Task: {5EBAE3F2-07AE-4C2B-BE6F-AC00607F2C0B} - System32\Tasks\SPBIW_UpdateTask_Time_323838363635333933352d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {658F9644-580D-4278-8E58-ACA879BC7F03} - \ea727281-8281-467f-bafd-cf5fb6f1777a-2 No Task File <==== ATTENTION
Task: {67CDA07F-A004-4E40-B3D9-C58FAC000C4D} - \ea727281-8281-467f-bafd-cf5fb6f1777a-4 No Task File <==== ATTENTION
Task: {72FF79AC-4632-42ED-92B0-ECE635FE5C43} - System32\Tasks\{B6824839-96C6-4F30-A31D-ACC966EC6D60} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {737CC060-AED3-47E3-8CDF-A0B77F309406} - System32\Tasks\{8A069E27-D6B4-43EC-899B-DD1CF10A03A5} => C:\Program Files (x86)\Activision\Modern Warfare 2\iw4mp.exe
Task: {73B35674-B2B4-4DD5-BABF-B293D3C8BF1E} - System32\Tasks\{6F1F8080-4EC6-41B8-BDE0-36D4534D4A8A} => C:\Users\Joël\Downloads\gta_sa.exe [2011-12-15] ()
Task: {7514A5FE-CF5B-445B-8734-FE0A5C861842} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {784EB45B-DC30-45AC-80F6-F509CD3AB38A} - System32\Tasks\Installer_sense => C:\Users\Joël\AppData\Local\Installer\Installsense_6948\DCytaiesmt_smtyc_setup.exe [2015-04-09] () <==== ATTENTION
Task: {7DE40AF8-A4B4-48F6-ACDF-DFFDBD9191F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {7FE9D29B-B11A-46D9-85EA-D81E7229FDA0} - System32\Tasks\{F35F547B-5A5B-4BA3-814D-9DA2A4ACC117} => L:\Brightia.exe
Task: {821C4BAA-3EE1-46CB-8272-F054B306F6E9} - System32\Tasks\{A7B46BDD-C862-49DE-B43C-680736A7B63C} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {8392010E-1EF9-4952-BB27-F668C57C8BCD} - System32\Tasks\{AB743845-5798-4955-B94C-DE1B6DA9B041} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {84ADCB9A-187C-43D9-930D-814206EEC3E2} - System32\Tasks\{0AF2A766-64AF-4300-9088-283EE674CA71} => C:\Program Files (x86)\Activision\Modern Warfare 2\iw4mp.exe
Task: {936DA1D0-D0A4-4895-AB42-FE2A652B893D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {94113560-D325-4691-94FF-05B510656293} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {94EC3E70-EEBC-4C49-B9DF-D54FF95FBE88} - System32\Tasks\{53376D40-26A9-4AB8-BD3A-01E663446AA5} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {959CA229-0258-499B-B36E-8DDC7ADA8A38} - System32\Tasks\{AC2A9EE0-9FB9-49DC-B676-D74622B76485} => L:\setup.exe [2014-08-08] (                                                            )
Task: {98DEA201-F266-4F52-B933-BDF968C05101} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {9F8E6F53-B834-4BDB-919E-FEEC2481AD62} - System32\Tasks\{FAB1DF28-51CF-410C-94B7-F38DDE8A070E} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts)
Task: {A0DCF04E-30A3-4F00-B76F-3E04E130A96C} - \ea727281-8281-467f-bafd-cf5fb6f1777a-1 No Task File <==== ATTENTION
Task: {A53D3E3A-37AC-4410-97EE-179F96F70B0B} - System32\Tasks\{98D9A5E0-5254-4144-BFA9-38EB55BF0CB2} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {A92224E6-38AD-4C30-BC6F-0D9FF249818B} - System32\Tasks\{A4A92AE4-1311-46BB-92D4-C57C70110E8A} => msiexec.exe /package "C:\Users\Joël\Desktop\apploc.msi"
Task: {A98C5DC5-528E-43AD-BD90-834CFD65955F} - System32\Tasks\{D0C6E61D-73B0-4921-91B6-E9DC4CAA7D3A} => C:\Users\Joël\Desktop\DS3_Tool.exe
Task: {AD50DD87-3767-4EF4-ABE1-EFDA7E42A2D0} - System32\Tasks\{38225AF4-AE8A-4C1A-9223-4E4A3B464BB8} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] ()
Task: {B265A417-2ADA-4F31-BCAD-A2FCE5A911D4} - System32\Tasks\{85B5CFAA-3995-4750-BBE9-33E500B03B91} => C:\Program Files (x86)\Deadfall Adventures\Binaries\Win32\ADVGame-Win32-Shipping.exe [2013-11-15] ()
Task: {BA21F98B-2E7A-4954-9767-67C4BEAD1AA7} - System32\Tasks\{202143D6-9C86-4B06-9877-A8C354898E23} => C:\Program Files (x86)\Sonic Generations\ConfigurationTool.exe [2011-11-05] (SEGA)
Task: {BACBC536-0393-4751-B740-C71AF0A78A2B} - System32\Tasks\{9D97C117-B3EA-45BE-9B74-E267A0DDD156} => C:\Program Files (x86)\LucasArts\SWTFU2_PC_EFIGS_1.1_Update.exe [2010-12-06] (LucasArts)
Task: {C21F1BD8-A992-4922-B3BB-81AC301D514B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {DE63C791-68F5-4DBA-B2BE-944C5296DE42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {E0C0B101-1438-4741-9DA2-730414DEBAAE} - System32\Tasks\{278B0EEE-4136-4E93-A7F9-C7C79F2981E3} => C:\Users\Joël\Downloads\GTASanAndreas\gta_sa.exe [2005-06-08] ()
Task: {E110F5AC-17AE-45B2-904A-F48A2A087B38} - System32\Tasks\{2661642C-9A09-45BF-B626-1899FBAE6039} => C:\Program Files (x86)\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU Launcher.exe
Task: {E829C878-233B-4E83-BF78-0BC00F2123A2} - System32\Tasks\{CD3DD6CE-EDFC-4EA9-8914-6E59CCE95E7A} => L:\setup.exe [2014-08-08] (                                                            )
Task: {EE809B7C-C226-4F0A-8FB8-173CEE8D4F51} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {F74A94EC-05AC-4A28-A046-EC4ADF17EDF8} - System32\Tasks\{2EC2FE6D-D080-41AA-877A-160D27B0FA36} => pcalua.exe -a L:\setup.exe -d L:\
Task: {FE61142E-29B5-4920-B27B-C238A622D931} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-07] (Microsoft)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04397d33089c6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJoël.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RegInOut on user logon - Joël.job => C:\Program Files (x86)\RegInOut System Utilities\RegInOut.exe

==================== Loaded Modules (whitelisted) ==============

2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-20 11:45 - 2014-10-20 11:45 - 00294240 _____ () C:\Users\Joël\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
2014-10-20 11:45 - 2014-10-20 11:45 - 00539488 _____ () C:\Users\Joël\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
2014-05-20 15:03 - 2014-05-20 15:03 - 00048688 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2014-05-06 00:21 - 2011-12-08 16:53 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-06 00:21 - 2011-12-07 18:31 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2014-09-15 00:16 - 2014-09-15 00:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-09 20:54 - 2015-04-09 20:54 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15040901\algo.dll
2014-05-06 00:21 - 2011-09-13 16:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-09-15 00:16 - 2014-09-15 00:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-10 00:32 - 2015-04-10 00:32 - 00043008 _____ () c:\users\jol~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmsv8cz.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-06 00:21 - 2011-10-25 14:54 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:05E9FFE5
AlternateDataStreams: C:\ProgramData\Temp:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1424248093-816826443-285343795-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: NVSvc => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-1424248093-816826443-285343795-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1424248093-816826443-285343795-1002 - Limited - Enabled)
Gast (S-1-5-21-1424248093-816826443-285343795-501 - Limited - Enabled) => C:\Users\Gast
Joël (S-1-5-21-1424248093-816826443-285343795-1000 - Administrator - Enabled) => C:\Users\Joël

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SPDRIVER_1.38.1.1736
Description: SPDRIVER_1.38.1.1736
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SPDRIVER_1.38.1.1736
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 00:33:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 00:32:15 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T00:32:15.820+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 00:32:15 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T00:32:15.820+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/09/2015 11:16:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 11:15:31 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-09T23:15:31.259+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/09/2015 11:15:31 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-09T23:15:31.259+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/09/2015 10:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.18571, Zeitstempel: 0x53eee2cc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005b72e
ID des fehlerhaften Prozesses: 0x124
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (04/09/2015 10:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.18571, Zeitstempel: 0x53eee2cc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005b72e
ID des fehlerhaften Prozesses: 0x7a0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (04/09/2015 10:37:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 09:12:45 PM) (Source: ESENT) (EventID: 474) (User: )
Description: Windows (8732) Windows:  Bei Überprüfung der aus Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" bei Offset  (Datenbankseite Windows0) für          Bytes gelesenen Datenbankseite ist durch eine Inkonsistenz der Seitenprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war , die tatsächliche Prüfsumme . Fehler  bei Leseoperation. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller.


System errors:
=============
Error: (04/10/2015 00:33:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/10/2015 00:32:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware Workstation Server" ist vom Dienst "VMware Authorization Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1066

Error: (04/10/2015 00:32:15 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "VMware Authorization Service" wurde mit folgendem dienstspezifischem Fehler beendet: %%6000004.

Error: (04/10/2015 00:32:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SPDRIVER_1.38.1.1736" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (04/10/2015 00:32:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst HP Client Services erreicht.

Error: (04/10/2015 00:31:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (04/10/2015 00:31:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.

Error: (04/10/2015 00:31:08 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d543a8f8-ba09-11e3-9a9e-806e6f6e6963}" können nicht gelesen werden.

Error: (04/10/2015 00:30:21 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (04/09/2015 11:15:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/10/2015 00:33:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 00:32:15 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T00:32:15.820+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 00:32:15 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T00:32:15.820+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/09/2015 11:16:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 11:15:31 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-09T23:15:31.259+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/09/2015 11:15:31 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-09T23:15:31.259+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/09/2015 10:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7601.1857153eee2ccntdll.dll6.1.7601.18247521ea8e7c00000050005b72e12401d0730502988948C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll4f0b7ebc-def8-11e4-9803-e06995a7531d

Error: (04/09/2015 10:37:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.7601.1857153eee2ccntdll.dll6.1.7601.18247521ea8e7c00000050005b72e7a001d07305046b16feC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll4f0ba5cc-def8-11e4-9803-e06995a7531d

Error: (04/09/2015 10:37:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2015 09:12:45 PM) (Source: ESENT) (EventID: 474) (User: )
Description: Windows8732Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb        


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 00:26:28.286
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.226
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.196
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 23:35:12.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 23:35:12.267
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 22%
Total physical RAM: 8174.53 MB
Available physical RAM: 6347.98 MB
Total Pagefile: 16347.23 MB
Available Pagefile: 14441.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1848.86 GB) (Free:440.79 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive l: (Ultra Street Fig) (CDROM) (Total:11.11 GB) (Free:0 GB) CDFS
Drive m: (Disk1_CoDWaW) (CDROM) (Total:4.1 GB) (Free:0 GB) CDFS
Drive p: (W81_X64_MUL) (Removable) (Total:7.36 GB) (Free:1.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D0FBDB0A)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=1848.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

deeprybka 10.04.2015 14:58
Hi,

Schritt 1

Bitte deinstalliere folgende Programme:

AnySend
Reimage Repair
Swift Record
YouTube Accelerator


Versuche es bei Windows 7 http://deeprybka.trojaner-board.de/b...ne/revo/w7.png zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhttp://deeprybka.trojaner-board.de/b...ninstaller.pnghier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2

Neue Version!
http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 3
  • Schließe alle offenen Programme und Browser.
  • Starte bitte http://filepony.de/icon/adwcleaner.png Adwcleaner.
  • Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
    Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer).

Schritt 4

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Joel14 10.04.2015 19:30
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 10.04.2015
Suchlauf-Zeit: 19:09:28
Logdatei: Malware.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Joël

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 549769
Verstrichene Zeit: 46 Min, 50 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 2056, Löschen bei Neustart, [2158261da9e1989e2a27ed21aa58b749]
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, 4232, Löschen bei Neustart, [b1c8f64d03870a2c828fe44b9c669967]
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, 680, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1]

Module: 10
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Löschen bei Neustart, [d1a87cc7b0da330341bbed806997fd03],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, Löschen bei Neustart, [6f0a380babdf5adcf3097bf2b94738c8],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],

Registrierungsschlüssel: 3
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [2158261da9e1989e2a27ed21aa58b749],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [32473b0892f8fc3a786505abe023df21],
PUP.Optional.Qone8, HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [fd7cf3504b3fc274ebb3d34365a00bf5],

Registrierungswerte: 1
PUP.Optional.ShopperPro, HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1.38.1.1736\jsdrv.exe, In Quarantäne, [8bee182b5b2f42f463c723a545bea957]

Registrierungsdaten: 12
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX),Ersetzt,[80f9af94b9d18aac38deddf86d989d63]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX),Ersetzt,[ceab053e8cfe270f24f2e2f38c79e719]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, hxxp://www.istartsurf.com/web/?type=ds&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}),Ersetzt,[c5b4b29149412f07799ef3e255b035cb]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://www.istartsurf.com/web/?type=ds&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1428531341&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}),Ersetzt,[26531231deac58deec2be7ee867f7f81]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}),Ersetzt,[b3c6390ac0caa88e9a7cfdd8c73e02fe]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX),Ersetzt,[d4a5be85b7d38caa3bdbfbdacb3adf21]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX),Ersetzt,[1b5eba893a5005317f97696c887dd030]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}),Ersetzt,[d8a17ac92169dc5a5cbacd0861a4ce32]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX),Ersetzt,[7108ec57ee9c1026db398f46af56619f]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}),Ersetzt,[9ddcb88bd8b2b1851cf819bc7d884bb5]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX),Ersetzt,[c5b4ad9613772a0c12024b8ade27d030]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}),Ersetzt,[6d0cdd664149290d40d4eee74abb4db3]

Ordner: 30
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\image, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.AppsHat.A, C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat, In Quarantäne, [04756fd4f892e74f316f930452b112ee],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [c5b4de651d6da69034027e1f986b7c84],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [c5b4de651d6da69034027e1f986b7c84],

Dateien: 108
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Löschen bei Neustart, [2158261da9e1989e2a27ed21aa58b749],
PUP.Optional.ELEX, C:\Program Files (x86)\XTab\HPNotify.exe, Löschen bei Neustart, [b1c8f64d03870a2c828fe44b9c669967],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchFF.dll, Löschen bei Neustart, [d1a87cc7b0da330341bbed806997fd03],
PUP.Optional.BrowserWatch, C:\Program Files (x86)\XTab\BrowerWatchCH.dll, Löschen bei Neustart, [6f0a380babdf5adcf3097bf2b94738c8],
PUP.Optional.SupTab.A, C:\Program Files (x86)\XTab\SupTab.dll, In Quarantäne, [7108fd469eeccc6ac90395a09f61827e],
Riskware.Crack, C:\Program Files (x86)\The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC\steam_api.dll, In Quarantäne, [76031c275e2ca195b36799b87d8358a8],
Riskware.BitcoinMiner, C:\Users\Joël\AppData\Local\Temp\pooler-cpuminer-2.3.3-win64.zip, In Quarantäne, [6019ec5722685ed85f3994d822df41bf],
PUP.Optional.Somoto.A, C:\Users\Joël\AppData\Local\Temp\appshat_generic.exe, In Quarantäne, [2a4f99aa9cee84b2585371b1966a728e],
PUP.Optional.Cgminer, C:\Users\Joël\Downloads\Simple GPU Miner(1).msi, In Quarantäne, [9fdaad96355593a3ee0d81ece120ac54],
PUP.Optional.Cgminer, C:\Users\Joël\Downloads\Simple GPU Miner.msi, In Quarantäne, [e198bf8428625fd77d7e4d20976a3dc3],
PUP.Optional.Downloader, C:\Users\Joël\Downloads\Total Commander - CHIP-Installer.exe, In Quarantäne, [1267fe454f3bf73f0e92beadd12f6e92],
Backdoor.Bot, C:\Users\Joël\Downloads\AirParrot - CHIP-Installer(1).exe, In Quarantäne, [6415142fff8b7eb89376dd90817f3dc3],
Backdoor.Bot, C:\Users\Joël\Downloads\AirParrot - CHIP-Installer.exe, In Quarantäne, [9bde4102d7b371c5b158f4790ff1c23e],
PUP.Optional.Downloader, C:\Users\Joël\Downloads\Audacity - CHIP-Installer.exe, In Quarantäne, [bcbdeb58216956e087195b10a15fb64a],
PUP.Optional.Downloader, C:\Users\Joël\Downloads\IObit Uninstaller - CHIP-Installer.exe, In Quarantäne, [dc9d58eb672396a068380962897729d7],
Backdoor.Bot, C:\Users\Joël\Downloads\MotioninJoy - CHIP-Installer.exe, In Quarantäne, [9bde66dd7416d85eb554442928d8ef11],
Backdoor.Bot, C:\Users\Joël\Downloads\FRAPS - CHIP-Installer.exe, In Quarantäne, [f0891330c1c9d75f6e9be28b54aca65a],
Backdoor.Bot, C:\Users\Joël\Downloads\K Lite Mega Codec Pack - CHIP-Installer.exe, In Quarantäne, [f7820c37751594a2c8418edfda26867a],
PUP.Optional.Downloader, C:\Users\Joël\Downloads\CamStudio - CHIP-Installer.exe, In Quarantäne, [f089eb5872184aece0c0bcafff0152ae],
Backdoor.Bot, C:\Users\Joël\Downloads\Advanced Archive Password Recovery - CHIP-Installer.exe, In Quarantäne, [d7a277cc7d0d1f17ac5d640997698c74],
Riskware.BitcoinMiner, C:\Windows\Installer\40d6d2.msi, In Quarantäne, [0970e65df595f3433365fe6ec140ee12],
PUP.Optional.Cgminer, C:\Windows\Installer\a65b5e.msi, In Quarantäne, [621782c1860459dd08f3a1cceb166c94],
PUP.Optional.Somoto.A, C:\Users\Joël\Local Settings\Application Data\Bundled software uninstaller\biSetup62822.exe, In Quarantäne, [ceab7bc8375320161dc05337b352936d],
PUP.Optional.BitcoinMiner, C:\Users\Joël\Desktop\Restsachen\Win64_all_Improved2\Minerd.exe, In Quarantäne, [245578cb96f4ed49bb51febbf01550b0],
PUP.BitCoinMiner, C:\Users\Joël\Desktop\Restsachen\Win64_all_Improved2\Guiminerscrypt\guiminer-scrypt_win32_binaries_v0.05.zip, In Quarantäne, [83f620235238ee483b4fe9dcac569868],
Trojan.BtcMiner.TS, C:\Users\Joël\Desktop\Restsachen\Win64_all_Improved2\Guiminerscrypt\poclbm.exe, In Quarantäne, [18615ce7dfab41f519fb6d1b57aef10f],
Riskware.BitcoinMiner, C:\Users\Joël\Desktop\Restsachen\Win64_all_Improved2\Neuer Ordner\minerd.exe, In Quarantäne, [aecb8db6bfcbc6703b5dbfad44bd1ce4],
Riskware.BitcoinMiner, C:\Users\Joël\Desktop\Restsachen\Win64_all_Improved2\Neuer Ordner\pooler-cpuminer-2.3.3-win64.zip, In Quarantäne, [bdbc9da654362d094d4badbfb34e2cd4],
RiskWare.Tool.CK, C:\Users\Joël\Desktop\Restsachen\Mac OS X Snow Leopard 10.6.8 VMware Image [Ultimate Build]\VMware Unlocker - Hardware Virtualization Bypasser\vmware-vmx-patch-(x32).exe, In Quarantäne, [4039f64d1278201622c24ba7f80d44bc],
RiskWare.Tool.CK, C:\Users\Joël\Desktop\Restsachen\Mac OS X Snow Leopard 10.6.8 VMware Image [Ultimate Build]\VMware Unlocker - Hardware Virtualization Bypasser\vmware-vmx-patch-(x64).exe, In Quarantäne, [027796ad266440f654907f739570f60a],
PUP.Optional.ShopperPro.A, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_323838363635333933352d3437415a556c2a3223346c41, In Quarantäne, [a5d4c87bd1b946f07feabaf2e51edb25],
PUP.Optional.iWebar.A, C:\Windows\System32\Tasks\Installer_iwebar, In Quarantäne, [a3d683c0fc8e75c1ee55713c4eb5e61a],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\uninstall.exe, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\BrowserAction.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\CmdShell.exe, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\conf, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\IeWatchDog.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\install.data, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcp110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\msvcr110.dll, Löschen bei Neustart, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\searchProvider.xml, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\about_bk.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\btn_apply.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\close.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf.xml, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\conf_back.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\input_bk.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\logo.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\main.xml, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_1.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\radio_2.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\rigth_arrow.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\skin\settings.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\data.html, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE.html, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\indexIE8.html, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\main.css, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\ver.txt, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\google_trends.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon128.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon16.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\icon48.png, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\loading.gif, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\img\logo32.ico, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\common.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\ga.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\jquery.autocomplete.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\js.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\library.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit-ie8.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\js\xagainit2.0.js, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\en-US\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-419\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\es-ES\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-BE\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CA\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-CH\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-FR\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\fr-LU\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-CH\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\it-IT\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pl\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\pt-BR\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\ru-MO\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\tr-TR\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\vi-VI\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-CN\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\web\_locales\zh-TW\messages.json, In Quarantäne, [0d6c5ce7a4e6e3536876fdb36e954fb1],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, In Quarantäne, [2c4da99ae6a4f93d512ac801ef14ed13],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbia.exe, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici32.dll, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbici64.dll, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii32.exe, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbii64.exe, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.ShopperPro, C:\Program Files\Common Files\ShopperPro\spbiw.sys, In Quarantäne, [0b6eca791b6fec4aaa2c3d4dad563dc3],
PUP.Optional.AppsHat.A, C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\AppsHat.lnk, In Quarantäne, [04756fd4f892e74f316f930452b112ee],
PUP.Optional.AppsHat.A, C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat\Uninstall.lnk, In Quarantäne, [04756fd4f892e74f316f930452b112ee],
PUP.Optional.IStartSurf.A, C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX" ],), Ersetzt,[bbbeba89682248ee32b978a553b3966a]
PUP.Optional.IStartSurf.A, C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (  "homepage": "hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX",), Ersetzt,[ea8fba89eaa042f48c600f0ed92d7c84]
PUP.Optional.IStartSurf.A, C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "search_url": "hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}"), Ersetzt,[2f4a10334248092d727bfa2330d66799]
PUP.Optional.IStartSurf.A, C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX");), Ersetzt,[423757ec49417fb7b92ff528bb4be61a]
PUP.Optional.IStartSurf.A, C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\search.json, Gut: (), Schlecht: (istartsurf), Ersetzt,[5524261d692140f6791678a3ce384db3]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
# AdwCleaner v4.201 - Bericht erstellt 10/04/2015 um 20:11:02
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Joël - JOEL-HP
# Gestarted von : C:\Users\Joël\Desktop\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : SPDRIVER_1.38.1.1736

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\rei
Ordner Gelöscht : C:\ProgramData\Reimage Protector
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plus500
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Ordner Gelöscht : C:\Program Files (x86)\Plus500
Ordner Gelöscht : C:\Users\Joël\AppData\Local\Plus500
Ordner Gelöscht : C:\Users\Joël\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Joël\AppData\Roaming\HPAppData
Ordner Gelöscht : C:\Users\Joël\AppData\Roaming\genieo
Ordner Gelöscht : C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plus500
Ordner Gelöscht : C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Ordner Gelöscht : C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\genieo
Datei Gelöscht : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
Datei Gelöscht : C:\Windows\Reimage.ini
Datei Gelöscht : C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Schlüssel Gelöscht : HKCU\Software\JavaSoft\Prefs\genieo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKCU\Software\genieo
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Goobzo
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\genieo
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v8.0.7601.18571


-\\ Mozilla Firefox v37.0.1 (x86 de)

[7b1fw05a.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "istartsurf");
[7b1fw05a.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hppp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX");

-\\ Google Chrome v41.0.2272.118

[C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=dspp&ts=1428531368&from=smt&uid=HitachiXHDS722020ALA330_JK11B1BFGUY8SFGUY8SFX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1794 Bytes] - [02/11/2014 00:55:55]
AdwCleaner[R1].txt - [1854 Bytes] - [02/11/2014 00:58:09]
AdwCleaner[R2].txt - [17721 Bytes] - [09/04/2015 23:07:18]
AdwCleaner[R3].txt - [5443 Bytes] - [10/04/2015 20:08:18]
AdwCleaner[S0].txt - [1810 Bytes] - [02/11/2014 00:59:57]
AdwCleaner[S1].txt - [13675 Bytes] - [09/04/2015 23:13:48]
AdwCleaner[S2].txt - [4780 Bytes] - [10/04/2015 20:11:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4839  Bytes] ##########
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Joël at 2015-04-10 20:29:07
Running from C:\Users\Joël\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age Of Empires 3 version 1.0.0.0 (HKLM-x32\...\{9723A036-AC58-4D9A-B677-8D5BD2F312EF}_is1) (Version: 1.0.0.0 - Strogino CS Portal)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AirParrot (HKLM\...\{D523F3B0-B5FE-43D0-BFE7-62CA0DD598BD}) (Version: 1.1.7 - Squirrels)
Apowersoft Smartphone Manager Version 1.1.8 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 1.1.8 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitcoin Core (64-bit) (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BrightiaPlusの削除 (HKLM-x32\...\BrightiaPlus) (Version:  - )
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
Call of Duty - World at War (HKLM-x32\...\Call of Duty - World at War_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clrmamepro (HKLM-x32\...\clrmamepro) (Version: 4.00.15.0 - Roman Scherzer)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Croc 2 (HKLM-x32\...\Croc 2) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkcoin (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Darkcoin) (Version: 0.10.17.26 - Darkcoin Project)
Dead Island Riptide (c) Deep Silver version 1 (HKLM-x32\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - )
Deadfall Adventures (HKLM-x32\...\RGVhZGZhbGxBZHZlbnR1cmVz_is1) (Version: 1 - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DUNGEONS (HKLM-x32\...\{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}) (Version: 1.0.0.1 - Realmforge Studios GmbH)
Earthworm Jim 1 and 2 (HKLM-x32\...\GOGPACKEARTHWORMJIM12_is1) (Version: 2.0.0.7 - GOG.com)
Earthworm Jim 3D (HKLM-x32\...\Earthworm Jim 3D) (Version:  - )
Elcomsoft Phone Password Breaker (HKLM-x32\...\{91E3CFF8-5A2F-4895-A6BE-6883A66C6CD8}) (Version: 3.00.106.2053 - Elcomsoft Co. Ltd.)
Elgato Game Capture HD (HKLM-x32\...\{A04501E6-ED4D-43C9-9D69-9C78224B5BDC}) (Version: 2.01.49.776 - Elgato Systems GmbH)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version:  - )
Empire Earth II Gold Edition (HKLM-x32\...\Empire Earth II Gold Edition_is1) (Version:  - GOG.com)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Converter version 5.0.39.430 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.39.430 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.219 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.219 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.5.923 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.5.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.24.2.WIN.FullTilt.COM - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Capture HD v2.3.3.38 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.38 - Elgato Systems)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{79A72AAD-7ED4-49D8-872D-D1465061F9DB}) (Version:  - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5902.0 - IDT)
ILLUSION ジンコウガクエン (HKLM-x32\...\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}) (Version: 1.00.0000 - ILLUSION)
ILLUSION ジンコウガクエン きゃらめいく (HKLM-x32\...\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Litecoin (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Litecoin) (Version: 0.8.7.5 - Litecoin project)
Logix Product Key Viewer (HKLM-x32\...\Logix Product Key Viewer) (Version:  - S.C. Logix S.R.L.)
Logix Product Key Viewer (x32 Version: 1.2.1.11 - S.C. Logix S.R.L.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magic The Gathering Online  (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\35c9d60442fbb010) (Version: 3.4.81.404 - Wizards of the Coast)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - Deutsch (HKLM\...\{90150000-00BD-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Moorhuhnjagd (HKLM-x32\...\Moorhuhnjagd) (Version:  - )
MotioninJoy DS3 driver version 0.6.0004 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0004 - www.motioninjoy.com)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MultiMiner version 3.9.1 (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\{A59A265F-E97D-4A84-8E78-E8C59EB861CE}_is1) (Version: 3.9.1 - Nate Woolls)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NokiaFREE Unlock Codes Calculator (HKLM-x32\...\NokiaFREE Unlock Codes Calculator) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.1 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version:  - www.PerfectUninstaller.com)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.0.0 - PowerUp Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus500 (HKLM-x32\...\Plus500) (Version:  - )
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pong 1.0 (HKLM-x32\...\Pong) (Version: 1.0 - WorkHorse Games)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.0 - PS3 Media Server)
PS3.ProxyServer (HKLM-x32\...\{FE4086E1-FA7F-4A7A-8FC5-061337B5787E}) (Version: 1.0.0 - CF3B5)
PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rayman Legends (HKLM-x32\...\UmF5bWFuTGVnZW5kcw==_is1) (Version: 1 - )
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities_is1) (Version: 4.0 - SORCIM Technologies Pvt Ltd)
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Republic Heroes (HKLM-x32\...\{5612C844-55BC-4B77-82C2-A2E28962418E}) (Version: 1.00.0000 - LucasArts)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
RomCenter 3.7.1 (HKLM-x32\...\romcenter_is1) (Version: 3.7.1 - Eric Bole-Feysot)
Savage 2.00e (HKLM-x32\...\Product) (Version:  - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simple CPU Miner - 64bit (HKLM-x32\...\{EC52D440-B5B9-4172-8DE1-5FB45B45D0D0}) (Version: 2.3 - Miner)
Simple GPU Miner (HKLM-x32\...\{7CDFCC48-3AA5-4D86-88F7-3799B4158A9B}) (Version: 1.6 - Miner)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic Generations (HKLM-x32\...\Sonic Generations_is1) (Version: 1.0 - SEGA)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version:  - )
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version: 1.68 - Crystal Office Systems)
The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC (HKLM-x32\...\The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC_is1) (Version: The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC - Repack by Fenixx (02.05.2014))
Thief, âåðñèÿ 1.1.0.0 (HKLM-x32\...\Thief_is1) (Version: 1.1.0.0 - RePack by SEYTER)
Tomb Raider: The First Era (HKLM-x32\...\{9F5D630D-CBA3-4C4F-BDDA-3BAB7FD15541}_is1) (Version: Final - Eidos Interactive)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 3.5.0 - Universal Media Server)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
URL Snooper v2.37.01 (HKLM-x32\...\URLSnooper 2_is1) (Version:  - DonationCoder.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.2.28060 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.2.28060 - VMware, Inc.) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Worms Ultimate Mayhem - Deluxe Edition (HKLM-x32\...\Worms Ultimate Mayhem - Deluxe Edition_is1) (Version:  - )
XBMC (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\XBMC) (Version:  - Team XBMC)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

14-03-2015 22:05:54 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
17-03-2015 22:56:12 Eliminado Call of Duty(R) 4 - Modern Warfare(TM)
25-03-2015 20:10:44 Geplanter Prüfpunkt
08-04-2015 19:16:59 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-11-02 01:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01259730-6077-48F0-9749-23AEE8E60556} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {024A2859-258D-4493-A2BB-BB1C93878BCE} - System32\Tasks\{16AA9BA4-245E-4DDA-8018-7B94561E63E1} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {043146BB-350D-44C5-9B01-C4F240CA6696} - System32\Tasks\{2CFE9671-6269-4456-AE5B-52EBC7540F6D} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] ()
Task: {09CB5843-A520-4A5E-9DCC-407D53ED4DD8} - System32\Tasks\HPCeeScheduleForJoël => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {0EC8C87F-E64A-4F50-9234-2366982BF911} - \ea727281-8281-467f-bafd-cf5fb6f1777a-3 No Task File <==== ATTENTION
Task: {15B7FE36-4B39-4521-BC2B-2B6FE9C0DFE4} - System32\Tasks\{11A0E742-C5C3-4538-9EBF-B6872B79EAE2} => C:\Program Files (x86)\Activision\Modern Warfare 2\LauncherV3.exe [2014-08-15] ()
Task: {188242EE-F764-4F8C-AB26-17DFAAFCAF64} - \Installer_iwebar No Task File <==== ATTENTION
Task: {1E5DAFCC-BAD7-4DB0-B551-553EFED2D933} - System32\Tasks\{896A5FB8-E31E-48C9-95A7-72FC5CDBB772} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] ()
Task: {1F6AE4F6-7C1C-4099-8CE4-6C82D2C0846C} - System32\Tasks\{3A66FE75-2B3C-42DE-AA81-A206009E7FDC} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {216E6893-9A96-4700-9819-C294ECCC79E5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2471713F-F155-45F6-AA8D-4585DA34BDA0} - System32\Tasks\{D85A24B3-D48F-4598-8E27-F76B2A8EF310} => L:\setup.exe [2014-08-08] (                                                            )
Task: {2BEC0B85-8E65-4951-B6AF-B17B275D3C3A} - System32\Tasks\{CF030C54-0A1D-4F7F-817C-F97C5889DADF} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {33E022D9-8641-4192-91AC-25B1ABC011F2} - System32\Tasks\{732E911D-7F7F-485E-810B-5D327D1BB2F0} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts)
Task: {36300EE4-0538-4B0C-952A-659D2BD3E586} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {364D25EC-3FBC-4F1F-B266-2EF6F61DDEC1} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {374B3FF1-863A-46E3-9B02-35B07303D7D3} - System32\Tasks\{956F7214-E483-4153-AADB-0108A6806404} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] ()
Task: {3A0E625C-B244-4682-BF86-FC6E98012BB7} - System32\Tasks\{03F02BC4-40A4-4673-85A2-9DC6E49E1A46} => pcalua.exe -a C:\Users\Joël\Desktop\ul_install.exe -d C:\Users\Joël\Desktop
Task: {424EF6F3-F3D4-4115-A33C-E748FC3539F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {46D76D72-A3BE-4CEF-9C84-983586B5C18E} - System32\Tasks\{FD379D52-1B1D-42B3-AFDB-3F2351039C4B} => pcalua.exe -a "C:\Users\Joël\AppData\Local\Temp\Rar$EXa0.023\Locale Emulator\LEInstaller.exe" -d "C:\Users\Joël\AppData\Local\Temp\Rar$EXa0.023\Locale Emulator"
Task: {4A6D28BD-B225-40D9-93E2-C6BA4AE2E205} - System32\Tasks\{AC2F21BE-3401-4A84-B69A-1E5406AA9993} => C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe [1999-12-12] (WB Games, Inc.)
Task: {4DC19360-704F-489B-A301-17B81CAE5FC9} - System32\Tasks\{48EDFEA8-3C6A-4B6F-A24C-E9E724B267C6} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {55360A86-21DC-4312-8C86-11C0D7ABBCA2} - \ea727281-8281-467f-bafd-cf5fb6f1777a-5 No Task File <==== ATTENTION
Task: {5621FBF6-ABE9-41B9-B953-43E1B91B5FEC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-15] (AVAST Software)
Task: {565627D2-DAD1-4FCF-957A-CB9FA6A15419} - System32\Tasks\{44C652B8-961D-44FE-899D-2219F72C7A22} => pcalua.exe -a L:\DirectX7\dxsetup.exe -d L:\DirectX7
Task: {583032CA-74F5-41DD-A5D8-08FB0AC2D041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-04-07] (Microsoft)
Task: {5DF9FE70-2F1E-45BA-B903-658003C2B0DF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-08] ()
Task: {5EBAE3F2-07AE-4C2B-BE6F-AC00607F2C0B} - \SPBIW_UpdateTask_Time_323838363635333933352d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {658F9644-580D-4278-8E58-ACA879BC7F03} - \ea727281-8281-467f-bafd-cf5fb6f1777a-2 No Task File <==== ATTENTION
Task: {67CDA07F-A004-4E40-B3D9-C58FAC000C4D} - \ea727281-8281-467f-bafd-cf5fb6f1777a-4 No Task File <==== ATTENTION
Task: {72FF79AC-4632-42ED-92B0-ECE635FE5C43} - System32\Tasks\{B6824839-96C6-4F30-A31D-ACC966EC6D60} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {737CC060-AED3-47E3-8CDF-A0B77F309406} - System32\Tasks\{8A069E27-D6B4-43EC-899B-DD1CF10A03A5} => C:\Program Files (x86)\Activision\Modern Warfare 2\iw4mp.exe
Task: {73B35674-B2B4-4DD5-BABF-B293D3C8BF1E} - System32\Tasks\{6F1F8080-4EC6-41B8-BDE0-36D4534D4A8A} => C:\Users\Joël\Downloads\gta_sa.exe [2011-12-15] ()
Task: {7514A5FE-CF5B-445B-8734-FE0A5C861842} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {784EB45B-DC30-45AC-80F6-F509CD3AB38A} - System32\Tasks\Installer_sense => C:\Users\Joël\AppData\Local\Installer\Installsense_6948\DCytaiesmt_smtyc_setup.exe [2015-04-09] () <==== ATTENTION
Task: {7DE40AF8-A4B4-48F6-ACDF-DFFDBD9191F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {7FE9D29B-B11A-46D9-85EA-D81E7229FDA0} - System32\Tasks\{F35F547B-5A5B-4BA3-814D-9DA2A4ACC117} => L:\Brightia.exe
Task: {821C4BAA-3EE1-46CB-8272-F054B306F6E9} - System32\Tasks\{A7B46BDD-C862-49DE-B43C-680736A7B63C} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {8392010E-1EF9-4952-BB27-F668C57C8BCD} - System32\Tasks\{AB743845-5798-4955-B94C-DE1B6DA9B041} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {84ADCB9A-187C-43D9-930D-814206EEC3E2} - System32\Tasks\{0AF2A766-64AF-4300-9088-283EE674CA71} => C:\Program Files (x86)\Activision\Modern Warfare 2\iw4mp.exe
Task: {936DA1D0-D0A4-4895-AB42-FE2A652B893D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {94113560-D325-4691-94FF-05B510656293} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {94EC3E70-EEBC-4C49-B9DF-D54FF95FBE88} - System32\Tasks\{53376D40-26A9-4AB8-BD3A-01E663446AA5} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {959CA229-0258-499B-B36E-8DDC7ADA8A38} - System32\Tasks\{AC2A9EE0-9FB9-49DC-B676-D74622B76485} => L:\setup.exe [2014-08-08] (                                                            )
Task: {98DEA201-F266-4F52-B933-BDF968C05101} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {9F8E6F53-B834-4BDB-919E-FEEC2481AD62} - System32\Tasks\{FAB1DF28-51CF-410C-94B7-F38DDE8A070E} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts)
Task: {A0DCF04E-30A3-4F00-B76F-3E04E130A96C} - \ea727281-8281-467f-bafd-cf5fb6f1777a-1 No Task File <==== ATTENTION
Task: {A53D3E3A-37AC-4410-97EE-179F96F70B0B} - System32\Tasks\{98D9A5E0-5254-4144-BFA9-38EB55BF0CB2} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {A92224E6-38AD-4C30-BC6F-0D9FF249818B} - System32\Tasks\{A4A92AE4-1311-46BB-92D4-C57C70110E8A} => msiexec.exe /package "C:\Users\Joël\Desktop\apploc.msi"
Task: {A98C5DC5-528E-43AD-BD90-834CFD65955F} - System32\Tasks\{D0C6E61D-73B0-4921-91B6-E9DC4CAA7D3A} => C:\Users\Joël\Desktop\DS3_Tool.exe
Task: {AD50DD87-3767-4EF4-ABE1-EFDA7E42A2D0} - System32\Tasks\{38225AF4-AE8A-4C1A-9223-4E4A3B464BB8} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] ()
Task: {B265A417-2ADA-4F31-BCAD-A2FCE5A911D4} - System32\Tasks\{85B5CFAA-3995-4750-BBE9-33E500B03B91} => C:\Program Files (x86)\Deadfall Adventures\Binaries\Win32\ADVGame-Win32-Shipping.exe [2013-11-15] ()
Task: {BA21F98B-2E7A-4954-9767-67C4BEAD1AA7} - System32\Tasks\{202143D6-9C86-4B06-9877-A8C354898E23} => C:\Program Files (x86)\Sonic Generations\ConfigurationTool.exe [2011-11-05] (SEGA)
Task: {BACBC536-0393-4751-B740-C71AF0A78A2B} - System32\Tasks\{9D97C117-B3EA-45BE-9B74-E267A0DDD156} => C:\Program Files (x86)\LucasArts\SWTFU2_PC_EFIGS_1.1_Update.exe [2010-12-06] (LucasArts)
Task: {C21F1BD8-A992-4922-B3BB-81AC301D514B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {DE63C791-68F5-4DBA-B2BE-944C5296DE42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {E0C0B101-1438-4741-9DA2-730414DEBAAE} - System32\Tasks\{278B0EEE-4136-4E93-A7F9-C7C79F2981E3} => C:\Users\Joël\Downloads\GTASanAndreas\gta_sa.exe [2005-06-08] ()
Task: {E110F5AC-17AE-45B2-904A-F48A2A087B38} - System32\Tasks\{2661642C-9A09-45BF-B626-1899FBAE6039} => C:\Program Files (x86)\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU Launcher.exe
Task: {E829C878-233B-4E83-BF78-0BC00F2123A2} - System32\Tasks\{CD3DD6CE-EDFC-4EA9-8914-6E59CCE95E7A} => L:\setup.exe [2014-08-08] (                                                            )
Task: {EE809B7C-C226-4F0A-8FB8-173CEE8D4F51} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {F74A94EC-05AC-4A28-A046-EC4ADF17EDF8} - System32\Tasks\{2EC2FE6D-D080-41AA-877A-160D27B0FA36} => pcalua.exe -a L:\setup.exe -d L:\
Task: {FE61142E-29B5-4920-B27B-C238A622D931} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-07] (Microsoft)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04397d33089c6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJoël.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RegInOut on user logon - Joël.job => C:\Program Files (x86)\RegInOut System Utilities\RegInOut.exe

==================== Loaded Modules (whitelisted) ==============

2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-17 23:12 - 2015-03-17 23:12 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-06 00:21 - 2011-12-07 18:31 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2012-01-18 15:04 - 2012-01-18 15:04 - 11839488 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-05-06 00:21 - 2011-12-08 16:53 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2015-04-09 00:17 - 2015-04-09 00:16 - 01222640 _____ () C:\Users\Joël\AppData\Local\Installer\Installsense_6948\DCytaiesmt_smtyc_setup.exe
2014-09-15 00:16 - 2014-09-15 00:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-10 20:11 - 2015-04-10 20:11 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041000\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-06 00:21 - 2011-10-25 14:54 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2012-01-18 14:43 - 2012-01-18 14:43 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-09-15 00:16 - 2014-09-15 00:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-06 00:21 - 2011-09-13 16:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2015-04-10 20:15 - 2015-04-10 20:15 - 00043008 _____ () c:\users\jol~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwvlheh.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-01 21:06 - 2015-03-01 21:06 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:05E9FFE5
AlternateDataStreams: C:\ProgramData\Temp:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1424248093-816826443-285343795-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: NVSvc => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-1424248093-816826443-285343795-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1424248093-816826443-285343795-1002 - Limited - Enabled)
Gast (S-1-5-21-1424248093-816826443-285343795-501 - Limited - Enabled) => C:\Users\Gast
Joël (S-1-5-21-1424248093-816826443-285343795-1000 - Administrator - Enabled) => C:\Users\Joël

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 08:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 06:04:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.444+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.351+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm FRST64.exe wurde wegen dieses Fehlers geschlossen.

Programm: FRST64.exe
Datei:

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
        - diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
        - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000098
Datenträgertyp: 0

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000006
Fehleroffset: 0x0000000000029c42
ID des fehlerhaften Prozesses: 0x12f8
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (04/10/2015 00:46:11 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-04-11T05:43:11Z. Error Code: 0x80041321.


System errors:
=============
Error: (04/10/2015 08:14:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/10/2015 08:13:40 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d543a8f8-ba09-11e3-9a9e-806e6f6e6963}" können nicht gelesen werden.

Error: (04/10/2015 08:12:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109

Error: (04/10/2015 08:11:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WSWNA3100" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/10/2015 08:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 06:04:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.444+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.351+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: FRST64.exeC00000980

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011dentdll.dll6.1.7601.18247521eaf24c00000060000000000029c4212f801d0731544380f30P:\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll16a05b7b-df0b-11e4-8d77-e06995a7531d

Error: (04/10/2015 00:46:11 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413212015-04-11T05:43:11Z


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 00:26:28.286
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.226
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.196
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 23:35:12.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 23:35:12.267
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 35%
Total physical RAM: 8174.53 MB
Available physical RAM: 5288 MB
Total Pagefile: 16347.23 MB
Available Pagefile: 13228.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1848.86 GB) (Free:440.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive l: (Ultra Street Fig) (CDROM) (Total:11.11 GB) (Free:0 GB) CDFS
Drive m: (Disk1_CoDWaW) (CDROM) (Total:4.1 GB) (Free:0 GB) CDFS
Drive p: (W81_X64_MUL) (Removable) (Total:7.36 GB) (Free:1.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D0FBDB0A)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=1848.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Joel14 10.04.2015 19:34
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Joël at 2015-04-10 20:29:07
Running from C:\Users\Joël\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age Of Empires 3 version 1.0.0.0 (HKLM-x32\...\{9723A036-AC58-4D9A-B677-8D5BD2F312EF}_is1) (Version: 1.0.0.0 - Strogino CS Portal)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AirParrot (HKLM\...\{D523F3B0-B5FE-43D0-BFE7-62CA0DD598BD}) (Version: 1.1.7 - Squirrels)
Apowersoft Smartphone Manager Version 1.1.8 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 1.1.8 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bitcoin Core (64-bit) (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BrightiaPlusの削除 (HKLM-x32\...\BrightiaPlus) (Version:  - )
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
Call of Duty - World at War (HKLM-x32\...\Call of Duty - World at War_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
clrmamepro (HKLM-x32\...\clrmamepro) (Version: 4.00.15.0 - Roman Scherzer)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Croc 2 (HKLM-x32\...\Croc 2) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darkcoin (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Darkcoin) (Version: 0.10.17.26 - Darkcoin Project)
Dead Island Riptide (c) Deep Silver version 1 (HKLM-x32\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - )
Deadfall Adventures (HKLM-x32\...\RGVhZGZhbGxBZHZlbnR1cmVz_is1) (Version: 1 - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
DUNGEONS (HKLM-x32\...\{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}) (Version: 1.0.0.1 - Realmforge Studios GmbH)
Earthworm Jim 1 and 2 (HKLM-x32\...\GOGPACKEARTHWORMJIM12_is1) (Version: 2.0.0.7 - GOG.com)
Earthworm Jim 3D (HKLM-x32\...\Earthworm Jim 3D) (Version:  - )
Elcomsoft Phone Password Breaker (HKLM-x32\...\{91E3CFF8-5A2F-4895-A6BE-6883A66C6CD8}) (Version: 3.00.106.2053 - Elcomsoft Co. Ltd.)
Elgato Game Capture HD (HKLM-x32\...\{A04501E6-ED4D-43C9-9D69-9C78224B5BDC}) (Version: 2.01.49.776 - Elgato Systems GmbH)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version:  - )
Empire Earth II Gold Edition (HKLM-x32\...\Empire Earth II Gold Edition_is1) (Version:  - GOG.com)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Converter version 5.0.39.430 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.39.430 - DVDVideoSoft Ltd.)
Free Studio version 6.5.0.219 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.219 - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.5.923 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.5.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.24.2.WIN.FullTilt.COM - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Capture HD v2.3.3.38 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.38 - Elgato Systems)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{79A72AAD-7ED4-49D8-872D-D1465061F9DB}) (Version:  - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5902.0 - IDT)
ILLUSION ジンコウガクエン (HKLM-x32\...\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}) (Version: 1.00.0000 - ILLUSION)
ILLUSION ジンコウガクエン きゃらめいく (HKLM-x32\...\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IsoBuster 3.5 (HKLM-x32\...\IsoBuster_is1) (Version: 3.5 - Smart Projects)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Litecoin (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Litecoin) (Version: 0.8.7.5 - Litecoin project)
Logix Product Key Viewer (HKLM-x32\...\Logix Product Key Viewer) (Version:  - S.C. Logix S.R.L.)
Logix Product Key Viewer (x32 Version: 1.2.1.11 - S.C. Logix S.R.L.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magic The Gathering Online  (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\35c9d60442fbb010) (Version: 3.4.81.404 - Wizards of the Coast)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE  (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - Deutsch (HKLM\...\{90150000-00BD-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Moorhuhnjagd (HKLM-x32\...\Moorhuhnjagd) (Version:  - )
MotioninJoy DS3 driver version 0.6.0004 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0004 - www.motioninjoy.com)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MultiMiner version 3.9.1 (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\{A59A265F-E97D-4A84-8E78-E8C59EB861CE}_is1) (Version: 3.9.1 - Nate Woolls)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NokiaFREE Unlock Codes Calculator (HKLM-x32\...\NokiaFREE Unlock Codes Calculator) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.1 - Tracker Software Products Ltd)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version:  - www.PerfectUninstaller.com)
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 8.0.0 - PowerUp Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus500 (HKLM-x32\...\Plus500) (Version:  - )
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pong 1.0 (HKLM-x32\...\Pong) (Version: 1.0 - WorkHorse Games)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.0 - PS3 Media Server)
PS3.ProxyServer (HKLM-x32\...\{FE4086E1-FA7F-4A7A-8FC5-061337B5787E}) (Version: 1.0.0 - CF3B5)
PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rayman Legends (HKLM-x32\...\UmF5bWFuTGVnZW5kcw==_is1) (Version: 1 - )
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities_is1) (Version: 4.0 - SORCIM Technologies Pvt Ltd)
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Republic Heroes (HKLM-x32\...\{5612C844-55BC-4B77-82C2-A2E28962418E}) (Version: 1.00.0000 - LucasArts)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
RomCenter 3.7.1 (HKLM-x32\...\romcenter_is1) (Version: 3.7.1 - Eric Bole-Feysot)
Savage 2.00e (HKLM-x32\...\Product) (Version:  - )
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Simple CPU Miner - 64bit (HKLM-x32\...\{EC52D440-B5B9-4172-8DE1-5FB45B45D0D0}) (Version: 2.3 - Miner)
Simple GPU Miner (HKLM-x32\...\{7CDFCC48-3AA5-4D86-88F7-3799B4158A9B}) (Version: 1.6 - Miner)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sonic Generations (HKLM-x32\...\Sonic Generations_is1) (Version: 1.0 - SEGA)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version:  - )
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
StreamTransport version: 1.1.6.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version: 1.68 - Crystal Office Systems)
The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC (HKLM-x32\...\The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC_is1) (Version: The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC - Repack by Fenixx (02.05.2014))
Thief, âåðñèÿ 1.1.0.0 (HKLM-x32\...\Thief_is1) (Version: 1.1.0.0 - RePack by SEYTER)
Tomb Raider: The First Era (HKLM-x32\...\{9F5D630D-CBA3-4C4F-BDDA-3BAB7FD15541}_is1) (Version: Final - Eidos Interactive)
Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Ultra Street Fighter IV (HKLM-x32\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 3.5.0 - Universal Media Server)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
URL Snooper v2.37.01 (HKLM-x32\...\URLSnooper 2_is1) (Version:  - DonationCoder.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.2.28060 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.2.28060 - VMware, Inc.) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Worms Ultimate Mayhem - Deluxe Edition (HKLM-x32\...\Worms Ultimate Mayhem - Deluxe Edition_is1) (Version:  - )
XBMC (HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\XBMC) (Version:  - Team XBMC)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

14-03-2015 22:05:54 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 (Tunngle) Netzwerkadapter
17-03-2015 22:56:12 Eliminado Call of Duty(R) 4 - Modern Warfare(TM)
25-03-2015 20:10:44 Geplanter Prüfpunkt
08-04-2015 19:16:59 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-11-02 01:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01259730-6077-48F0-9749-23AEE8E60556} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe <==== ATTENTION
Task: {024A2859-258D-4493-A2BB-BB1C93878BCE} - System32\Tasks\{16AA9BA4-245E-4DDA-8018-7B94561E63E1} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {043146BB-350D-44C5-9B01-C4F240CA6696} - System32\Tasks\{2CFE9671-6269-4456-AE5B-52EBC7540F6D} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] ()
Task: {09CB5843-A520-4A5E-9DCC-407D53ED4DD8} - System32\Tasks\HPCeeScheduleForJoël => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {0EC8C87F-E64A-4F50-9234-2366982BF911} - \ea727281-8281-467f-bafd-cf5fb6f1777a-3 No Task File <==== ATTENTION
Task: {15B7FE36-4B39-4521-BC2B-2B6FE9C0DFE4} - System32\Tasks\{11A0E742-C5C3-4538-9EBF-B6872B79EAE2} => C:\Program Files (x86)\Activision\Modern Warfare 2\LauncherV3.exe [2014-08-15] ()
Task: {188242EE-F764-4F8C-AB26-17DFAAFCAF64} - \Installer_iwebar No Task File <==== ATTENTION
Task: {1E5DAFCC-BAD7-4DB0-B551-553EFED2D933} - System32\Tasks\{896A5FB8-E31E-48C9-95A7-72FC5CDBB772} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] ()
Task: {1F6AE4F6-7C1C-4099-8CE4-6C82D2C0846C} - System32\Tasks\{3A66FE75-2B3C-42DE-AA81-A206009E7FDC} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {216E6893-9A96-4700-9819-C294ECCC79E5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2471713F-F155-45F6-AA8D-4585DA34BDA0} - System32\Tasks\{D85A24B3-D48F-4598-8E27-F76B2A8EF310} => L:\setup.exe [2014-08-08] (                                                            )
Task: {2BEC0B85-8E65-4951-B6AF-B17B275D3C3A} - System32\Tasks\{CF030C54-0A1D-4F7F-817C-F97C5889DADF} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {33E022D9-8641-4192-91AC-25B1ABC011F2} - System32\Tasks\{732E911D-7F7F-485E-810B-5D327D1BB2F0} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts)
Task: {36300EE4-0538-4B0C-952A-659D2BD3E586} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {364D25EC-3FBC-4F1F-B266-2EF6F61DDEC1} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-22] (CyberLink)
Task: {374B3FF1-863A-46E3-9B02-35B07303D7D3} - System32\Tasks\{956F7214-E483-4153-AADB-0108A6806404} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] ()
Task: {3A0E625C-B244-4682-BF86-FC6E98012BB7} - System32\Tasks\{03F02BC4-40A4-4673-85A2-9DC6E49E1A46} => pcalua.exe -a C:\Users\Joël\Desktop\ul_install.exe -d C:\Users\Joël\Desktop
Task: {424EF6F3-F3D4-4115-A33C-E748FC3539F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {46D76D72-A3BE-4CEF-9C84-983586B5C18E} - System32\Tasks\{FD379D52-1B1D-42B3-AFDB-3F2351039C4B} => pcalua.exe -a "C:\Users\Joël\AppData\Local\Temp\Rar$EXa0.023\Locale Emulator\LEInstaller.exe" -d "C:\Users\Joël\AppData\Local\Temp\Rar$EXa0.023\Locale Emulator"
Task: {4A6D28BD-B225-40D9-93E2-C6BA4AE2E205} - System32\Tasks\{AC2F21BE-3401-4A84-B69A-1E5406AA9993} => C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe [1999-12-12] (WB Games, Inc.)
Task: {4DC19360-704F-489B-A301-17B81CAE5FC9} - System32\Tasks\{48EDFEA8-3C6A-4B6F-A24C-E9E724B267C6} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {55360A86-21DC-4312-8C86-11C0D7ABBCA2} - \ea727281-8281-467f-bafd-cf5fb6f1777a-5 No Task File <==== ATTENTION
Task: {5621FBF6-ABE9-41B9-B953-43E1B91B5FEC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-15] (AVAST Software)
Task: {565627D2-DAD1-4FCF-957A-CB9FA6A15419} - System32\Tasks\{44C652B8-961D-44FE-899D-2219F72C7A22} => pcalua.exe -a L:\DirectX7\dxsetup.exe -d L:\DirectX7
Task: {583032CA-74F5-41DD-A5D8-08FB0AC2D041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-04-07] (Microsoft)
Task: {5DF9FE70-2F1E-45BA-B903-658003C2B0DF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-08] ()
Task: {5EBAE3F2-07AE-4C2B-BE6F-AC00607F2C0B} - \SPBIW_UpdateTask_Time_323838363635333933352d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: {658F9644-580D-4278-8E58-ACA879BC7F03} - \ea727281-8281-467f-bafd-cf5fb6f1777a-2 No Task File <==== ATTENTION
Task: {67CDA07F-A004-4E40-B3D9-C58FAC000C4D} - \ea727281-8281-467f-bafd-cf5fb6f1777a-4 No Task File <==== ATTENTION
Task: {72FF79AC-4632-42ED-92B0-ECE635FE5C43} - System32\Tasks\{B6824839-96C6-4F30-A31D-ACC966EC6D60} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {737CC060-AED3-47E3-8CDF-A0B77F309406} - System32\Tasks\{8A069E27-D6B4-43EC-899B-DD1CF10A03A5} => C:\Program Files (x86)\Activision\Modern Warfare 2\iw4mp.exe
Task: {73B35674-B2B4-4DD5-BABF-B293D3C8BF1E} - System32\Tasks\{6F1F8080-4EC6-41B8-BDE0-36D4534D4A8A} => C:\Users\Joël\Downloads\gta_sa.exe [2011-12-15] ()
Task: {7514A5FE-CF5B-445B-8734-FE0A5C861842} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {784EB45B-DC30-45AC-80F6-F509CD3AB38A} - System32\Tasks\Installer_sense => C:\Users\Joël\AppData\Local\Installer\Installsense_6948\DCytaiesmt_smtyc_setup.exe [2015-04-09] () <==== ATTENTION
Task: {7DE40AF8-A4B4-48F6-ACDF-DFFDBD9191F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {7FE9D29B-B11A-46D9-85EA-D81E7229FDA0} - System32\Tasks\{F35F547B-5A5B-4BA3-814D-9DA2A4ACC117} => L:\Brightia.exe
Task: {821C4BAA-3EE1-46CB-8272-F054B306F6E9} - System32\Tasks\{A7B46BDD-C862-49DE-B43C-680736A7B63C} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {8392010E-1EF9-4952-BB27-F668C57C8BCD} - System32\Tasks\{AB743845-5798-4955-B94C-DE1B6DA9B041} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {84ADCB9A-187C-43D9-930D-814206EEC3E2} - System32\Tasks\{0AF2A766-64AF-4300-9088-283EE674CA71} => C:\Program Files (x86)\Activision\Modern Warfare 2\iw4mp.exe
Task: {936DA1D0-D0A4-4895-AB42-FE2A652B893D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {94113560-D325-4691-94FF-05B510656293} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {94EC3E70-EEBC-4C49-B9DF-D54FF95FBE88} - System32\Tasks\{53376D40-26A9-4AB8-BD3A-01E663446AA5} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] ()
Task: {959CA229-0258-499B-B36E-8DDC7ADA8A38} - System32\Tasks\{AC2A9EE0-9FB9-49DC-B676-D74622B76485} => L:\setup.exe [2014-08-08] (                                                            )
Task: {98DEA201-F266-4F52-B933-BDF968C05101} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {9F8E6F53-B834-4BDB-919E-FEEC2481AD62} - System32\Tasks\{FAB1DF28-51CF-410C-94B7-F38DDE8A070E} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts)
Task: {A0DCF04E-30A3-4F00-B76F-3E04E130A96C} - \ea727281-8281-467f-bafd-cf5fb6f1777a-1 No Task File <==== ATTENTION
Task: {A53D3E3A-37AC-4410-97EE-179F96F70B0B} - System32\Tasks\{98D9A5E0-5254-4144-BFA9-38EB55BF0CB2} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.)
Task: {A92224E6-38AD-4C30-BC6F-0D9FF249818B} - System32\Tasks\{A4A92AE4-1311-46BB-92D4-C57C70110E8A} => msiexec.exe /package "C:\Users\Joël\Desktop\apploc.msi"
Task: {A98C5DC5-528E-43AD-BD90-834CFD65955F} - System32\Tasks\{D0C6E61D-73B0-4921-91B6-E9DC4CAA7D3A} => C:\Users\Joël\Desktop\DS3_Tool.exe
Task: {AD50DD87-3767-4EF4-ABE1-EFDA7E42A2D0} - System32\Tasks\{38225AF4-AE8A-4C1A-9223-4E4A3B464BB8} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] ()
Task: {B265A417-2ADA-4F31-BCAD-A2FCE5A911D4} - System32\Tasks\{85B5CFAA-3995-4750-BBE9-33E500B03B91} => C:\Program Files (x86)\Deadfall Adventures\Binaries\Win32\ADVGame-Win32-Shipping.exe [2013-11-15] ()
Task: {BA21F98B-2E7A-4954-9767-67C4BEAD1AA7} - System32\Tasks\{202143D6-9C86-4B06-9877-A8C354898E23} => C:\Program Files (x86)\Sonic Generations\ConfigurationTool.exe [2011-11-05] (SEGA)
Task: {BACBC536-0393-4751-B740-C71AF0A78A2B} - System32\Tasks\{9D97C117-B3EA-45BE-9B74-E267A0DDD156} => C:\Program Files (x86)\LucasArts\SWTFU2_PC_EFIGS_1.1_Update.exe [2010-12-06] (LucasArts)
Task: {C21F1BD8-A992-4922-B3BB-81AC301D514B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {DE63C791-68F5-4DBA-B2BE-944C5296DE42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {E0C0B101-1438-4741-9DA2-730414DEBAAE} - System32\Tasks\{278B0EEE-4136-4E93-A7F9-C7C79F2981E3} => C:\Users\Joël\Downloads\GTASanAndreas\gta_sa.exe [2005-06-08] ()
Task: {E110F5AC-17AE-45B2-904A-F48A2A087B38} - System32\Tasks\{2661642C-9A09-45BF-B626-1899FBAE6039} => C:\Program Files (x86)\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU Launcher.exe
Task: {E829C878-233B-4E83-BF78-0BC00F2123A2} - System32\Tasks\{CD3DD6CE-EDFC-4EA9-8914-6E59CCE95E7A} => L:\setup.exe [2014-08-08] (                                                            )
Task: {EE809B7C-C226-4F0A-8FB8-173CEE8D4F51} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {F74A94EC-05AC-4A28-A046-EC4ADF17EDF8} - System32\Tasks\{2EC2FE6D-D080-41AA-877A-160D27B0FA36} => pcalua.exe -a L:\setup.exe -d L:\
Task: {FE61142E-29B5-4920-B27B-C238A622D931} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-04-07] (Microsoft)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d04397d33089c6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJoël.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RegInOut on user logon - Joël.job => C:\Program Files (x86)\RegInOut System Utilities\RegInOut.exe

==================== Loaded Modules (whitelisted) ==============

2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-17 23:12 - 2015-03-17 23:12 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-06 00:21 - 2011-12-07 18:31 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2012-01-18 15:04 - 2012-01-18 15:04 - 11839488 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-05-06 00:21 - 2011-12-08 16:53 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2015-04-09 00:17 - 2015-04-09 00:16 - 01222640 _____ () C:\Users\Joël\AppData\Local\Installer\Installsense_6948\DCytaiesmt_smtyc_setup.exe
2014-09-15 00:16 - 2014-09-15 00:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-10 20:11 - 2015-04-10 20:11 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041000\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-06 00:21 - 2011-10-25 14:54 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2012-01-18 14:43 - 2012-01-18 14:43 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-09-15 00:16 - 2014-09-15 00:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-06 00:21 - 2011-09-13 16:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2015-04-10 20:15 - 2015-04-10 20:15 - 00043008 _____ () c:\users\jol~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwvlheh.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-07-27 11:41 - 2014-07-27 11:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-01 21:06 - 2015-03-01 21:06 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\Temp:05E9FFE5
AlternateDataStreams: C:\ProgramData\Temp:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1424248093-816826443-285343795-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: NVSvc => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup
MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-1424248093-816826443-285343795-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1424248093-816826443-285343795-1002 - Limited - Enabled)
Gast (S-1-5-21-1424248093-816826443-285343795-501 - Limited - Enabled) => C:\Users\Gast
Joël (S-1-5-21-1424248093-816826443-285343795-1000 - Administrator - Enabled) => C:\Users\Joël

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2015 08:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 06:04:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.444+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.351+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm FRST64.exe wurde wegen dieses Fehlers geschlossen.

Programm: FRST64.exe
Datei:

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
        - diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
        - diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: C0000098
Datenträgertyp: 0

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 0.0.0.0, Zeitstempel: 0x550011de
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000006
Fehleroffset: 0x0000000000029c42
ID des fehlerhaften Prozesses: 0x12f8
Startzeit der fehlerhaften Anwendung: 0xFRST64.exe0
Pfad der fehlerhaften Anwendung: FRST64.exe1
Pfad des fehlerhaften Moduls: FRST64.exe2
Berichtskennung: FRST64.exe3

Error: (04/10/2015 00:46:11 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2015-04-11T05:43:11Z. Error Code: 0x80041321.


System errors:
=============
Error: (04/10/2015 08:14:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PinnacleUpdate Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/10/2015 08:13:40 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d543a8f8-ba09-11e3-9a9e-806e6f6e6963}" können nicht gelesen werden.

Error: (04/10/2015 08:12:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109

Error: (04/10/2015 08:11:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WSWNA3100" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/10/2015 08:11:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (04/10/2015 08:14:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 07:59:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T19:59:01.282+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 06:04:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.444+02:00| vthread-4| E105: Failed to create event for listen socket: Unknown error 10106 (0x277a) (10106)

Error: (04/10/2015 06:04:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2015-04-10T18:04:10.351+02:00| vthread-4| E105: Call to socket failed with error 10106.

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: FRST64.exeC00000980

Error: (04/10/2015 00:52:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FRST64.exe0.0.0.0550011dentdll.dll6.1.7601.18247521eaf24c00000060000000000029c4212f801d0731544380f30P:\FRST64.exeC:\Windows\SYSTEM32\ntdll.dll16a05b7b-df0b-11e4-8d77-e06995a7531d

Error: (04/10/2015 00:46:11 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800413212015-04-11T05:43:11Z


CodeIntegrity Errors:
===================================
  Date: 2014-11-02 00:26:28.286
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.226
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-02 00:26:28.196
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 23:35:12.283
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-14 23:35:12.267
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Percentage of memory in use: 35%
Total physical RAM: 8174.53 MB
Available physical RAM: 5288 MB
Total Pagefile: 16347.23 MB
Available Pagefile: 13228.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1848.86 GB) (Free:440.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive l: (Ultra Street Fig) (CDROM) (Total:11.11 GB) (Free:0 GB) CDFS
Drive m: (Disk1_CoDWaW) (CDROM) (Total:4.1 GB) (Free:0 GB) CDFS
Drive p: (W81_X64_MUL) (Removable) (Total:7.36 GB) (Free:1.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D0FBDB0A)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=1848.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Code:
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-03-17] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-01-18] (VMware, Inc.) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-01-18] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-15] ()
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1873024 2012-06-27] (AVerMedia TECHNOLOGIES, Inc.)
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2014-12-08] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-08] (Disc Soft Ltd)
S3 ElgatoGC656Y; C:\Windows\System32\Drivers\ElgatoGC656.sys [94440 2014-07-07] (UB658)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-30] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-10] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 20:27 - 2015-04-10 20:27 - 02095616 _____ (Farbar) C:\Users\Joël\Downloads\FRST64(2).exe
2015-04-10 20:24 - 2015-04-10 20:24 - 02785665 _____ (PortableApps.com) C:\Users\Joël\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-04-10 20:24 - 2015-04-10 20:24 - 00000000 ____D () C:\Users\Joël\Downloads\RevoUninstallerPortable
2015-04-10 20:06 - 2015-04-10 20:06 - 00027173 _____ () C:\Users\Joël\Documents\Malware.txt
2015-04-10 20:04 - 2015-04-10 20:04 - 00027177 _____ () C:\malwarbytes.txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Joël (administrator) on JOEL-HP on 10-04-2015 20:27:56
Running from C:\Users\Joël\Downloads
Loaded Profiles: Joël (Available profiles: Joël & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(BitTorrent Inc.) C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Users\Joël\AppData\Local\Installer\Installsense_6948\DCytaiesmt_smtyc_setup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(VS Revo Group) C:\Users\Joël\Downloads\RevoUninstallerPortable\App\RevoUninstaller\Revouninstaller.exe
(Farbar) C:\Users\Joël\Downloads\FRST64(2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-15] (AVAST Software)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2012-01-18] (VMware, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DXM6Patch_981116] => C:\Windows\p_981116.exe [497376 1998-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [uTorrent] => C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-16] (BitTorrent Inc.)
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [GenieoUpdaterService] => "C:\Users\Joël\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" -wait 5
HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [GenieoSystemTray] => "C:\Users\Joël\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKLM -> {CA84F3A1-C833-4BCE-8DF7-4C8474995A97} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-09-15] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-15] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-18] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Tcpip\..\Interfaces\{44C5EE26-39CC-4997-8768-FF5ABF9C2207}: [NameServer] 208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-01] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-03] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-03] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin HKU\S-1-5-21-1424248093-816826443-285343795-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-06-03] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-04-09] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-04-09] (Apple Inc.)
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\englische-ergebnisse.xml [2014-07-22]
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\gmx-suche.xml [2014-07-22]
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\lastminute.xml [2014-07-22]
FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\webde-suche.xml [2014-07-22]
FF Extension: WEB.DE MailCheck - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\toolbar@web.de [2015-02-27]
FF Extension: Popular Website Buddy - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\jid1-l6V8exwLVv1lBw@jetpack.xpi [2014-05-15]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\vdpure@link64.xpi [2015-02-25]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-26]
FF Extension: Adblock Plus - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-02]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-04]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-04-04]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-15]
FF HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-06]
CHR Extension: (Google Docs) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-06]
CHR Extension: (Google Drive) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-06]
CHR Extension: (Google Search) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-06]
CHR Extension: (Google Sheets) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-06]
CHR Extension: (Avira Browser Safety) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-06]
CHR Extension: (avast! Online Security) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-06]
CHR Extension: (Google Wallet) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-06]
CHR Extension: (Gmail) - C:\Users\Joël\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-06]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-15] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed]
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-03-17] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-03-17] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-01-18] (VMware, Inc.) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-01-18] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-15] ()
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1873024 2012-06-27] (AVerMedia TECHNOLOGIES, Inc.)
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2014-12-08] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-08] (Disc Soft Ltd)
S3 ElgatoGC656Y; C:\Windows\System32\Drivers\ElgatoGC656.sys [94440 2014-07-07] (UB658)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-30] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-10] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 20:27 - 2015-04-10 20:27 - 02095616 _____ (Farbar) C:\Users\Joël\Downloads\FRST64(2).exe
2015-04-10 20:24 - 2015-04-10 20:24 - 02785665 _____ (PortableApps.com) C:\Users\Joël\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2015-04-10 20:24 - 2015-04-10 20:24 - 00000000 ____D () C:\Users\Joël\Downloads\RevoUninstallerPortable
2015-04-10 20:06 - 2015-04-10 20:06 - 00027173 _____ () C:\Users\Joël\Documents\Malware.txt
2015-04-10 20:04 - 2015-04-10 20:04 - 00027177 _____ () C:\malwarbytes.txt
2015-04-10 19:08 - 2015-04-10 19:08 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-10 00:43 - 2015-04-10 00:43 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-10 00:01 - 2015-04-09 23:50 - 40676944 _____ () C:\Users\Joël\Desktop\FirefoxSetup37.0.1.exe
2015-04-10 00:01 - 2015-04-09 23:49 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Joël\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-10 00:01 - 2015-04-09 23:49 - 02217984 _____ () C:\Users\Joël\Desktop\AdwCleaner_4.201.exe
2015-04-09 22:58 - 2015-04-09 22:58 - 02194168 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.200.exe
2015-04-09 22:57 - 2015-04-09 22:57 - 02201924 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.201.exe
2015-04-09 22:57 - 2015-04-09 22:57 - 02193164 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.201(1).exe
2015-04-09 00:17 - 2015-04-09 00:17 - 00004352 _____ () C:\Windows\System32\Tasks\Installer_sense
2015-04-09 00:17 - 2015-04-09 00:17 - 00003440 _____ () C:\Windows\System32\Tasks\YTAUpdate
2015-04-09 00:16 - 2015-04-09 00:16 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2015-04-09 00:16 - 2015-04-09 00:16 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashRpt
2015-04-09 00:15 - 2015-04-09 00:15 - 00001863 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tetris.lnk
2015-04-09 00:15 - 2015-04-09 00:15 - 00000000 ____D () C:\Program Files (x86)\Tetris
2015-04-09 00:14 - 2015-04-09 00:14 - 01033544 _____ (Crystal Office Systems ) C:\Users\Joël\Downloads\tetris.exe
2015-04-09 00:14 - 2015-04-09 00:14 - 00232216 _____ () C:\Users\Joël\Downloads\tetris-34033932.exe
2015-04-06 00:11 - 2015-04-06 00:11 - 00000890 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Street Fighter IV.lnk
2015-04-06 00:11 - 2015-04-06 00:11 - 00000878 _____ () C:\Users\Public\Desktop\Ultra Street Fighter IV.lnk
2015-04-05 23:58 - 2015-04-06 00:35 - 00000000 ____D () C:\Program Files (x86)\Ultra Street Fighter IV
2015-04-05 06:19 - 2015-04-05 13:38 - 00000000 ____D () C:\Users\Joël\Downloads\Ultra.Street.Fighter.IV-RELOADED
2015-04-04 15:26 - 2015-04-05 03:27 - 00000000 ____D () C:\Users\Joël\AppData\Local\{A22B5810-6701-4C13-AEF5-FCA5A1C50AD5}
2015-04-04 15:14 - 2015-04-10 00:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 13:58 - 2015-04-03 13:58 - 41844891 _____ () C:\Users\Joël\Downloads\Exhibit_B-(DatPiff.com).zip
2015-03-30 16:22 - 2015-03-30 16:15 - 29606756 _____ () C:\Users\Joël\Desktop\SuperMario64HD_Win.zip
2015-03-30 16:14 - 2015-03-30 16:15 - 29606756 _____ () C:\Users\Joël\Downloads\SuperMario64HD_Win.zip
2015-03-19 19:49 - 2015-04-09 22:36 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoël.job
2015-03-19 19:49 - 2015-04-09 21:10 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoël
2015-03-17 23:13 - 2015-03-17 23:13 - 00000000 __SHD () C:\Windows\ftpcache
2015-03-17 23:12 - 2015-03-17 23:12 - 00682280 _____ () C:\Windows\SysWOW64\pbsvc.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-17 23:12 - 2015-03-17 23:12 - 00002221 _____ () C:\Users\Public\Desktop\Call of Duty - World at War Multiplayer.lnk
2015-03-17 23:12 - 2015-03-17 23:12 - 00002209 _____ () C:\Users\Public\Desktop\Call of Duty - World at War Single Player.lnk
2015-03-16 22:38 - 2015-03-16 22:38 - 13223208 _____ (Disc Soft Ltd) C:\Users\Joël\Downloads\DTLite501-0406.exe
2015-03-14 22:05 - 2015-03-15 05:10 - 00000000 ____D () C:\ProgramData\Tunngle
2015-03-14 22:05 - 2015-03-15 03:55 - 00000000 ____D () C:\Users\Joël\Documents\Tunngle
2015-03-14 22:05 - 2015-03-15 03:02 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Tunngle
2015-03-14 22:05 - 2015-03-14 22:07 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2015-03-14 22:05 - 2015-03-14 22:05 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2015-03-14 22:05 - 2015-03-14 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-03-14 22:05 - 2009-09-16 08:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2015-03-14 22:00 - 2015-03-14 22:02 - 04800816 _____ (Tunngle.net GmbH ) C:\Users\Joël\Downloads\Tunngle_Setup_v5.2(1).exe
2015-03-14 21:57 - 2015-03-14 21:59 - 04800816 _____ (Tunngle.net GmbH ) C:\Users\Joël\Downloads\Tunngle_Setup_v5.2.exe
2015-03-14 20:16 - 2015-03-14 22:31 - 70164560 ____R () C:\Users\Joël\Downloads\Civ5_Patch_from_1.0.1.275_to_1.0.1.348 [Cracked].rar
2015-03-14 20:15 - 2015-03-14 20:18 - 70902489 ____R () C:\Users\Joël\Downloads\civ5_update-1.0.1.217.rar
2015-03-14 20:11 - 2015-03-14 20:11 - 40955564 _____ () C:\Users\Joël\Downloads\Full Game(Setup + Crack).rar
2015-03-14 19:56 - 2015-03-14 19:56 - 00000000 ____D () C:\Users\Joël\AppData\Local\My Games
2015-03-14 15:54 - 2015-03-14 15:54 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com)(3).zip
2015-03-14 15:54 - 2015-03-14 15:54 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com)(2).zip
2015-03-14 15:54 - 2015-03-14 15:54 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com)(1).zip
2015-03-14 15:53 - 2015-03-14 15:54 - 63164765 _____ () C:\Users\Joël\Downloads\The_Medication-(DatPiff.com).zip
2015-03-14 15:53 - 2015-03-14 15:53 - 59036861 _____ () C:\Users\Joël\Downloads\Prohibition-(DatPiff.com).zip
2015-03-14 12:38 - 2015-03-14 12:38 - 74385898 _____ () C:\Users\Joël\Downloads\The_Prescription-(DatPiff.com).zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-10 20:28 - 2014-11-02 01:52 - 00028934 _____ () C:\Users\Joël\Downloads\FRST.txt
2015-04-10 20:27 - 2014-11-02 01:52 - 00000000 ____D () C:\FRST
2015-04-10 20:27 - 2014-04-09 00:49 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\uTorrent
2015-04-10 20:23 - 2011-07-18 01:54 - 00712990 _____ () C:\Windows\system32\perfh007.dat
2015-04-10 20:23 - 2011-07-18 01:54 - 00155952 _____ () C:\Windows\system32\perfc007.dat
2015-04-10 20:23 - 2009-07-14 07:13 - 01659220 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-10 20:22 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-10 20:22 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 20:18 - 2014-04-01 20:32 - 01837208 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 20:16 - 2014-04-10 00:58 - 00000000 ___RD () C:\Users\Joël\Dropbox
2015-04-10 20:15 - 2014-11-02 00:55 - 00000000 ____D () C:\AdwCleaner
2015-04-10 20:15 - 2014-04-10 00:46 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Dropbox
2015-04-10 20:14 - 2014-11-06 04:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 20:14 - 2014-10-09 00:46 - 00000000 ____D () C:\ProgramData\VMware
2015-04-10 20:14 - 2011-07-18 02:26 - 00000000 ____D () C:\ProgramData\PDFC
2015-04-10 20:13 - 2014-11-02 15:20 - 00042708 _____ () C:\Windows\PFRO.log
2015-04-10 20:13 - 2014-11-02 15:20 - 00019401 _____ () C:\Windows\setupact.log
2015-04-10 20:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-10 20:06 - 2014-11-06 04:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 20:03 - 2014-09-14 22:38 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-10 19:58 - 2011-07-18 02:29 - 00000000 ____D () C:\Windows\en
2015-04-10 19:56 - 2014-12-14 04:15 - 00000000 ____D () C:\Program Files (x86)\The Amazing Spider-Man 2.v 1.0.0.1 + 4 DLC
2015-04-10 19:08 - 2014-09-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-10 19:08 - 2014-09-14 22:38 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-10 00:52 - 2014-11-05 22:12 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashDumps
2015-04-10 00:46 - 2014-10-01 17:53 - 00000000 ____D () C:\Users\Joël\Desktop\Games
2015-04-10 00:43 - 2014-04-01 23:28 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-10 00:43 - 2014-04-01 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-10 00:32 - 2014-11-05 13:00 - 00119296 _____ () C:\Windows\SysWOW64\zlib.dll
2015-04-09 23:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-09 23:14 - 2014-09-15 16:53 - 00001102 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-04-09 23:14 - 2014-04-01 23:24 - 00001166 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-09 23:14 - 2014-04-01 23:24 - 00000943 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-09 23:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-09 23:13 - 2014-11-06 04:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-09 22:54 - 2014-04-09 00:08 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\vlc
2015-04-09 22:36 - 2011-07-18 02:17 - 00000000 ____D () C:\ProgramData\Temp
2015-04-09 21:09 - 2014-04-03 17:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-09 21:06 - 2014-04-03 17:54 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\HP Support Assistant
2015-04-09 21:06 - 2014-04-03 00:19 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\HpUpdate
2015-04-08 18:18 - 2014-04-10 00:47 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-06 05:24 - 2014-04-02 00:07 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Skype
2015-04-06 01:59 - 2014-11-02 00:02 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\OBS
2015-04-06 00:42 - 2014-07-29 09:28 - 00000000 ____D () C:\Users\Joël\Documents\CAPCOM
2015-04-05 22:46 - 2014-10-06 18:55 - 00000000 ____D () C:\Users\Joël\Downloads\KMS Activator for Windows + Office's + KMSpico Activator v9
2015-04-05 13:48 - 2014-12-03 22:37 - 00000000 ____D () C:\Users\Joël\AppData\Local\FullTiltPoker
2015-04-05 13:48 - 2014-12-03 22:35 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2015-04-03 02:24 - 2014-11-02 00:02 - 00000000 ____D () C:\Program Files\OBS
2015-03-28 01:41 - 2014-08-24 12:29 - 00000000 ____D () C:\Windows\pss
2015-03-18 01:05 - 2014-11-01 02:58 - 00000000 ____D () C:\Users\Joël\Desktop\Programme
2015-03-18 00:36 - 2011-07-18 02:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-17 23:12 - 2014-12-25 22:05 - 00295468 _____ () C:\Windows\Directx.log
2015-03-17 23:05 - 2015-01-19 19:06 - 00002171 _____ () C:\Users\Public\Desktop\Call of Duty - World at War.lnk
2015-03-17 22:58 - 2014-10-29 22:15 - 00000000 ____D () C:\Program Files (x86)\Activision
2015-03-17 22:57 - 2014-11-01 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-03-17 06:15 - 2014-09-14 22:38 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-17 06:15 - 2014-09-14 22:38 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 06:15 - 2014-09-14 22:38 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-15 13:41 - 2014-11-01 02:57 - 00000000 ____D () C:\Users\Joël\Desktop\Restsachen
2015-03-15 13:37 - 2014-04-01 23:23 - 00112288 _____ () C:\Users\Joël\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-15 13:36 - 2009-07-14 06:45 - 00446160 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 22:03 - 2014-07-25 02:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-14 19:57 - 2014-07-27 20:06 - 00000000 ____D () C:\Users\Joël\AppData\Local\SKIDROW
2015-03-13 00:41 - 2014-04-01 20:31 - 00000000 ____D () C:\Users\Joël

==================== Files in the root of some directories =======

2015-01-31 19:57 - 2015-01-31 19:57 - 9303942 _____ () C:\Users\Joël\AppData\Roaming\7.1.zip
2014-10-02 13:01 - 2014-10-02 13:01 - 0000074 _____ () C:\Users\Joël\AppData\Roaming\Camdata.ini
2014-10-02 13:01 - 2014-10-02 13:01 - 0000408 _____ () C:\Users\Joël\AppData\Roaming\CamLayout.ini
2014-10-02 13:01 - 2014-10-02 13:01 - 0000408 _____ () C:\Users\Joël\AppData\Roaming\CamShapes.ini
2014-10-02 13:01 - 2014-10-02 13:01 - 0004535 _____ () C:\Users\Joël\AppData\Roaming\CamStudio.cfg
2014-04-10 02:46 - 2014-04-10 02:46 - 0000448 _____ () C:\Users\Joël\AppData\Roaming\com.appdynamic.airmediaserver.plist
2014-04-25 00:50 - 2014-10-02 12:40 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.1.txt
2014-04-25 00:50 - 2014-05-28 23:44 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.2.txt
2014-04-25 00:50 - 2014-05-28 23:44 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.3.txt
2014-04-25 00:50 - 2014-05-28 23:44 - 0000919 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.4.txt
2014-04-25 00:50 - 2014-05-03 18:45 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.5.txt
2014-04-25 00:50 - 2014-05-03 18:44 - 0000919 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.6.txt
2014-04-25 00:50 - 2014-05-03 18:39 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.7.txt
2014-04-25 00:50 - 2014-04-26 23:45 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.8.txt
2014-04-25 00:50 - 2014-04-25 19:56 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.9.txt
2014-04-25 00:50 - 2014-12-08 21:33 - 0001181 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.txt
2014-04-25 00:50 - 2014-12-08 21:33 - 0000000 _____ () C:\Users\Joël\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-10-02 12:57 - 2014-10-02 12:57 - 0000096 _____ () C:\Users\Joël\AppData\Roaming\version2.xml
2014-04-29 02:41 - 2015-03-10 22:13 - 0057856 _____ () C:\Users\Joël\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-30 23:13 - 2014-08-30 23:13 - 0000092 _____ () C:\Users\Joël\AppData\Local\fusioncache.dat
2014-06-18 11:28 - 2014-11-10 23:02 - 0007609 _____ () C:\Users\Joël\AppData\Local\resmon.resmoncfg
2014-11-27 19:44 - 2014-11-27 19:44 - 0000000 _____ () C:\Users\Joël\AppData\Local\{C9DCAE0A-7F66-423A-BF35-CD24979C9202}
2014-11-17 04:05 - 2014-11-17 04:05 - 0000000 _____ () C:\Users\Joël\AppData\Local\{F4041526-A54D-470D-A5CF-DCA31E44FFFA}
2014-07-17 09:16 - 2014-11-26 18:36 - 0006897 _____ () C:\ProgramData\hpzinstall.log
2014-06-12 16:20 - 2014-06-12 16:28 - 0004335 _____ () C:\ProgramData\RUNDLL32.EXE-3004-F.txt

Some content of TEMP:
====================
C:\Users\Joël\AppData\Local\Temp\cabex.dll
C:\Users\Joël\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwvlheh.dll
C:\Users\Joël\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Joël\AppData\Local\Temp\InstallGenieo.exe
C:\Users\Joël\AppData\Local\Temp\jna2356463815749035604.dll
C:\Users\Joël\AppData\Local\Temp\jna3459829698647988724.dll
C:\Users\Joël\AppData\Local\Temp\jna6533567052833355640.dll
C:\Users\Joël\AppData\Local\Temp\jna7004795854746553123.dll
C:\Users\Joël\AppData\Local\Temp\jna8818759043853338928.dll
C:\Users\Joël\AppData\Local\Temp\jreInstall.exe
C:\Users\Joël\AppData\Local\Temp\nvStInst.exe
C:\Users\Joël\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Joël\AppData\Local\Temp\setup.exe
C:\Users\Joël\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Joël\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\Joël\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Joël\AppData\Local\Temp\start.exe
C:\Users\Joël\AppData\Local\Temp\unelevate.exe
C:\Users\Joël\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> testsigning is on. Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2015-04-08 19:09

==================== End Of Log ============================
--- --- ---

--- --- ---

deeprybka 10.04.2015 19:35
Für weiteren Support bitte die gecrackte Software deinstallieren.

Joel14 10.04.2015 20:21
ok Danke
Jetzt läuft alles wieedr einwandfrei. Werde euch auf jeden Fall witerempfehlen.

deeprybka 11.04.2015 15:41
Zitat:
Zitat von Joel14 (Beitrag 1453798)
ok Danke
Jetzt läuft alles wieedr einwandfrei. Werde euch auf jeden Fall witerempfehlen.
Danke. Hinweis: Der PC ist aber noch nicht sauber.


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131