Internet lädt ewigs obwohl gute verbindung besteht

Joel14 · 16.03.2014, 13:51

Hallo

Habe seit geraumer Zeit da ein Problem. Das Internet lädt ewigs, obwohl kein Verbindungsproblem besteht. Was kann das sein?. Mit dem I Phone funktioniert das Internet einwandfrei. Es lädt auch nur zu Beginn ewigs. Etwa nach einer halben stunde laden funktioniert das internet wieder einwandfrei. Danke für die Hilfe

lg

joël

cosinus · 16.03.2014, 16:24

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Joel14 · 16.03.2014, 16:32

Ran by Joël (administrator) on JOEL-HP on 16-03-2014 14:25:36
Running from C:\Users\Joël\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
() C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\HitsBlender\HitsBlender.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avscan.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-26] (IDT, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Mondkalender] - 22
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-06-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2014-01-08] ()
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2013-11-15] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Facebook Update] - C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-04] (Facebook Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [AnyDVD] - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7237720 2013-07-17] (SlySoft, Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Apps Hat] - C:\Users\Joël\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [BitTorrent] - C:\Users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe [1125456 2013-05-29] (BitTorrent Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL => C:\Program Files (x86)\GS-Enabler\Assistant_x64.dll [2759168 2014-01-07] ()
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HitsBlender.lnk
ShortcutTarget: HitsBlender.lnk -> C:\Program Files (x86)\HitsBlender\HitsBlender.exe ()
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {CA84F3A1-C833-4BCE-8DF7-4C8474995A97} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipbho.dll (Jump Flip)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Show-Password - {f27d9be2-a2b1-4956-97b7-2684879678db} - C:\Program Files (x86)\Show-Password\150.dll No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-18] (EasyBits Software Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158

FireFox:
========
FF ProfilePath: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Joël\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: UtubeAdiReemoVal - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\ifc8i.dw@bhfabiyyqfsp.com [2014-01-30]
FF Extension: BBestSavveForYou - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\mjyaypd@bnzemxyoe.net [2014-02-27]
FF Extension: 1ClickMovie Downloader - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\clickMvd@clickMvd.com.xpi [2013-06-26]
FF Extension: Video Resumer - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\videoresumer@jetpack.xpi [2013-06-06]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-02-12]
FF Extension: XHTML Mobile Profile - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}.xpi [2014-03-08]
FF Extension: Jump Flip - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{cc30460f-753f-44d9-b58c-13dae1321968}.xpi [2014-03-15]
FF Extension: Adblock Plus - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2014-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-09]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-17]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-15]
FF HKCU\...\Firefox\Extensions: [{1844020a-dea9-4bfb-981d-9c31b7fa20a5}] - C:\Program Files (x86)\Show-Password\150.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [hpomcmndppalndoljdilmfkkjkcnongl] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-03-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-17]
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\150.crx [2012-06-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2013-02-07] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-07] (Ellora Assets Corp.)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2014-01-08] ()
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (libusb-Win32)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-03-30] ()
R2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [348960 2014-03-14] ()
R2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [348960 2014-03-14] ()
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1757952 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [1160824 2012-04-03] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-10] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-03-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120427.001\IDSvia64.sys [488568 2012-03-15] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120427.002\ENG64.SYS [117880 2012-03-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120427.002\EX64.SYS [2048632 2012-03-16] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-03-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-16 14:25 - 2014-03-16 14:25 - 00031080 _____ () C:\Users\Joël\Downloads\FRST.txt
2014-03-16 14:25 - 2014-03-16 14:25 - 00000000 ____D () C:\FRST
2014-03-16 14:24 - 2014-03-16 14:24 - 02157056 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe
2014-03-16 12:42 - 2014-03-16 12:42 - 00001411 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-12 02:54 - 2014-03-16 13:02 - 00002708 _____ () C:\Windows\System32\Tasks\DriverToolkit Autorun
2014-03-12 02:54 - 2014-03-16 13:02 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-03-11 12:17 - 2014-03-11 12:17 - 00000000 ____D () C:\Users\Joël\AppData\Local\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:17 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:16 - 02243616 _____ (Megaify Software ) C:\Users\Joël\Downloads\driver_setup.exe
2014-03-11 12:16 - 2014-03-11 12:16 - 00001073 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk
2014-03-11 12:10 - 2014-03-11 12:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-11 12:09 - 2014-03-11 12:09 - 15359912 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Joël\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.23.0-retail.exe
2014-03-11 12:09 - 2014-03-11 12:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-08 21:57 - 2014-03-08 21:57 - 00002947 _____ () C:\Users\Joël\Downloads\wapthevoice.php
2014-03-06 16:41 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-06 16:30 - 2014-03-06 16:41 - 00014925 _____ () C:\Windows\IE11_main.log
2014-03-06 15:44 - 2014-03-06 15:44 - 01071000 _____ (Solid State Networks) C:\Users\Joël\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 01:11 - 2014-02-28 01:13 - 16935746 _____ () C:\Users\Joël\Downloads\GW_BETA_RELEASE_2.0b2.zip
2014-02-27 17:56 - 2014-03-13 21:26 - 00000000 ____D () C:\ProgramData\BBestSavveForYou
2014-02-26 02:16 - 2014-02-26 02:20 - 335645696 _____ () C:\Users\Joël\Downloads\PS4UPDATE.PUP
2014-02-24 02:44 - 2014-02-24 02:44 - 00536064 _____ (Igor Pavlov) C:\Users\Joël\Desktop\7za.exe
2014-02-24 02:44 - 2014-02-24 02:44 - 00015360 _____ (Juergen Auer, freiberuflicher Programmierer, Berlin. Aktuelle Version: Kleine Freeware - Tools für den systemnahen Einsatz - lokal oder im Netz) C:\Users\Joël\Desktop\download.exe
2014-02-23 21:07 - 2014-02-23 21:07 - 00002037 _____ () C:\Users\Public\Desktop\Titan Quest.lnk
2014-02-23 21:05 - 2014-02-23 21:07 - 00000000 ___SD () C:\Program Files (x86)\Xfire
2014-02-23 21:05 - 2014-02-23 21:07 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Xfire
2014-02-23 21:05 - 2014-02-23 21:05 - 00000969 _____ () C:\Users\Public\Desktop\Xfire.lnk
2014-02-23 21:03 - 2007-01-03 14:16 - 00040960 ____R () C:\Windows\SysWOW64\psfind.dll
2014-02-23 21:03 - 2006-07-11 18:43 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-02-23 20:58 - 2014-02-23 20:58 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-20 12:49 - 2014-02-23 00:51 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\Documents\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Program Files (x86)\Syncios
2014-02-20 12:46 - 2014-02-20 12:47 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Joël\Downloads\syncios.exe
2014-02-16 15:54 - 2014-03-16 12:44 - 00000000 ____D () C:\Users\Joël\AppData\Local\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00538120 _____ (HitsBlender) C:\Users\Joël\Downloads\play_Ice_T,_The_Iceberg___F.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00001917 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00001893 _____ () C:\Users\Joël\Desktop\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-02-15 02:10 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL (2)
2014-02-15 01:54 - 2014-03-06 20:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 01:26 - 2014-02-15 01:26 - 00000107 _____ () C:\Users\Joël\Desktop\JOEL.rar
2014-02-15 00:47 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL

==================== One Month Modified Files and Folders =======

2014-03-16 14:25 - 2014-03-16 14:25 - 00031080 _____ () C:\Users\Joël\Downloads\FRST.txt
2014-03-16 14:25 - 2014-03-16 14:25 - 00000000 ____D () C:\FRST
2014-03-16 14:24 - 2014-03-16 14:24 - 02157056 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe
2014-03-16 14:21 - 2013-03-13 00:58 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Skype
2014-03-16 14:10 - 2012-04-08 18:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 14:06 - 2012-10-03 17:29 - 00000372 _____ () C:\Windows\Tasks\WpsUpdateTask_Joël.job
2014-03-16 13:43 - 2012-03-16 02:55 - 01899912 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 13:42 - 2013-02-04 16:35 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA.job
2014-03-16 13:02 - 2014-03-12 02:54 - 00002708 _____ () C:\Windows\System32\Tasks\DriverToolkit Autorun
2014-03-16 13:02 - 2014-03-12 02:54 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-03-16 13:02 - 2013-05-29 16:26 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\BitTorrent
2014-03-16 12:47 - 2011-07-18 00:54 - 04739476 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 12:47 - 2011-07-18 00:54 - 01415038 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 12:47 - 2009-07-14 06:13 - 00006380 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 12:47 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 12:47 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 12:46 - 2013-04-05 21:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-16 12:44 - 2014-02-16 15:54 - 00000000 ____D () C:\Users\Joël\AppData\Local\HitsBlender
2014-03-16 12:43 - 2013-12-13 16:33 - 00003200 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4072727702-2463935606-4169030245-1000
2014-03-16 12:43 - 2013-12-11 13:28 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4072727702-2463935606-4169030245-1000
2014-03-16 12:42 - 2014-03-16 12:42 - 00001411 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-16 12:42 - 2014-01-08 23:14 - 00000402 _____ () C:\Windows\Tasks\Show-Password Update.job
2014-03-16 12:42 - 2013-08-04 12:36 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-03-16 12:42 - 2012-03-16 02:58 - 00001445 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 12:41 - 2011-07-18 01:26 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-16 12:40 - 2011-07-18 01:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-16 12:38 - 2012-12-03 03:01 - 00064150 _____ () C:\Windows\setupact.log
2014-03-16 12:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-14 23:40 - 2014-01-09 18:19 - 00000000 ____D () C:\Program Files (x86)\Jump Flip
2014-03-14 18:34 - 2014-01-07 13:00 - 00000000 ____D () C:\AdwCleaner
2014-03-14 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-13 21:26 - 2014-02-27 17:56 - 00000000 ____D () C:\ProgramData\BBestSavveForYou
2014-03-13 21:26 - 2014-01-05 00:43 - 00000000 ____D () C:\Users\Joël\Documents\WBFS Manager Covers
2014-03-13 16:40 - 2013-02-04 16:35 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core.job
2014-03-12 14:10 - 2012-04-08 18:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 14:10 - 2012-04-08 18:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 14:10 - 2012-03-16 18:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 13:32 - 2012-03-16 21:09 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashDumps
2014-03-11 19:17 - 2014-01-07 00:20 - 00000000 ____D () C:\Program Files (x86)\GS-Enabler
2014-03-11 19:14 - 2014-01-30 21:30 - 00000000 ____D () C:\ProgramData\UtubeAdiReemoVal
2014-03-11 12:17 - 2014-03-11 12:17 - 00000000 ____D () C:\Users\Joël\AppData\Local\DriverToolkit
2014-03-11 12:17 - 2014-03-11 12:16 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:16 - 02243616 _____ (Megaify Software ) C:\Users\Joël\Downloads\driver_setup.exe
2014-03-11 12:16 - 2014-03-11 12:16 - 00001073 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk
2014-03-11 12:10 - 2014-03-11 12:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-11 12:09 - 2014-03-11 12:09 - 15359912 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Joël\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.23.0-retail.exe
2014-03-11 12:09 - 2014-03-11 12:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-09 00:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-08 21:57 - 2014-03-08 21:57 - 00002947 _____ () C:\Users\Joël\Downloads\wapthevoice.php
2014-03-06 20:29 - 2014-02-15 01:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 20:29 - 2012-05-03 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-06 20:29 - 2010-11-21 04:47 - 00236220 _____ () C:\Windows\PFRO.log
2014-03-06 16:41 - 2014-03-06 16:30 - 00014925 _____ () C:\Windows\IE11_main.log
2014-03-06 16:28 - 2012-03-16 03:36 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 15:44 - 2014-03-06 15:44 - 01071000 _____ (Solid State Networks) C:\Users\Joël\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 01:13 - 2014-02-28 01:11 - 16935746 _____ () C:\Users\Joël\Downloads\GW_BETA_RELEASE_2.0b2.zip
2014-02-27 17:56 - 2014-01-30 21:30 - 00000000 ____D () C:\ProgramData\1f4fe01926131428
2014-02-26 02:20 - 2014-02-26 02:16 - 335645696 _____ () C:\Users\Joël\Downloads\PS4UPDATE.PUP
2014-02-24 02:47 - 2014-01-10 18:58 - 00000000 ____D () C:\Users\Joël\Desktop\games
2014-02-24 02:45 - 2014-01-04 20:03 - 00000000 ____D () C:\Users\Joël\Desktop\data
2014-02-24 02:44 - 2014-02-24 02:44 - 00536064 _____ (Igor Pavlov) C:\Users\Joël\Desktop\7za.exe
2014-02-24 02:44 - 2014-02-24 02:44 - 00015360 _____ (Juergen Auer, freiberuflicher Programmierer, Berlin. Aktuelle Version: Kleine Freeware - Tools für den systemnahen Einsatz - lokal oder im Netz) C:\Users\Joël\Desktop\download.exe
2014-02-23 21:07 - 2014-02-23 21:07 - 00002037 _____ () C:\Users\Public\Desktop\Titan Quest.lnk
2014-02-23 21:07 - 2014-02-23 21:05 - 00000000 ___SD () C:\Program Files (x86)\Xfire
2014-02-23 21:07 - 2014-02-23 21:05 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Xfire
2014-02-23 21:07 - 2012-04-08 16:42 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-23 21:07 - 2012-03-16 21:05 - 00000000 ____D () C:\Users\Joël\Documents\My Games
2014-02-23 21:05 - 2014-02-23 21:05 - 00000969 _____ () C:\Users\Public\Desktop\Xfire.lnk
2014-02-23 21:03 - 2013-05-13 14:36 - 00125713 _____ () C:\Windows\DirectX.log
2014-02-23 20:58 - 2014-02-23 20:58 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-23 20:58 - 2011-07-18 01:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 20:47 - 2012-04-09 02:51 - 00000000 ____D () C:\Users\Joël\AppData\Local\PokerStars
2014-02-23 20:46 - 2012-04-09 02:51 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-02-23 00:51 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Syncios
2014-02-20 13:59 - 2012-11-26 13:06 - 00000000 ____D () C:\Users\Joël\AppData\Local\Apple Computer
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\Documents\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Program Files (x86)\Syncios
2014-02-20 12:47 - 2014-02-20 12:46 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Joël\Downloads\syncios.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00538120 _____ (HitsBlender) C:\Users\Joël\Downloads\play_Ice_T,_The_Iceberg___F.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00001917 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00001893 _____ () C:\Users\Joël\Desktop\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-02-16 15:54 - 2012-12-13 23:49 - 00000000 ____D () C:\Users\Joël\AppData\Local\cache
2014-02-16 15:54 - 2012-03-16 02:58 - 00000000 ___RD () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-15 14:32 - 2014-01-09 20:29 - 00000000 ____D () C:\Users\Joël\Desktop\Ds games
2014-02-15 01:26 - 2014-02-15 01:26 - 00000107 _____ () C:\Users\Joël\Desktop\JOEL.rar
2014-02-15 00:47 - 2014-02-15 02:10 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL (2)
2014-02-15 00:47 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL
2014-02-14 00:36 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Joël\setup.exe

Some content of TEMP:
====================
C:\Users\Joël\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Joël\AppData\Local\Temp\aoe3x-105-english.exe
C:\Users\Joël\AppData\Local\Temp\aoe3x-105-german.exe
C:\Users\Joël\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Joël\AppData\Local\Temp\AskSLib.dll
C:\Users\Joël\AppData\Local\Temp\avgnt.exe
C:\Users\Joël\AppData\Local\Temp\bitool.dll
C:\Users\Joël\AppData\Local\Temp\DMLizard.exe
C:\Users\Joël\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\Joël\AppData\Local\Temp\FreemakeAudioConverter_1.1.0.46.exe
C:\Users\Joël\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.7.exe
C:\Users\Joël\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.3.exe
C:\Users\Joël\AppData\Local\Temp\htmlayout.dll
C:\Users\Joël\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Joël\AppData\Local\Temp\jna1560133547180391452.dll
C:\Users\Joël\AppData\Local\Temp\jna3932220247942491266.dll
C:\Users\Joël\AppData\Local\Temp\jna4918936229527986984.dll
C:\Users\Joël\AppData\Local\Temp\jna6234593704751008541.dll
C:\Users\Joël\AppData\Local\Temp\jna6723966985013961709.dll
C:\Users\Joël\AppData\Local\Temp\jna6770613259274550288.dll
C:\Users\Joël\AppData\Local\Temp\jna7820359329025734031.dll
C:\Users\Joël\AppData\Local\Temp\jna864224005719677311.dll
C:\Users\Joël\AppData\Local\Temp\jna8972611800363284495.dll
C:\Users\Joël\AppData\Local\Temp\jna9077574278784789503.dll
C:\Users\Joël\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Joël\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Joël\AppData\Local\Temp\MSNAD41.exe
C:\Users\Joël\AppData\Local\Temp\Offer.exe
C:\Users\Joël\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Joël\AppData\Local\Temp\Quarantine.exe
C:\Users\Joël\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Joël\AppData\Local\Temp\smt_nationzoom_20131128171426.exe
C:\Users\Joël\AppData\Local\Temp\standalonepatcherX.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231023.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231132.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231194.exe
C:\Users\Joël\AppData\Local\Temp\uninst1.exe
C:\Users\Joël\AppData\Local\Temp\uninstall3286987.exe
C:\Users\Joël\AppData\Local\Temp\uninstall3293805.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-03-11 13:54

==================== End Of Log ============================FRST Additions Logfile:
Code:

Ran by Joël at 2014-03-16 14:26:11
Running from C:\Users\Joël\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

«Age of Empers II HD Edition - The Forgotten» v.3.0.1560 (HKLM-x32\...\«Age of Empers II HD Edition - The Forgotten»_is1) (Version: - Microsoft Studios)
1917 - Der Aufstand 1.04 (HKLM-x32\...\1917 - Der Aufstand_is1) (Version: - Immanitas)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.1a (HKLM-x32\...\AC3Filter_is1) (Version: 2.1a - Alexander Vigovsky)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
All File to All File Converter 3000 7.3 (HKLM-x32\...\All File to All File Converter 3000_is1) (Version: - Head Document Tool Software, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.2.3.0 - SlySoft)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.5.1 - CrystalIdea Software, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
BBestSavveForYou (HKLM-x32\...\{F6A71DC7-28F4-C6C7-8FA9-8A56C80FC96A}) (Version: - BestSaiveFoorYeou)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29676 - BitTorrent Inc.)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Croc (HKLM-x32\...\Croc) (Version: - )
Croc 2 (HKLM-x32\...\Croc 2) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Der Mondkalender (HKLM-x32\...\Der Mondkalender) (Version: - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Direct MIDI to MP3 Converter 3.0 (HKLM-x32\...\Direct MIDI to MP3 Converter_is1) (Version: 3.0 - Piston Software)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
DriverIdentifier 4.2.5 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
DriverToolkit version 8.2.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.2.0.0 - Megaify Software)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.0 - Ellora Assets Corporation)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.48.1.WIN.FullTilt.COM - )
FURT-Kaktuswand Screen Saver (HKLM-x32\...\FURT-Kaktuswand) (Version: - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gateway Download Assistant (HKLM-x32\...\{A2A73632-BBAA-43EB-A337-ADF43F905A1C}) (Version: 1.0.0 - Gateway)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GS-Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e81a9dc1}) (Version: - Verified Publisher) <==== ATTENTION
HitsBlender (HKLM-x32\...\HitsBlender) (Version: 0.2.55 - HitsBlender)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.14.0 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IP Changer 2.0 (HKLM-x32\...\IP Changer 2.0) (Version: - )
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
IsoBuster 3.2 (HKLM-x32\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jump Flip (HKLM\...\Jump Flip) (Version: 2014.01.06.192505 - Jump Flip) <==== ATTENTION
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingsoft Office 2012 (8.1.0.3375) (HKLM-x32\...\Kingsoft Office) (Version: 8.1.0.3375 - Kingsoft Corp.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Legacy of Kain Soul Reaver (HKLM-x32\...\Legacy of Kain Soul Reaver_is1) (Version: - GOG.com)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Medal of Honor Warfighter - Limited Edition (HKLM-x32\...\Medal of Honor Warfighter - Limited Edition_is1) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - MotioninJoy | Playstation 3|Xbox 360|Dualshock 3|Sixaxis|Game|Driver|)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
nationzoom Browser Protecter (HKLM-x32\...\nationzoom Browser Protecter) (Version: - nationzoom) <==== ATTENTION
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Driver 267.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.95 - NVIDIA Corporation)
NVIDIA Control Panel 267.95 (Version: 267.95 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 267.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.95 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6795 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PKR (HKLM-x32\...\PKR) (Version: - PKR Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.72.0 - PS3 Media Server)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Registry Helper (HKLM-x32\...\Registry Helper) (Version: - SafeApp Software, LLC) <==== ATTENTION
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Roulette Bot Plus (HKLM-x32\...\RBPlus) (Version: 1.3.6.0 - Roulette Strategy - Methods ? Tricks and Roulette systems | Roulette Bot Plus)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Show-Password (HKLM-x32\...\f9d62fda-2190-4b1c-b5eb-60bff78bf46d) (Version: - Show-Password LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.2 - Sophos Limited)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Syncios Version 3.0.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.5 - Anvsoft, Inc.)
Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
The Klub 17 [v 6.10] (HKLM-x32\...\{2C72D4EA-BA65-4B9D-92F9-B916A25A8C4D}_is1) (Version: 1.0.1.3 - Hell_Archangel)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version: - )
upc cablecom assistant (HKLM-x32\...\upc cablecom assistant) (Version: 2.0.0.2 - upc cablecom GmbH)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UtubeAdiReemoVal (HKLM-x32\...\{1C60D9BB-E5C5-3DEB-97E7-57505435E501}) (Version: - UtiuBeAdRemovAl)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}) (Version: 16.0.9715 - WinZip Computing, S.L. )
WPM17.8.0.3297 (HKLM-x32\...\WPM) (Version: 17.8.0.3297 - Cherished Technololgy LIMITED) <==== ATTENTION
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
XSplit (HKLM-x32\...\{DAA18A0D-A57C-4611-B135-46EA06990E7D}) (Version: 1.2.1303.0101 - SplitMediaLabs)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-14 12:42 - 04541536 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.egdating.net # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {009DBD0D-FED9-42F4-A047-37A86425C7F5} - \DealPlyLiveUpdateTaskMachineCore No Task File
Task: {062F52FD-446F-4F1A-90ED-0DB1260C58C2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-04] (Facebook Inc.)
Task: {0D75E9E7-6BA3-45F8-B97A-01B4D4F557B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0E0BB9E5-2CEC-4E70-9A44-E02BAE73199D} - \1ClickMovieDownloader V2-enabler No Task File
Task: {0F239C67-9A4C-44E4-83D8-18E73F6726E5} - \1ClickMovieDownloader V2-codedownloader No Task File
Task: {0F4710CA-FD93-49F4-8CEB-654E02596D33} - System32\Tasks\{89EE6333-C32B-4D3C-964D-FF62E8675800} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {106E8262-E4F6-4C5D-A709-F803FC2410AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {12DB4909-7439-4596-BAB0-51189686CB6C} - \Plus-HD-2.2-updater No Task File
Task: {1A8049C2-B99B-4A5E-94B4-C5375868958A} - System32\Tasks\{269506B7-0599-42EA-9CAC-A0E4FF22E106} => C:\Users\Joël\AppData\Local\Temp\Rar.343\3ds emulator.exe <==== ATTENTION
Task: {1E28B23A-A992-4135-ACA4-CBCC414253AC} - System32\Tasks\{55243672-57BE-4CF1-A4C1-42A60FCB9C7A} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {1E832495-DEA4-4A4E-BECA-8FABACFB4BCC} - System32\Tasks\{6AC98CAF-153B-4E49-A113-CAE49E16415A} => C:\Users\Joël\Downloads\Setup.exe [2006-04-20] ()
Task: {233DE1B6-4002-40FC-AB31-2DDD7131D5E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {24BBAF28-97AD-42CF-84EB-4220FEC8B5A1} - \DriverScanner No Task File
Task: {26C96248-9317-48CC-828F-54828A337069} - System32\Tasks\{CC347CA5-01E4-4CBA-8EA2-90FAE6250DCE} => C:\Users\Joël\AppData\Local\Temp\Rar.343\3ds emulator.exe <==== ATTENTION
Task: {340375E7-D449-45D5-9A0B-C7A89139EA7C} - \Plus-HD-2.2-enabler No Task File
Task: {39CED1D7-36B6-4E20-B901-9735BF7EFB3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3BCD2265-6A9F-4A60-BB7C-9920A6EF60E3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4072727702-2463935606-4169030245-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {3C525037-06F0-45E9-A54B-BA2DBCCC2F0F} - \a2zLyrics-1-codedownloader No Task File
Task: {447AA2CF-51E8-4714-B1E9-06C133B77388} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {46CB694F-E3D5-4045-903B-48EE3EDC033A} - System32\Tasks\{54EE4B82-38E3-48FB-A4B3-2815B4484225} => C:\Users\Joël\Downloads\Setup.exe [2006-04-20] ()
Task: {4971A94D-3948-4395-85FC-FA071B3F5FF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {51F9B346-E34A-4E42-89A1-C0770461C245} - \GoforFilesUpdate No Task File
Task: {56FAB415-F091-4EC3-809F-F02D9806340F} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {5A7FEC8B-6A79-4B5B-8EC4-D3DB38BE7CE2} - System32\Tasks\{145FE13D-0600-4590-9E8A-D06A797A6DC8} => C:\Program Files (x86)\Wiimm\WIT\wit.exe [2013-11-10] ()
Task: {64621859-7412-4A7E-957A-BE0039E8A939} - System32\Tasks\{2F97AB30-E5D3-4215-B23A-956D164034BC} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {66D60B57-7DAB-477D-8F8D-C8FEB741F751} - \a2zLyrics-1-updater No Task File
Task: {710B3747-0A7D-43D7-98A1-6660765DE03C} - \DealPlyUpdate No Task File
Task: {71823B38-8A4D-4D78-85C8-B6C77B02BAEB} - System32\Tasks\{A5C81017-0AC6-4964-AC90-457BC91829C9} => E:\NintendoWFCReg\setup.exe
Task: {73BBEBF5-0EF7-4CEC-B4F4-F62432DFA8CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {73F2E13C-3AA9-4208-9461-31F5118B93F2} - System32\Tasks\{A800C8BC-8202-4078-AEDC-30C106F714A5} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {77ECF107-3F0A-40D1-9BA4-73849F2E5450} - System32\Tasks\{04CF3226-F16F-41A2-A90F-48FAC54BF5E3} => E:\NintendoWFCReg\setup.exe
Task: {7BA9EB9A-96F5-468E-B705-FF28CF4D69B8} - \a2zLyrics-1-enabler No Task File
Task: {7C4AE5C7-CD87-4F14-8D7A-6BED59E49492} - System32\Tasks\{D47995BE-84B1-4F3A-A739-F3E5CBEA92BA} => C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe [2010-08-26] ()
Task: {7E02413B-0F9B-44B8-ADF4-9EEF7B6227EC} - \Dealply No Task File
Task: {82B70CE0-70B5-404F-A6CC-6AA20ACC089E} - \1ClickMovieDownloader V2-updater No Task File
Task: {82C55B93-E9D7-445A-AAA0-0DCF17DBBD8F} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2014-01-13] (Megaify Software Co., Ltd.)
Task: {86629B66-1C2F-4AB7-84FA-070A206B436B} - System32\Tasks\{A5B5F634-7694-4C62-80C4-FC472A20180F} => E:\NintendoWFCReg\setup.exe
Task: {8BCE297C-4CB6-4A94-843F-B3779F4CE0BF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-04] (Facebook Inc.)
Task: {8BDDEDD0-975A-496D-A44D-98E32FA158E6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4072727702-2463935606-4169030245-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F930826-B23B-4314-A1FE-A8EF3FDF0D5F} - \Plus-HD-2.2-codedownloader No Task File
Task: {8FE0ED9E-63D0-4DD7-B809-79458A5C9141} - \a2zLyrics-1-chromeinstaller No Task File
Task: {91117D93-AFF6-4804-A165-02915E8939FB} - System32\Tasks\{A3DF1C9D-415B-4B32-B295-CC4258064260} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {956FFC7C-4BAD-4211-9BCA-FF14AF1CD226} - System32\Tasks\{1A4A3826-32F8-4184-A9D5-BC49F71B4170} => C:\Users\Joël\Desktop\WiiBaFu-1.1-Win32\WiiBaFu.exe [2011-07-17] ()
Task: {9DBC52B9-930C-4323-8500-32B87AE4F36E} - System32\Tasks\{D2622FF3-99BE-4CD7-8CF8-B90AE473C341} => C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe [2010-08-26] ()
Task: {A2E8762A-6617-4532-B054-179DE21D64D5} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {A8E407EC-9AE5-44B1-98A0-9DC2B38DC7AA} - System32\Tasks\WpsUpdateTask_Joël => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2013-06-06] (Kingsoft Corp. Ltd.)
Task: {AD5DCB43-C68E-471A-96B1-E19E955162C2} - System32\Tasks\{6D32E824-305F-4B8D-8387-61653D899601} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {B29CF33E-043E-4F0A-B24F-DDAE55DBEE59} - System32\Tasks\{2FE5D2DD-2663-4AA6-B770-4C88C26E51D5} => E:\NintendoWFCReg\setup.exe
Task: {B5857148-0608-4B18-99EA-A2823F8BAD09} - System32\Tasks\RealCreateProcessScheduledTask348911S-1-5-21-4072727702-2463935606-4169030245-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2012-06-17] (RealNetworks, Inc.)
Task: {B5CED848-745E-4C81-AC77-EAEE10B37BBC} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {BBF5AAAA-DEF2-4058-AFD9-11875AC6A534} - System32\Tasks\{B489D59C-3596-47BD-B875-CD0E944AB64D} => E:\NintendoWFCReg\setup.exe
Task: {C0E0766C-C63F-475C-BA96-006BB0348291} - System32\Tasks\Show-Password Update => C:\Program Files (x86)\Show-Password\Show_Password.exe <==== ATTENTION
Task: {C3A046C5-92A9-413B-B4F4-9D1C2D0BAB1F} - System32\Tasks\{AB8B2FFE-683C-4214-AAB1-7AB963D7950A} => E:\NintendoWFCReg\setup.exe
Task: {C3D49DD7-712F-45D9-AEA0-A77B98BA4377} - \Desk 365 RunAsStdUser No Task File
Task: {C4AA361C-C169-46D1-A3BC-03A0D2224CE3} - System32\Tasks\{420A870F-FA95-45A8-8CAE-1BDDA451F577} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2011-01-01] (MotioninJoy | Playstation 3|Xbox 360|Dualshock 3|Sixaxis|Game|Driver|)
Task: {C4C286A9-30AD-4BAE-8C9A-3D7C3F795BA4} - System32\Tasks\{93143EA1-B319-4346-80AC-BE44F2D49C19} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {C6F7246D-A977-4A2A-9F17-5B81AFF4E836} - System32\Tasks\{F4E4D23C-E8FC-45BD-B819-D882F17B707A} => C:\Program Files (x86)\Wiimm\WIT\wit.exe [2013-11-10] ()
Task: {C7021514-477C-45D2-B78E-0FEDA1884E4B} - System32\Tasks\{808B8114-4681-4B83-9F45-851DD780E709} => C:\Users\Joël\Downloads\Setup.exe [2006-04-20] ()
Task: {C79BC359-4ACB-4A62-ACCD-0B41632FC10E} - System32\Tasks\{AD61AE84-6AF8-45D8-B93D-9FB1313395B9} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {D12862A9-8353-42A6-882F-5CFB357135D6} - System32\Tasks\{12EBAA9B-B2BA-482E-B34A-9CD709B5E57F} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe [2010-05-17] (Microsoft Corporation)
Task: {D2283470-46F3-4BEF-802C-CF75C740F89A} - System32\Tasks\{2660A302-4B9F-486D-AF72-472E5005013A} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {D934BD1C-4D09-40E0-8E4D-86CEA17738A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {E1E226CE-2DF1-44F9-B70D-163D11B6AEC5} - \a2zLyrics-1-firefoxinstaller No Task File
Task: {E88EF143-40B2-4812-8EEB-35D5D7575099} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {F5765AAF-FB14-4061-A6BA-919C3BC5F934} - \YourFile Update No Task File
Task: {F87C03F8-7EF4-4013-909F-7F2B0CE2DAEF} - System32\Tasks\{1EAF1AD0-5801-4B71-87CD-67E30FFD29BF} => E:\NintendoWFCReg\setup.exe
Task: {F9F0B4E8-ED4C-472B-863A-82DFC00F0E76} - \Plus-HD-2.2-firefoxinstaller No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core.job => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA.job => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Show-Password Update.job => C:\Program Files (x86)\Show-Password\Show_Password.exe <==== ATTENTION
Task: C:\Windows\Tasks\WpsUpdateTask_Joël.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-30 00:58 - 2012-03-30 00:58 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-06 20:32 - 2014-03-14 23:13 - 00348960 _____ () C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
2014-01-10 02:20 - 2014-03-14 22:40 - 00348960 _____ () C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
2012-03-16 03:09 - 2010-08-26 17:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2012-10-01 19:36 - 2012-10-01 19:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-14 19:49 - 2014-02-14 19:49 - 01449984 _____ () C:\Program Files (x86)\HitsBlender\HitsBlender.exe
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-01-08 01:02 - 2014-01-08 01:02 - 00302961 _____ () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
2014-02-20 12:49 - 2013-11-15 17:44 - 00723456 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2013-08-07 13:39 - 2013-08-07 13:27 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-16 03:09 - 2010-07-09 16:38 - 00331776 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2012-10-01 19:37 - 2012-10-01 19:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 08358400 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00151040 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 01152512 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00333824 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00026112 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-02-20 12:49 - 2014-01-27 16:53 - 00377344 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-02-20 12:49 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2014-02-20 12:49 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-02-15 01:54 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-30 08:40 - 2011-03-30 08:40 - 00237160 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-03-12 14:10 - 2014-03-12 14:10 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-08-07 13:39 - 2013-08-07 13:27 - 00394824 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Setup-Assistent.lnk => C:\Windows\pss\NETGEAR WNA3100 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupreg: BitTorrent => "C:\Users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: Desk 365 => "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun

==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/16/2014 00:41:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 00:32:59 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 0000000000000068,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0]).

Vorgang:
PostFinalCommitSnapshots wird verarbeitet

Kontext:
Ausführungskontext: System Provider

Error: (03/16/2014 00:30:36 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 - 0000000000000180,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0]).

Vorgang:
PostFinalCommitSnapshots wird verarbeitet

Kontext:
Ausführungskontext: System Provider

Error: (03/16/2014 00:08:14 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/16/2014 00:00:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 06:43:37 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.3.332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b18

Startzeit: 01cf3fac31d9ddee

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 01e2dd86-aba0-11e3-96de-e06995a7531d

Error: (03/14/2014 06:36:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (03/16/2014 01:43:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:14:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:07:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:02:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:02:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:59:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:58:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:50:09 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:40:59 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:40:32 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Microsoft Office Sessions:
=========================
Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/16/2014 00:41:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 00:32:59 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 0000000000000068,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0])

Vorgang:
PostFinalCommitSnapshots wird verarbeitet

Kontext:
Ausführungskontext: System Provider

Error: (03/16/2014 00:30:36 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 - 0000000000000180,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0])

Vorgang:
PostFinalCommitSnapshots wird verarbeitet

Kontext:
Ausführungskontext: System Provider

Error: (03/16/2014 00:08:14 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/16/2014 00:00:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 06:43:37 PM) (Source: Application Hang)(User: )
Description: avscan.exe14.0.3.3321b1801cf3fac31d9ddee60000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe01e2dd86-aba0-11e3-96de-e06995a7531d

Error: (03/14/2014 06:36:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2012-12-04 21:19:31.535
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-12-04 21:19:31.535
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 8174.53 MB
Available physical RAM: 4883.72 MB
Total Pagefile: 16347.25 MB
Available Pagefile: 12693.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1848.86 GB) (Free:1310.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (WORD 2007) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D0FBDB0A)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

Was kann ich tun?

cosinus · 16.03.2014, 16:37

Die Logs sollten in CODE-Tags gepostet werden. Außerdem vermisse ich die Logs zu bisherigen Funden sofern es welche gab.

Zitat:

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

Sowas geht schonmal garnicht. Wenn nimmt man genau eine AV-Lösung und nicht zwei. Und dann hast du auch noch welche genommen, die man absolut nicht empfehlen kann.

Schmeiß beides runter, wenn wir durch sind, kannst du auf eine bessere reine AV-Lösung umsteigen (ohne Desktop-Firewall, denn die von Windows ist nicht nur ausreichend, sondern deutlich sinnvoller als andere Destop-Firewalls)

Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird diese Toolbar von uns als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.

Joel14 · 16.03.2014, 16:53

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Joël (administrator) on JOEL-HP on 16-03-2014 16:46:06
Running from C:\Users\Joël\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
() C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\HitsBlender\HitsBlender.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-26] (IDT, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Mondkalender] - 22
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-06-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2014-01-08] ()
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2013-11-15] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Facebook Update] - C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-04] (Facebook Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [AnyDVD] - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7237720 2013-07-17] (SlySoft, Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Apps Hat] - C:\Users\Joël\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [BitTorrent] - C:\Users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe [1125456 2013-05-29] (BitTorrent Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL => C:\Program Files (x86)\GS-Enabler\Assistant_x64.dll [2759168 2014-01-07] ()
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HitsBlender.lnk
ShortcutTarget: HitsBlender.lnk -> C:\Program Files (x86)\HitsBlender\HitsBlender.exe ()
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {CA84F3A1-C833-4BCE-8DF7-4C8474995A97} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipbho.dll (Jump Flip)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Show-Password - {f27d9be2-a2b1-4956-97b7-2684879678db} - C:\Program Files (x86)\Show-Password\150.dll No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-18] (EasyBits Software Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158

FireFox:
========
FF ProfilePath: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Joël\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: UtubeAdiReemoVal - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\ifc8i.dw@bhfabiyyqfsp.com [2014-01-30]
FF Extension: BBestSavveForYou - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\mjyaypd@bnzemxyoe.net [2014-02-27]
FF Extension: 1ClickMovie Downloader - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\clickMvd@clickMvd.com.xpi [2013-06-26]
FF Extension: Video Resumer - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\videoresumer@jetpack.xpi [2013-06-06]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-02-12]
FF Extension: XHTML Mobile Profile - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}.xpi [2014-03-08]
FF Extension: Jump Flip - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{cc30460f-753f-44d9-b58c-13dae1321968}.xpi [2014-03-15]
FF Extension: Adblock Plus - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2014-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-09]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-17]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-15]
FF HKCU\...\Firefox\Extensions: [{1844020a-dea9-4bfb-981d-9c31b7fa20a5}] - C:\Program Files (x86)\Show-Password\150.xpi

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [hpomcmndppalndoljdilmfkkjkcnongl] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-03-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-17]
CHR HKLM-x32\...\Chrome\Extension: [logekkkdbdidmmcgkonmmonclldogceg] - C:\Program Files (x86)\Show-Password\150.crx [2012-06-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2013-02-07] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-07] (Ellora Assets Corp.)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2014-01-08] ()
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-03-30] ()
R2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [348960 2014-03-14] ()
R2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [348960 2014-03-14] ()
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1757952 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [1160824 2012-04-03] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-10] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-03-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120427.001\IDSvia64.sys [488568 2012-03-15] (Symantec Corporation)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120427.002\ENG64.SYS [117880 2012-03-16] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120427.002\EX64.SYS [2048632 2012-03-16] (Symantec Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-03-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 14:26 - 2014-03-16 14:26 - 00057897 _____ () C:\Users\Joël\Downloads\Addition.txt
2014-03-16 14:25 - 2014-03-16 16:46 - 00030991 _____ () C:\Users\Joël\Downloads\FRST.txt
2014-03-16 14:25 - 2014-03-16 16:46 - 00000000 ____D () C:\FRST
2014-03-16 14:24 - 2014-03-16 14:24 - 02157056 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe
2014-03-16 12:42 - 2014-03-16 12:42 - 00001411 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-12 02:54 - 2014-03-16 13:02 - 00002708 _____ () C:\Windows\System32\Tasks\DriverToolkit Autorun
2014-03-12 02:54 - 2014-03-16 13:02 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-03-11 12:17 - 2014-03-11 12:17 - 00000000 ____D () C:\Users\Joël\AppData\Local\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:17 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:16 - 02243616 _____ (Megaify Software ) C:\Users\Joël\Downloads\driver_setup.exe
2014-03-11 12:16 - 2014-03-11 12:16 - 00001073 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk
2014-03-11 12:10 - 2014-03-11 12:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-11 12:09 - 2014-03-11 12:09 - 15359912 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Joël\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.23.0-retail.exe
2014-03-11 12:09 - 2014-03-11 12:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-08 21:57 - 2014-03-08 21:57 - 00002947 _____ () C:\Users\Joël\Downloads\wapthevoice.php
2014-03-06 16:41 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-06 16:30 - 2014-03-06 16:41 - 00014925 _____ () C:\Windows\IE11_main.log
2014-03-06 15:44 - 2014-03-06 15:44 - 01071000 _____ (Solid State Networks) C:\Users\Joël\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 01:11 - 2014-02-28 01:13 - 16935746 _____ () C:\Users\Joël\Downloads\GW_BETA_RELEASE_2.0b2.zip
2014-02-27 17:56 - 2014-03-13 21:26 - 00000000 ____D () C:\ProgramData\BBestSavveForYou
2014-02-26 02:16 - 2014-02-26 02:20 - 335645696 _____ () C:\Users\Joël\Downloads\PS4UPDATE.PUP
2014-02-24 02:44 - 2014-02-24 02:44 - 00536064 _____ (Igor Pavlov) C:\Users\Joël\Desktop\7za.exe
2014-02-24 02:44 - 2014-02-24 02:44 - 00015360 _____ (Juergen Auer, freiberuflicher Programmierer, Berlin. Aktuelle Version: hxxp://www.sql-und-xml.de/freeware-tools/) C:\Users\Joël\Desktop\download.exe
2014-02-23 21:07 - 2014-02-23 21:07 - 00002037 _____ () C:\Users\Public\Desktop\Titan Quest.lnk
2014-02-23 21:05 - 2014-02-23 21:07 - 00000000 ___SD () C:\Program Files (x86)\Xfire
2014-02-23 21:05 - 2014-02-23 21:07 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Xfire
2014-02-23 21:05 - 2014-02-23 21:05 - 00000969 _____ () C:\Users\Public\Desktop\Xfire.lnk
2014-02-23 21:03 - 2007-01-03 14:16 - 00040960 ____R () C:\Windows\SysWOW64\psfind.dll
2014-02-23 21:03 - 2006-07-11 18:43 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-02-23 20:58 - 2014-02-23 20:58 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-20 12:49 - 2014-02-23 00:51 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\Documents\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Program Files (x86)\Syncios
2014-02-20 12:46 - 2014-02-20 12:47 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Joël\Downloads\syncios.exe
2014-02-16 15:54 - 2014-03-16 12:44 - 00000000 ____D () C:\Users\Joël\AppData\Local\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00538120 _____ (hxxp://hitsblender.com/) C:\Users\Joël\Downloads\play_Ice_T,_The_Iceberg___F.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00001917 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00001893 _____ () C:\Users\Joël\Desktop\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-02-15 02:10 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL (2)
2014-02-15 01:54 - 2014-03-06 20:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 01:26 - 2014-02-15 01:26 - 00000107 _____ () C:\Users\Joël\Desktop\JOEL.rar
2014-02-15 00:47 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL

==================== One Month Modified Files and Folders =======

2014-03-16 16:46 - 2014-03-16 14:25 - 00030991 _____ () C:\Users\Joël\Downloads\FRST.txt
2014-03-16 16:46 - 2014-03-16 14:25 - 00000000 ____D () C:\FRST
2014-03-16 16:44 - 2013-03-13 00:58 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Skype
2014-03-16 16:40 - 2013-02-04 16:35 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA.job
2014-03-16 16:40 - 2013-02-04 16:35 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core.job
2014-03-16 16:10 - 2012-04-08 18:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 16:06 - 2012-10-03 17:29 - 00000372 _____ () C:\Windows\Tasks\WpsUpdateTask_Joël.job
2014-03-16 14:26 - 2014-03-16 14:26 - 00057897 _____ () C:\Users\Joël\Downloads\Addition.txt
2014-03-16 14:24 - 2014-03-16 14:24 - 02157056 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe
2014-03-16 13:43 - 2012-03-16 02:55 - 01899912 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 13:02 - 2014-03-12 02:54 - 00002708 _____ () C:\Windows\System32\Tasks\DriverToolkit Autorun
2014-03-16 13:02 - 2014-03-12 02:54 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-03-16 13:02 - 2013-05-29 16:26 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\BitTorrent
2014-03-16 12:47 - 2011-07-18 00:54 - 04739476 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 12:47 - 2011-07-18 00:54 - 01415038 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 12:47 - 2009-07-14 06:13 - 00006380 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 12:47 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 12:47 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 12:46 - 2013-04-05 21:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-16 12:44 - 2014-02-16 15:54 - 00000000 ____D () C:\Users\Joël\AppData\Local\HitsBlender
2014-03-16 12:43 - 2013-12-13 16:33 - 00003200 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4072727702-2463935606-4169030245-1000
2014-03-16 12:43 - 2013-12-11 13:28 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4072727702-2463935606-4169030245-1000
2014-03-16 12:42 - 2014-03-16 12:42 - 00001411 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-16 12:42 - 2014-01-08 23:14 - 00000402 _____ () C:\Windows\Tasks\Show-Password Update.job
2014-03-16 12:42 - 2013-08-04 12:36 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-03-16 12:42 - 2012-03-16 02:58 - 00001445 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 12:41 - 2011-07-18 01:26 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-16 12:40 - 2011-07-18 01:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-16 12:38 - 2012-12-03 03:01 - 00064150 _____ () C:\Windows\setupact.log
2014-03-16 12:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-14 23:40 - 2014-01-09 18:19 - 00000000 ____D () C:\Program Files (x86)\Jump Flip
2014-03-14 18:34 - 2014-01-07 13:00 - 00000000 ____D () C:\AdwCleaner
2014-03-14 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-13 21:26 - 2014-02-27 17:56 - 00000000 ____D () C:\ProgramData\BBestSavveForYou
2014-03-13 21:26 - 2014-01-05 00:43 - 00000000 ____D () C:\Users\Joël\Documents\WBFS Manager Covers
2014-03-12 14:10 - 2012-04-08 18:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 14:10 - 2012-04-08 18:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 14:10 - 2012-03-16 18:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 13:32 - 2012-03-16 21:09 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashDumps
2014-03-11 19:17 - 2014-01-07 00:20 - 00000000 ____D () C:\Program Files (x86)\GS-Enabler
2014-03-11 19:14 - 2014-01-30 21:30 - 00000000 ____D () C:\ProgramData\UtubeAdiReemoVal
2014-03-11 12:17 - 2014-03-11 12:17 - 00000000 ____D () C:\Users\Joël\AppData\Local\DriverToolkit
2014-03-11 12:17 - 2014-03-11 12:16 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:16 - 02243616 _____ (Megaify Software ) C:\Users\Joël\Downloads\driver_setup.exe
2014-03-11 12:16 - 2014-03-11 12:16 - 00001073 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk
2014-03-11 12:10 - 2014-03-11 12:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-11 12:09 - 2014-03-11 12:09 - 15359912 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Joël\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.23.0-retail.exe
2014-03-11 12:09 - 2014-03-11 12:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-09 00:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-08 21:57 - 2014-03-08 21:57 - 00002947 _____ () C:\Users\Joël\Downloads\wapthevoice.php
2014-03-06 20:29 - 2014-02-15 01:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 20:29 - 2012-05-03 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-06 20:29 - 2010-11-21 04:47 - 00236220 _____ () C:\Windows\PFRO.log
2014-03-06 16:41 - 2014-03-06 16:30 - 00014925 _____ () C:\Windows\IE11_main.log
2014-03-06 16:28 - 2012-03-16 03:36 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 15:44 - 2014-03-06 15:44 - 01071000 _____ (Solid State Networks) C:\Users\Joël\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 01:13 - 2014-02-28 01:11 - 16935746 _____ () C:\Users\Joël\Downloads\GW_BETA_RELEASE_2.0b2.zip
2014-02-27 17:56 - 2014-01-30 21:30 - 00000000 ____D () C:\ProgramData\1f4fe01926131428
2014-02-26 02:20 - 2014-02-26 02:16 - 335645696 _____ () C:\Users\Joël\Downloads\PS4UPDATE.PUP
2014-02-24 02:47 - 2014-01-10 18:58 - 00000000 ____D () C:\Users\Joël\Desktop\games
2014-02-24 02:45 - 2014-01-04 20:03 - 00000000 ____D () C:\Users\Joël\Desktop\data
2014-02-24 02:44 - 2014-02-24 02:44 - 00536064 _____ (Igor Pavlov) C:\Users\Joël\Desktop\7za.exe
2014-02-24 02:44 - 2014-02-24 02:44 - 00015360 _____ (Juergen Auer, freiberuflicher Programmierer, Berlin. Aktuelle Version: hxxp://www.sql-und-xml.de/freeware-tools/) C:\Users\Joël\Desktop\download.exe
2014-02-23 21:07 - 2014-02-23 21:07 - 00002037 _____ () C:\Users\Public\Desktop\Titan Quest.lnk
2014-02-23 21:07 - 2014-02-23 21:05 - 00000000 ___SD () C:\Program Files (x86)\Xfire
2014-02-23 21:07 - 2014-02-23 21:05 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Xfire
2014-02-23 21:07 - 2012-04-08 16:42 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-23 21:07 - 2012-03-16 21:05 - 00000000 ____D () C:\Users\Joël\Documents\My Games
2014-02-23 21:05 - 2014-02-23 21:05 - 00000969 _____ () C:\Users\Public\Desktop\Xfire.lnk
2014-02-23 21:03 - 2013-05-13 14:36 - 00125713 _____ () C:\Windows\DirectX.log
2014-02-23 20:58 - 2014-02-23 20:58 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-23 20:58 - 2011-07-18 01:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 20:47 - 2012-04-09 02:51 - 00000000 ____D () C:\Users\Joël\AppData\Local\PokerStars
2014-02-23 20:46 - 2012-04-09 02:51 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-02-23 00:51 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Syncios
2014-02-20 13:59 - 2012-11-26 13:06 - 00000000 ____D () C:\Users\Joël\AppData\Local\Apple Computer
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\Documents\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Program Files (x86)\Syncios
2014-02-20 12:47 - 2014-02-20 12:46 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Joël\Downloads\syncios.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00538120 _____ (hxxp://hitsblender.com/) C:\Users\Joël\Downloads\play_Ice_T,_The_Iceberg___F.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00001917 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00001893 _____ () C:\Users\Joël\Desktop\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-02-16 15:54 - 2012-12-13 23:49 - 00000000 ____D () C:\Users\Joël\AppData\Local\cache
2014-02-16 15:54 - 2012-03-16 02:58 - 00000000 ___RD () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-15 14:32 - 2014-01-09 20:29 - 00000000 ____D () C:\Users\Joël\Desktop\Ds games
2014-02-15 01:26 - 2014-02-15 01:26 - 00000107 _____ () C:\Users\Joël\Desktop\JOEL.rar
2014-02-15 00:47 - 2014-02-15 02:10 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL (2)
2014-02-15 00:47 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL
2014-02-14 00:36 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Files to move or delete:
====================
C:\Users\Joël\setup.exe


Some content of TEMP:
====================
C:\Users\Joël\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Joël\AppData\Local\Temp\aoe3x-105-english.exe
C:\Users\Joël\AppData\Local\Temp\aoe3x-105-german.exe
C:\Users\Joël\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Joël\AppData\Local\Temp\AskSLib.dll
C:\Users\Joël\AppData\Local\Temp\avgnt.exe
C:\Users\Joël\AppData\Local\Temp\bitool.dll
C:\Users\Joël\AppData\Local\Temp\DMLizard.exe
C:\Users\Joël\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\Joël\AppData\Local\Temp\FreemakeAudioConverter_1.1.0.46.exe
C:\Users\Joël\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.7.exe
C:\Users\Joël\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.3.exe
C:\Users\Joël\AppData\Local\Temp\htmlayout.dll
C:\Users\Joël\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Joël\AppData\Local\Temp\jna1560133547180391452.dll
C:\Users\Joël\AppData\Local\Temp\jna3932220247942491266.dll
C:\Users\Joël\AppData\Local\Temp\jna4918936229527986984.dll
C:\Users\Joël\AppData\Local\Temp\jna6234593704751008541.dll
C:\Users\Joël\AppData\Local\Temp\jna6723966985013961709.dll
C:\Users\Joël\AppData\Local\Temp\jna6770613259274550288.dll
C:\Users\Joël\AppData\Local\Temp\jna7820359329025734031.dll
C:\Users\Joël\AppData\Local\Temp\jna864224005719677311.dll
C:\Users\Joël\AppData\Local\Temp\jna8972611800363284495.dll
C:\Users\Joël\AppData\Local\Temp\jna9077574278784789503.dll
C:\Users\Joël\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Joël\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Joël\AppData\Local\Temp\MSNAD41.exe
C:\Users\Joël\AppData\Local\Temp\Offer.exe
C:\Users\Joël\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Joël\AppData\Local\Temp\Quarantine.exe
C:\Users\Joël\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Joël\AppData\Local\Temp\smt_nationzoom_20131128171426.exe
C:\Users\Joël\AppData\Local\Temp\standalonepatcherX.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231023.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231132.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231194.exe
C:\Users\Joël\AppData\Local\Temp\uninst1.exe
C:\Users\Joël\AppData\Local\Temp\uninstall3286987.exe
C:\Users\Joël\AppData\Local\Temp\uninstall3293805.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 13:54

==================== End Of Log ============================

--- --- ---

--- --- ---

Hier ist nochmals der frst text.

Die avira toolbar habe ich nicht.

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Joël at 2014-03-16 16:52:05
Running from C:\Users\Joël\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

«Age of Empers II HD Edition - The Forgotten» v.3.0.1560 (HKLM-x32\...\«Age of Empers II HD Edition - The Forgotten»_is1) (Version:  - Microsoft Studios)
1917 - Der Aufstand 1.04 (HKLM-x32\...\1917 - Der Aufstand_is1) (Version:  - Immanitas)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.1a (HKLM-x32\...\AC3Filter_is1) (Version: 2.1a - Alexander Vigovsky)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
All File to All File Converter 3000 7.3 (HKLM-x32\...\All File to All File Converter 3000_is1) (Version:  - Head Document Tool Software, Inc.)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.2.3.0 - SlySoft)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.5.1 - CrystalIdea Software, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
BBestSavveForYou (HKLM-x32\...\{F6A71DC7-28F4-C6C7-8FA9-8A56C80FC96A}) (Version:  - BestSaiveFoorYeou)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29676 - BitTorrent Inc.)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Croc (HKLM-x32\...\Croc) (Version:  - )
Croc 2 (HKLM-x32\...\Croc 2) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Der Mondkalender (HKLM-x32\...\Der Mondkalender) (Version:  - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Direct MIDI to MP3 Converter 3.0 (HKLM-x32\...\Direct MIDI to MP3 Converter_is1) (Version: 3.0 - Piston Software)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
DriverIdentifier 4.2.5 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
DriverToolkit version 8.2.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.2.0.0 - Megaify Software)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
EZDownloader (HKLM-x32\...\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1) (Version: 1.0 - EZDownloader)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter Version 3.2.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.0 - Ellora Assets Corporation)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.48.1.WIN.FullTilt.COM - )
FURT-Kaktuswand  Screen Saver (HKLM-x32\...\FURT-Kaktuswand) (Version:  - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gateway Download Assistant (HKLM-x32\...\{A2A73632-BBAA-43EB-A337-ADF43F905A1C}) (Version: 1.0.0 - Gateway)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
GS-Supporter 1.80 (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e81a9dc1}) (Version:  - Verified Publisher) <==== ATTENTION
HitsBlender (HKLM-x32\...\HitsBlender) (Version: 0.2.55 - HitsBlender)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.14.0 - Hewlett-Packard) Hidden
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IP Changer 2.0 (HKLM-x32\...\IP Changer 2.0) (Version:  - )
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
IsoBuster 3.2 (HKLM-x32\...\IsoBuster_is1) (Version: 3.2 - Smart Projects)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
IZArc 4.1.7 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.7 - Ivan Zahariev)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jump Flip (HKLM\...\Jump Flip) (Version: 2014.01.06.192505 - Jump Flip) <==== ATTENTION
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingsoft Office 2012 (8.1.0.3375) (HKLM-x32\...\Kingsoft Office) (Version: 8.1.0.3375 - Kingsoft Corp.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Legacy of Kain Soul Reaver (HKLM-x32\...\Legacy of Kain Soul Reaver_is1) (Version:  - GOG.com)
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Medal of Honor Warfighter - Limited Edition (HKLM-x32\...\Medal of Honor Warfighter - Limited Edition_is1) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MotioninJoy ds3 driver version 0.6.0003 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
nationzoom Browser Protecter (HKLM-x32\...\nationzoom Browser Protecter) (Version:  - nationzoom) <==== ATTENTION
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Driver 267.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.95 - NVIDIA Corporation)
NVIDIA Control Panel 267.95 (Version: 267.95 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 267.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.95 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6795 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
Oracle VM VirtualBox 4.2.6 (HKLM\...\{A8A0B1C1-FBC7-4790-8E26-9DA1A6A95452}) (Version: 4.2.6 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PKR (HKLM-x32\...\PKR) (Version:  - PKR Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.72.0 - PS3 Media Server)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Registry Helper  (HKLM-x32\...\Registry Helper) (Version:  - SafeApp Software, LLC) <==== ATTENTION
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Roulette Bot Plus (HKLM-x32\...\RBPlus) (Version: 1.3.6.0 - www.roulettebotplus.com)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Show-Password (HKLM-x32\...\f9d62fda-2190-4b1c-b5eb-60bff78bf46d) (Version:  - Show-Password LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.2 - Sophos Limited)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Syncios Version 3.0.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.5 - Anvsoft, Inc.)
Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
The Klub 17 [v 6.10] (HKLM-x32\...\{2C72D4EA-BA65-4B9D-92F9-B916A25A8C4D}_is1) (Version: 1.0.1.3 - Hell_Archangel)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version:  - )
upc cablecom assistant (HKLM-x32\...\upc cablecom assistant) (Version: 2.0.0.2 - upc cablecom GmbH)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UtubeAdiReemoVal (HKLM-x32\...\{1C60D9BB-E5C5-3DEB-97E7-57505435E501}) (Version:  - UtiuBeAdRemovAl)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}) (Version: 16.0.9715 - WinZip Computing, S.L. )
WPM17.8.0.3297 (HKLM-x32\...\WPM) (Version: 17.8.0.3297 - Cherished Technololgy LIMITED) <==== ATTENTION
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XSplit (HKLM-x32\...\{DAA18A0D-A57C-4611-B135-46EA06990E7D}) (Version: 1.2.1303.0101 - SplitMediaLabs)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-14 12:42 - 04541536 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 212link.com # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.adorika.net # hosts anti-adware / pups
127.0.0.1 a.ad-sys.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.adplxmd.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.egdating.net # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.pornerbros.com # hosts anti-adware / pups
127.0.0.1 ads.realken.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {009DBD0D-FED9-42F4-A047-37A86425C7F5} - \DealPlyLiveUpdateTaskMachineCore No Task File
Task: {062F52FD-446F-4F1A-90ED-0DB1260C58C2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-04] (Facebook Inc.)
Task: {0D75E9E7-6BA3-45F8-B97A-01B4D4F557B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {0E0BB9E5-2CEC-4E70-9A44-E02BAE73199D} - \1ClickMovieDownloader V2-enabler No Task File
Task: {0F239C67-9A4C-44E4-83D8-18E73F6726E5} - \1ClickMovieDownloader V2-codedownloader No Task File
Task: {0F4710CA-FD93-49F4-8CEB-654E02596D33} - System32\Tasks\{89EE6333-C32B-4D3C-964D-FF62E8675800} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {106E8262-E4F6-4C5D-A709-F803FC2410AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {12DB4909-7439-4596-BAB0-51189686CB6C} - \Plus-HD-2.2-updater No Task File
Task: {1A8049C2-B99B-4A5E-94B4-C5375868958A} - System32\Tasks\{269506B7-0599-42EA-9CAC-A0E4FF22E106} => C:\Users\Joël\AppData\Local\Temp\Rar.343\3ds emulator.exe <==== ATTENTION
Task: {1E28B23A-A992-4135-ACA4-CBCC414253AC} - System32\Tasks\{55243672-57BE-4CF1-A4C1-42A60FCB9C7A} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {1E832495-DEA4-4A4E-BECA-8FABACFB4BCC} - System32\Tasks\{6AC98CAF-153B-4E49-A113-CAE49E16415A} => C:\Users\Joël\Downloads\Setup.exe [2006-04-20] ()
Task: {233DE1B6-4002-40FC-AB31-2DDD7131D5E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {24BBAF28-97AD-42CF-84EB-4220FEC8B5A1} - \DriverScanner No Task File
Task: {26C96248-9317-48CC-828F-54828A337069} - System32\Tasks\{CC347CA5-01E4-4CBA-8EA2-90FAE6250DCE} => C:\Users\Joël\AppData\Local\Temp\Rar.343\3ds emulator.exe <==== ATTENTION
Task: {340375E7-D449-45D5-9A0B-C7A89139EA7C} - \Plus-HD-2.2-enabler No Task File
Task: {39CED1D7-36B6-4E20-B901-9735BF7EFB3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3BCD2265-6A9F-4A60-BB7C-9920A6EF60E3} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4072727702-2463935606-4169030245-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {3C525037-06F0-45E9-A54B-BA2DBCCC2F0F} - \a2zLyrics-1-codedownloader No Task File
Task: {447AA2CF-51E8-4714-B1E9-06C133B77388} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {46CB694F-E3D5-4045-903B-48EE3EDC033A} - System32\Tasks\{54EE4B82-38E3-48FB-A4B3-2815B4484225} => C:\Users\Joël\Downloads\Setup.exe [2006-04-20] ()
Task: {4971A94D-3948-4395-85FC-FA071B3F5FF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {51F9B346-E34A-4E42-89A1-C0770461C245} - \GoforFilesUpdate No Task File
Task: {56FAB415-F091-4EC3-809F-F02D9806340F} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {5A7FEC8B-6A79-4B5B-8EC4-D3DB38BE7CE2} - System32\Tasks\{145FE13D-0600-4590-9E8A-D06A797A6DC8} => C:\Program Files (x86)\Wiimm\WIT\wit.exe [2013-11-10] ()
Task: {64621859-7412-4A7E-957A-BE0039E8A939} - System32\Tasks\{2F97AB30-E5D3-4215-B23A-956D164034BC} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {66D60B57-7DAB-477D-8F8D-C8FEB741F751} - \a2zLyrics-1-updater No Task File
Task: {710B3747-0A7D-43D7-98A1-6660765DE03C} - \DealPlyUpdate No Task File
Task: {71823B38-8A4D-4D78-85C8-B6C77B02BAEB} - System32\Tasks\{A5C81017-0AC6-4964-AC90-457BC91829C9} => E:\NintendoWFCReg\setup.exe
Task: {73BBEBF5-0EF7-4CEC-B4F4-F62432DFA8CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {73F2E13C-3AA9-4208-9461-31F5118B93F2} - System32\Tasks\{A800C8BC-8202-4078-AEDC-30C106F714A5} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {77ECF107-3F0A-40D1-9BA4-73849F2E5450} - System32\Tasks\{04CF3226-F16F-41A2-A90F-48FAC54BF5E3} => E:\NintendoWFCReg\setup.exe
Task: {7BA9EB9A-96F5-468E-B705-FF28CF4D69B8} - \a2zLyrics-1-enabler No Task File
Task: {7C4AE5C7-CD87-4F14-8D7A-6BED59E49492} - System32\Tasks\{D47995BE-84B1-4F3A-A739-F3E5CBEA92BA} => C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe [2010-08-26] ()
Task: {7E02413B-0F9B-44B8-ADF4-9EEF7B6227EC} - \Dealply No Task File
Task: {82B70CE0-70B5-404F-A6CC-6AA20ACC089E} - \1ClickMovieDownloader V2-updater No Task File
Task: {82C55B93-E9D7-445A-AAA0-0DCF17DBBD8F} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2014-01-13] (Megaify Software Co., Ltd.)
Task: {86629B66-1C2F-4AB7-84FA-070A206B436B} - System32\Tasks\{A5B5F634-7694-4C62-80C4-FC472A20180F} => E:\NintendoWFCReg\setup.exe
Task: {8BCE297C-4CB6-4A94-843F-B3779F4CE0BF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-04] (Facebook Inc.)
Task: {8BDDEDD0-975A-496D-A44D-98E32FA158E6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4072727702-2463935606-4169030245-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {8F930826-B23B-4314-A1FE-A8EF3FDF0D5F} - \Plus-HD-2.2-codedownloader No Task File
Task: {8FE0ED9E-63D0-4DD7-B809-79458A5C9141} - \a2zLyrics-1-chromeinstaller No Task File
Task: {91117D93-AFF6-4804-A165-02915E8939FB} - System32\Tasks\{A3DF1C9D-415B-4B32-B295-CC4258064260} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104.396/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {956FFC7C-4BAD-4211-9BCA-FF14AF1CD226} - System32\Tasks\{1A4A3826-32F8-4184-A9D5-BC49F71B4170} => C:\Users\Joël\Desktop\WiiBaFu-1.1-Win32\WiiBaFu.exe [2011-07-17] ()
Task: {9DBC52B9-930C-4323-8500-32B87AE4F36E} - System32\Tasks\{D2622FF3-99BE-4CD7-8CF8-B90AE473C341} => C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe [2010-08-26] ()
Task: {A2E8762A-6617-4532-B054-179DE21D64D5} - \DealPlyLiveUpdateTaskMachineUA No Task File
Task: {A8E407EC-9AE5-44B1-98A0-9DC2B38DC7AA} - System32\Tasks\WpsUpdateTask_Joël => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2013-06-06] (Kingsoft Corp. Ltd.)
Task: {AD5DCB43-C68E-471A-96B1-E19E955162C2} - System32\Tasks\{6D32E824-305F-4B8D-8387-61653D899601} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {B29CF33E-043E-4F0A-B24F-DDAE55DBEE59} - System32\Tasks\{2FE5D2DD-2663-4AA6-B770-4C88C26E51D5} => E:\NintendoWFCReg\setup.exe
Task: {B5857148-0608-4B18-99EA-A2823F8BAD09} - System32\Tasks\RealCreateProcessScheduledTask348911S-1-5-21-4072727702-2463935606-4169030245-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2012-06-17] (RealNetworks, Inc.)
Task: {B5CED848-745E-4C81-AC77-EAEE10B37BBC} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {BBF5AAAA-DEF2-4058-AFD9-11875AC6A534} - System32\Tasks\{B489D59C-3596-47BD-B875-CD0E944AB64D} => E:\NintendoWFCReg\setup.exe
Task: {C0E0766C-C63F-475C-BA96-006BB0348291} - System32\Tasks\Show-Password Update => C:\Program Files (x86)\Show-Password\Show_Password.exe <==== ATTENTION
Task: {C3A046C5-92A9-413B-B4F4-9D1C2D0BAB1F} - System32\Tasks\{AB8B2FFE-683C-4214-AAB1-7AB963D7950A} => E:\NintendoWFCReg\setup.exe
Task: {C3D49DD7-712F-45D9-AEA0-A77B98BA4377} - \Desk 365 RunAsStdUser No Task File
Task: {C4AA361C-C169-46D1-A3BC-03A0D2224CE3} - System32\Tasks\{420A870F-FA95-45A8-8CAE-1BDDA451F577} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe [2011-01-01] (www.motioninjoy.com)
Task: {C4C286A9-30AD-4BAE-8C9A-3D7C3F795BA4} - System32\Tasks\{93143EA1-B319-4346-80AC-BE44F2D49C19} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {C6F7246D-A977-4A2A-9F17-5B81AFF4E836} - System32\Tasks\{F4E4D23C-E8FC-45BD-B819-D882F17B707A} => C:\Program Files (x86)\Wiimm\WIT\wit.exe [2013-11-10] ()
Task: {C7021514-477C-45D2-B78E-0FEDA1884E4B} - System32\Tasks\{808B8114-4681-4B83-9F45-851DD780E709} => C:\Users\Joël\Downloads\Setup.exe [2006-04-20] ()
Task: {C79BC359-4ACB-4A62-ACCD-0B41632FC10E} - System32\Tasks\{AD61AE84-6AF8-45D8-B93D-9FB1313395B9} => C:\Users\Joël\AppData\Local\Temp\Rar.378\3ds emulator.exe <==== ATTENTION
Task: {D12862A9-8353-42A6-882F-5CFB357135D6} - System32\Tasks\{12EBAA9B-B2BA-482E-B34A-9CD709B5E57F} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe [2010-05-17] (Microsoft Corporation)
Task: {D2283470-46F3-4BEF-802C-CF75C740F89A} - System32\Tasks\{2660A302-4B9F-486D-AF72-472E5005013A} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104.396/de/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {D934BD1C-4D09-40E0-8E4D-86CEA17738A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {E1E226CE-2DF1-44F9-B70D-163D11B6AEC5} - \a2zLyrics-1-firefoxinstaller No Task File
Task: {E88EF143-40B2-4812-8EEB-35D5D7575099} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {F5765AAF-FB14-4061-A6BA-919C3BC5F934} - \YourFile Update No Task File
Task: {F87C03F8-7EF4-4013-909F-7F2B0CE2DAEF} - System32\Tasks\{1EAF1AD0-5801-4B71-87CD-67E30FFD29BF} => E:\NintendoWFCReg\setup.exe
Task: {F9F0B4E8-ED4C-472B-863A-82DFC00F0E76} - \Plus-HD-2.2-firefoxinstaller No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core.job => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA.job => C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Show-Password Update.job => C:\Program Files (x86)\Show-Password\Show_Password.exe <==== ATTENTION
Task: C:\Windows\Tasks\WpsUpdateTask_Joël.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2012-03-30 00:58 - 2012-03-30 00:58 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-06 20:32 - 2014-03-14 23:13 - 00348960 _____ () C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
2014-01-10 02:20 - 2014-03-14 22:40 - 00348960 _____ () C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
2012-03-16 03:09 - 2010-08-26 17:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2012-10-01 19:36 - 2012-10-01 19:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-14 19:49 - 2014-02-14 19:49 - 01449984 _____ () C:\Program Files (x86)\HitsBlender\HitsBlender.exe
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-01-08 01:02 - 2014-01-08 01:02 - 00302961 _____ () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
2014-02-20 12:49 - 2013-11-15 17:44 - 00723456 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2013-08-07 13:39 - 2013-08-07 13:27 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 21:56 - 2012-10-11 21:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-16 03:09 - 2010-07-09 16:38 - 00331776 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2012-10-01 19:37 - 2012-10-01 19:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 08358400 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00151040 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 01152512 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00333824 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2012-04-30 08:55 - 2012-04-30 08:55 - 00026112 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-02-20 12:49 - 2014-01-27 16:53 - 00377344 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-02-20 12:49 - 2013-03-01 10:30 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2014-02-20 12:49 - 2013-03-01 10:30 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-02-15 01:54 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-30 08:40 - 2011-03-30 08:40 - 00237160 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-03-12 14:10 - 2014-03-12 14:10 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2005-09-19 11:28 - 2005-09-19 11:28 - 00389632 ____R () C:\Program Files (x86)\Microsoft Games\Age of Empires III\granny2.dll
2005-09-19 11:28 - 2005-09-19 11:28 - 00192512 ____R () C:\Program Files (x86)\Microsoft Games\Age of Empires III\binkw32.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Setup-Assistent.lnk => C:\Windows\pss\NETGEAR WNA3100 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupreg: BitTorrent => "C:\Users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Desk 365 => "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun

==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/16/2014 00:41:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 00:32:59 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 0000000000000068,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0]).


Vorgang:
   PostFinalCommitSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (03/16/2014 00:30:36 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 - 0000000000000180,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0]).


Vorgang:
   PostFinalCommitSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (03/16/2014 00:08:14 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/16/2014 00:00:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 06:43:37 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.3.332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b18

Startzeit: 01cf3fac31d9ddee

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 01e2dd86-aba0-11e3-96de-e06995a7531d

Error: (03/14/2014 06:36:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/16/2014 03:22:49 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (03/16/2014 03:18:10 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden aufgrund eines E/A-Fehlers auf Volume "C:" abgebrochen.

Error: (03/16/2014 01:43:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:14:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:07:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:02:46 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 01:02:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:59:26 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:58:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.

Error: (03/16/2014 00:50:09 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.


Microsoft Office Sessions:
=========================
Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/16/2014 00:47:14 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/16/2014 00:41:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/16/2014 00:32:59 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7 - 0000000000000068,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0])

Vorgang:
   PostFinalCommitSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (03/16/2014 00:30:36 PM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 - 0000000000000180,0x00560034,00000000001C1020,0,00000000001C0010,4096,[0])

Vorgang:
   PostFinalCommitSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider

Error: (03/16/2014 00:08:14 PM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/16/2014 00:00:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2014 06:43:37 PM) (Source: Application Hang)(User: )
Description: avscan.exe14.0.3.3321b1801cf3fac31d9ddee60000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe01e2dd86-aba0-11e3-96de-e06995a7531d

Error: (03/14/2014 06:36:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2012-12-04 21:19:31.535
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-04 21:19:31.535
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 8174.53 MB
Available physical RAM: 3937.77 MB
Total Pagefile: 16347.25 MB
Available Pagefile: 11682.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1848.86 GB) (Free:1350.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (WORD 2007) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: D0FBDB0A)

Partition: GPT Partition Type.

==================== End Of Log ============================

cosinus · 16.03.2014, 17:06

Zitat:

Die avira toolbar habe ich nicht.

Mag ja sein, trotzdem laufen bei dir immer noch zwei AVPs und wir können weder Norton noch Avira empfehlen. Deinstalliere jetzt zumindest einen der beiden.

Joel14 · 16.03.2014, 17:41

ok ich habe Norton deinstalliert

cosinus · 16.03.2014, 17:52

Schön

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes Anti-Malware

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

2. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Joel14 · 16.03.2014, 19:32

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.16.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Joël :: JOEL-HP [Administrator]

16.03.2014 18:18:13
mbam-log-2014-03-16 (18-18-13).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 260565
Laufzeit: 9 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 2644 -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 520 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 21
HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Util Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{f325945d-dafe-4312-95d8-1913aeb1d810} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{4318395F-DFF1-48AF-B5F0-958E93D16D56} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1C60D9BB-E5C5-3DEB-97E7-57505435E501} (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\sweet-pageSoftware (PUP.Optional.SweetPage.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\hpomcmndppalndoljdilmfkkjkcnongl (PUP.Optional.1ClickMovieDownloader.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\logekkkdbdidmmcgkonmmonclldogceg (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f27d9be2-a2b1-4956-97b7-2684879678db} (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{f27d9be2-a2b1-4956-97b7-2684879678db} (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{65151931-866c-489c-8453-ee8b060ceae4} (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{2b0aee1b-00b6-4e43-8a40-d19282585d3f} (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F27D9BE2-A2B1-4956-97B7-2684879678DB} (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F27D9BE2-A2B1-4956-97B7-2684879678DB} (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 8
C:\Program Files (x86)\Jump Flip (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin\plugins (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.10.0 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 66
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\JumpFlipBHO.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\UtubeAdiReemoVal\2L_3fG.exe (PUP.Optional.MultiPlug.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\+UZgTBPD.exe.part (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\3i+dva1L.exe.part (PUP.Optional.Topmedia) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\4767.tmp (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe (PUP.Optional.Bundler) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\afQ3w+8o.exe.part (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\nsh8A6B.tmp (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\nsxCFF3.tmp (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\pGmq2XcR.exe.part (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\qUthA1Lm.exe.part (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\smt_nationzoom_20131128171426.exe (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\toolbar6231132.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\toolbar6231194.exe (Trojan.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\uninstall3286987.exe (PUP.Optional.GoForFiles.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\VqBrXhYa.exe.part (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\wtf19FF.tmp (Packed.NSPack) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\wtf21E3.tmp (Packed.NSPack) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\wtfA54D.tmp (Packed.NSPack) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\960E43D8-BAB0-7891-B8A8-4AB3EFD5A6FE\MyBabylonTB.exe (PUP.Optional.BabylonToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\C4AB3F80-BAB0-7891-A893-53D4B5311E0A\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\C4AB3F80-BAB0-7891-A893-53D4B5311E0A\MyBabylonTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\dlmF2C8.tmp\copy1-mobogenie1204.exe (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\dlmF2C8.tmp\copy1-searchprotect1204.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\dlmF2C8.tmp\mobogenie1204.exe (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\dlmF2C8.tmp\searchprotect1204.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\fullpackage_temp1389219875\tmp\NewGdp.exe (PUP.Optional.WpManager.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\fullpackage_temp1389287947\Baofeng.exe (PUP.Optional.NationZoom.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\fullpackage_temp1389287947\UpDate.dll (PUP.Optional.SkyTech.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\fullpackage_temp1389287947\tmp\wpm.exe (PUP.Optional.WpManager.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\is1326335552\wajam_validate.exe (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\is956058749\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\is956058749\dp.exe (PUP.Optional.DealPly.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\Temp\is956058749\wajam_validate.exe (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Temp\33036_updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\AOE_III_Inc_Warchiefs_Asian_Dynasties_and_Cracks.exe (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\Bligg__'N_Lexx_downloader_ch_99154.exe (PUP.Optional.GoForFiles.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\DTLite4471-0337.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\dvdshrink.3.2.de._decss-frei_.setup.exe (PUP.Optional.InstallCore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\GH1NSMS2YDXY.exe (PUP.BundleInstaller.DW) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\SoftonicDownloader_for_microsoft-lifecam(1).exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\SoftonicDownloader_for_microsoft-lifecam.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\Downloads\SoftonicDownloader_fuer_windows-media-player-plugin.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\5be151.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\5be158.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Installer\5be15f.msi (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\JumpFlip.ico (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\debmkdhphjfcbaomiknnceliiclnpmfg.crx (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\sqlite3.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.FFUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.GCUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\User Data\Default\Extensions\newtab.crx (PUP.Optional.Elex.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk (PUP.Optional.PricePeep.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml (PUP.Optional.SweetPage.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Show-Password Update.job (PUP.Optional.ShowPassword.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Joël\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:

ATTFilter

# AdwCleaner v3.016 - Bericht erstellt am 16/03/2014 um 18:48:44
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Joël - JOEL-HP
# Gestartet von : C:\Users\Joël\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.Pik.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.indexOf[...]
Zeile gelöscht : user_pref("extensions.q27I3yOU.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.in[...]

*************************

AdwCleaner[R0].txt - [125699 octets] - [07/01/2014 13:00:42]
AdwCleaner[R1].txt - [922 octets] - [08/01/2014 01:09:53]
AdwCleaner[R2].txt - [9733 octets] - [08/01/2014 23:29:27]
AdwCleaner[R3].txt - [1228 octets] - [09/01/2014 17:39:07]
AdwCleaner[R4].txt - [10071 octets] - [09/01/2014 20:06:00]
AdwCleaner[R5].txt - [2669 octets] - [14/03/2014 18:32:27]
AdwCleaner[R6].txt - [2003 octets] - [16/03/2014 18:47:49]
AdwCleaner[S0].txt - [119759 octets] - [07/01/2014 13:02:06]
AdwCleaner[S1].txt - [7222 octets] - [08/01/2014 23:30:08]
AdwCleaner[S2].txt - [1294 octets] - [09/01/2014 17:40:23]
AdwCleaner[S3].txt - [7398 octets] - [09/01/2014 20:06:55]
AdwCleaner[S4].txt - [2730 octets] - [14/03/2014 18:34:01]
AdwCleaner[S5].txt - [1924 octets] - [16/03/2014 18:48:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1984 octets] ##########

cosinus · 16.03.2014, 20:18

Zitat:

# AdwCleaner v3.016 - Bericht erstellt am 16/03/2014 um 18:48:44

Kannste schonmal knicken.
Unsere Tools müssen immer neu runtergeladen werden

Joel14 · 17.03.2014, 00:03

Ok. Das Problem ist nur, dass jedes Mal wenn der Computer neu startet, es wieder ewigs braucht bis ich internetverbindung habe. Manchmal geht auch gar nix wie zum beispiel jetzt.

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jo‰l on 16.03.2014 at 23:20:39.90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\apps hat



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4072727702-2463935606-4169030245-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\boostsoftware
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\a2zlyrics-1-bg_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\a2zlyrics-1-bg_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\a2zlyrics-1-bg_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\a2zlyrics-1-bg_RASMANCS



~~~ Files

Successfully deleted: [File] "C:\Users\Jo‰l\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Jo‰l\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Jo‰l\appdata\local\appshat mobile apps"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc healthboost"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{12A5E256-E5BF-40D6-A7DB-430595E7C72D}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{1D2E3BEC-97CF-4600-89F9-201618874D6E}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{206DE382-1DE7-47AE-B16B-DE53331C6A18}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{277FE34C-BDBA-49D6-94CB-4295074387B4}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{2F426C7C-D014-4D6C-8E8F-93D834119FC6}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{4FB98759-71AB-4038-AF32-57EEEC76D322}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{53E00151-EDA2-4180-908F-8323CD846284}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{5C86EA52-E6FC-47E8-9A50-378916BE62F3}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{5E07BAE3-E500-4A0C-A522-28E283274E17}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{63A52349-22A1-4946-B3C9-F5B45D3EB4E6}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{64E1E30B-178E-49D6-BA30-E8A2AC5EBDBB}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{658802A3-7007-4422-BB57-4EBBDF6C0F15}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{6D86B733-3238-4C28-9A44-58C8B651118D}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{6E8F7330-A964-46A1-9837-3C50AECA992A}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{86E71E35-DF34-4C39-A5CB-4120858C5581}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{905B0CFA-F613-407A-9D9B-98D10286884C}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{9C6F949A-1485-4592-BA11-66C90E3EC216}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{9CBD062D-6C48-4D22-B7B1-3B6D15818E92}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{9D3743B3-3F62-44DE-8F96-E7908808A2CD}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{ACF42EE3-EA03-4611-9460-5F7ED04CE904}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{AE68B472-54F3-48E4-8256-FB2D65B3A384}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{AFBB9843-22B4-43BE-8585-9EC408CD5C3A}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{B59F3BD4-9513-4C94-839B-13E58951991E}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{BDE19107-07D3-47F7-A679-B36954109ED6}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{C20CB621-7976-47EC-959B-8EF7ED90B74F}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{CB3F6744-903D-4BD4-9882-C01466E2D191}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{D826E32D-44EE-4ABC-A392-8CF94951530D}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{DCEB56A6-0A80-4D9C-9F86-F1AB605E8E9B}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{E6352DAE-4716-481B-ADF9-8609C43BCE1E}
Successfully deleted: [Empty Folder] C:\Users\Jo‰l\appdata\local\{FE7C2AC1-78F6-4872-82F9-888C05366A7E}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Jo‰l\AppData\Roaming\mozilla\firefox\profiles\6ad22dyw.default\prefs.js

user_pref("extensions.Pik.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"su
user_pref("extensions.a4fdacf00e9c44ad5b4cfbf9800f184f63685711674e04973936f860cd2a102a9com33036.33036.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.q27I3yOU.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf
Emptied folder: C:\Users\Jo‰l\AppData\Roaming\mozilla\firefox\profiles\6ad22dyw.default\minidumps [848 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.03.2014 at 23:25:02.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adw cleaner kann ich nicht installieren irgendwie

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 16/03/2014 um 23:42:37
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Joël - JOEL-HP
# Gestartet von : C:\Users\Joël\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\SoftWarehouse
Ordner Gelöscht : C:\ProgramData\uniblue
Ordner Gelöscht : C:\Program Files (x86)\GS-Enabler
Ordner Gelöscht : C:\Program Files (x86)\uniblue
Ordner Gelöscht : C:\Users\Joël\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Joël\AppData\Roaming\uniblue

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Jump Flip

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.Pik.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.indexOf[...]
Zeile gelöscht : user_pref("extensions.q27I3yOU.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.in[...]

*************************

AdwCleaner[R0].txt - [125699 octets] - [07/01/2014 13:00:42]
AdwCleaner[R1].txt - [922 octets] - [08/01/2014 01:09:53]
AdwCleaner[R2].txt - [9733 octets] - [08/01/2014 23:29:27]
AdwCleaner[R3].txt - [1228 octets] - [09/01/2014 17:39:07]
AdwCleaner[R4].txt - [10071 octets] - [09/01/2014 20:06:00]
AdwCleaner[R5].txt - [2669 octets] - [14/03/2014 18:32:27]
AdwCleaner[R6].txt - [2003 octets] - [16/03/2014 18:47:49]
AdwCleaner[R7].txt - [2792 octets] - [16/03/2014 23:41:10]
AdwCleaner[S0].txt - [119759 octets] - [07/01/2014 13:02:06]
AdwCleaner[S1].txt - [7222 octets] - [08/01/2014 23:30:08]
AdwCleaner[S2].txt - [1294 octets] - [09/01/2014 17:40:23]
AdwCleaner[S3].txt - [7398 octets] - [09/01/2014 20:06:55]
AdwCleaner[S4].txt - [2730 octets] - [14/03/2014 18:34:01]
AdwCleaner[S5].txt - [2064 octets] - [16/03/2014 18:48:44]
AdwCleaner[S6].txt - [2721 octets] - [16/03/2014 23:42:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2781 octets] ##########

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Joël (administrator) on JOEL-HP on 17-03-2014 00:01:36
Running from C:\Users\Joël\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(BitTorrent Inc.) C:\Users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\HitsBlender\HitsBlender.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FreemakeErrorReporter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [835072 2011-01-26] (IDT, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Mondkalender] - 22
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-06-17] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-10] (Easybits)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2014-01-08] ()
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2013-11-15] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Facebook Update] - C:\Users\Joël\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-04] (Facebook Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [AnyDVD] - C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7237720 2013-07-17] (SlySoft, Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [BitTorrent] - C:\Users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe [1125456 2013-05-29] (BitTorrent Inc.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4072727702-2463935606-4169030245-1000\...\Policies\system: [DisableChangePassword] 0
AppInit_DLLs: C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL => C:\PROGRA~2\GS-ENA~1\ASSIST~2.DLL File Not Found
Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HitsBlender.lnk
ShortcutTarget: HitsBlender.lnk -> C:\Program Files (x86)\HitsBlender\HitsBlender.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {CA84F3A1-C833-4BCE-8DF7-4C8474995A97} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-18] (EasyBits Software Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158

FireFox:
========
FF ProfilePath: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Joël\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: UtubeAdiReemoVal - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\ifc8i.dw@bhfabiyyqfsp.com [2014-01-30]
FF Extension: BBestSavveForYou - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\mjyaypd@bnzemxyoe.net [2014-02-27]
FF Extension: 1ClickMovie Downloader - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\clickMvd@clickMvd.com.xpi [2013-06-26]
FF Extension: Video Resumer - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\videoresumer@jetpack.xpi [2013-06-06]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-02-12]
FF Extension: XHTML Mobile Profile - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}.xpi [2014-03-08]
FF Extension: Adblock Plus - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-09]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-17]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-05-15]
FF HKCU\...\Firefox\Extensions: [{1844020a-dea9-4bfb-981d-9c31b7fa20a5}] - C:\Program Files (x86)\Show-Password\150.xpi

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-02-12]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-03-04]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2013-02-07] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-07] (Ellora Assets Corp.)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [285795 2014-01-08] ()
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-03-30] ()
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-05-19] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1757952 2010-04-08] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-10] (Disc Soft Ltd)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-16 23:33 - 2014-03-16 23:33 - 01950720 _____ () C:\Users\Joël\Downloads\adwcleaner.exe
2014-03-16 23:25 - 2014-03-16 23:25 - 00006363 _____ () C:\Users\Joël\Desktop\JRT.txt
2014-03-16 23:20 - 2014-03-16 23:20 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 23:19 - 2014-03-16 23:19 - 01037734 _____ (Thisisu) C:\Users\Joël\Downloads\JRT.exe
2014-03-16 18:15 - 2014-03-16 18:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Joël\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 14:26 - 2014-03-16 16:52 - 00058002 _____ () C:\Users\Joël\Downloads\Addition.txt
2014-03-16 14:25 - 2014-03-17 00:01 - 00026163 _____ () C:\Users\Joël\Downloads\FRST.txt
2014-03-16 14:25 - 2014-03-17 00:01 - 00000000 ____D () C:\FRST
2014-03-16 14:24 - 2014-03-16 14:24 - 02157056 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe
2014-03-16 12:42 - 2014-03-16 12:42 - 00001411 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-12 02:54 - 2014-03-16 23:43 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-03-12 02:54 - 2014-03-16 19:11 - 00002708 _____ () C:\Windows\System32\Tasks\DriverToolkit Autorun
2014-03-11 12:17 - 2014-03-11 12:17 - 00000000 ____D () C:\Users\Joël\AppData\Local\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:17 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:16 - 02243616 _____ (Megaify Software ) C:\Users\Joël\Downloads\driver_setup.exe
2014-03-11 12:16 - 2014-03-11 12:16 - 00001073 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk
2014-03-11 12:10 - 2014-03-11 12:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-11 12:09 - 2014-03-11 12:09 - 15359912 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Joël\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.23.0-retail.exe
2014-03-11 12:09 - 2014-03-11 12:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-08 21:57 - 2014-03-08 21:57 - 00002947 _____ () C:\Users\Joël\Downloads\wapthevoice.php
2014-03-06 16:41 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-03-06 16:30 - 2014-03-06 16:41 - 00014925 _____ () C:\Windows\IE11_main.log
2014-03-06 15:44 - 2014-03-06 15:44 - 01071000 _____ (Solid State Networks) C:\Users\Joël\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 01:11 - 2014-02-28 01:13 - 16935746 _____ () C:\Users\Joël\Downloads\GW_BETA_RELEASE_2.0b2.zip
2014-02-27 17:56 - 2014-03-13 21:26 - 00000000 ____D () C:\ProgramData\BBestSavveForYou
2014-02-26 02:16 - 2014-02-26 02:20 - 335645696 _____ () C:\Users\Joël\Downloads\PS4UPDATE.PUP
2014-02-24 02:44 - 2014-02-24 02:44 - 00536064 _____ (Igor Pavlov) C:\Users\Joël\Desktop\7za.exe
2014-02-24 02:44 - 2014-02-24 02:44 - 00015360 _____ (Juergen Auer, freiberuflicher Programmierer, Berlin. Aktuelle Version: hxxp://www.sql-und-xml.de/freeware-tools/) C:\Users\Joël\Desktop\download.exe
2014-02-23 21:07 - 2014-02-23 21:07 - 00002037 _____ () C:\Users\Public\Desktop\Titan Quest.lnk
2014-02-23 21:05 - 2014-02-23 21:07 - 00000000 ___SD () C:\Program Files (x86)\Xfire
2014-02-23 21:05 - 2014-02-23 21:07 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Xfire
2014-02-23 21:05 - 2014-02-23 21:05 - 00000969 _____ () C:\Users\Public\Desktop\Xfire.lnk
2014-02-23 21:03 - 2007-01-03 14:16 - 00040960 ____R () C:\Windows\SysWOW64\psfind.dll
2014-02-23 21:03 - 2006-07-11 18:43 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-02-23 20:58 - 2014-02-23 20:58 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-20 12:49 - 2014-02-23 00:51 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\Documents\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Program Files (x86)\Syncios
2014-02-20 12:46 - 2014-02-20 12:47 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Joël\Downloads\syncios.exe
2014-02-16 15:54 - 2014-03-16 23:46 - 00000000 ____D () C:\Users\Joël\AppData\Local\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00538120 _____ (hxxp://hitsblender.com/) C:\Users\Joël\Downloads\play_Ice_T,_The_Iceberg___F.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00001917 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00001893 _____ () C:\Users\Joël\Desktop\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-02-15 02:10 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL (2)
2014-02-15 01:54 - 2014-03-06 20:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 01:26 - 2014-02-15 01:26 - 00000107 _____ () C:\Users\Joël\Desktop\JOEL.rar
2014-02-15 00:47 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL

==================== One Month Modified Files and Folders =======

2014-03-17 00:01 - 2014-03-16 14:25 - 00026163 _____ () C:\Users\Joël\Downloads\FRST.txt
2014-03-17 00:01 - 2014-03-16 14:25 - 00000000 ____D () C:\FRST
2014-03-17 00:01 - 2013-05-29 16:26 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\BitTorrent
2014-03-17 00:01 - 2013-03-13 00:58 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Skype
2014-03-16 23:54 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-16 23:54 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-16 23:49 - 2013-12-13 16:33 - 00003200 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4072727702-2463935606-4169030245-1000
2014-03-16 23:49 - 2013-12-11 13:28 - 00003336 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4072727702-2463935606-4169030245-1000
2014-03-16 23:46 - 2014-02-16 15:54 - 00000000 ____D () C:\Users\Joël\AppData\Local\HitsBlender
2014-03-16 23:46 - 2011-07-18 01:26 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-16 23:45 - 2011-07-18 01:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-16 23:43 - 2014-03-12 02:54 - 00000356 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job
2014-03-16 23:43 - 2013-08-04 12:36 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-03-16 23:43 - 2013-04-05 21:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-16 23:43 - 2012-12-03 03:01 - 00064318 _____ () C:\Windows\setupact.log
2014-03-16 23:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-16 23:42 - 2014-01-07 13:00 - 00000000 ____D () C:\AdwCleaner
2014-03-16 23:42 - 2012-03-16 02:55 - 01912773 _____ () C:\Windows\WindowsUpdate.log
2014-03-16 23:33 - 2014-03-16 23:33 - 01950720 _____ () C:\Users\Joël\Downloads\adwcleaner.exe
2014-03-16 23:25 - 2014-03-16 23:25 - 00006363 _____ () C:\Users\Joël\Desktop\JRT.txt
2014-03-16 23:20 - 2014-03-16 23:20 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 23:19 - 2014-03-16 23:19 - 01037734 _____ (Thisisu) C:\Users\Joël\Downloads\JRT.exe
2014-03-16 23:10 - 2012-04-08 18:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-16 23:06 - 2012-10-03 17:29 - 00000372 _____ () C:\Windows\Tasks\WpsUpdateTask_Joël.job
2014-03-16 22:40 - 2013-02-04 16:35 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000UA.job
2014-03-16 20:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-16 19:11 - 2014-03-12 02:54 - 00002708 _____ () C:\Windows\System32\Tasks\DriverToolkit Autorun
2014-03-16 18:34 - 2011-07-18 01:30 - 00000000 ____D () C:\ProgramData\Norton
2014-03-16 18:34 - 2010-11-21 04:47 - 00512308 _____ () C:\Windows\PFRO.log
2014-03-16 18:32 - 2014-01-30 21:30 - 00000000 ____D () C:\ProgramData\UtubeAdiReemoVal
2014-03-16 18:32 - 2012-03-16 02:58 - 00000000 ___RD () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-16 18:16 - 2012-11-26 17:42 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-16 18:16 - 2012-11-26 17:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-16 18:15 - 2014-03-16 18:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Joël\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-16 16:52 - 2014-03-16 14:26 - 00058002 _____ () C:\Users\Joël\Downloads\Addition.txt
2014-03-16 16:40 - 2013-02-04 16:35 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4072727702-2463935606-4169030245-1000Core.job
2014-03-16 14:24 - 2014-03-16 14:24 - 02157056 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe
2014-03-16 12:47 - 2011-07-18 00:54 - 04739476 _____ () C:\Windows\system32\perfh007.dat
2014-03-16 12:47 - 2011-07-18 00:54 - 01415038 _____ () C:\Windows\system32\perfc007.dat
2014-03-16 12:47 - 2009-07-14 06:13 - 00006380 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-16 12:42 - 2014-03-16 12:42 - 00001411 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-16 12:42 - 2012-03-16 02:58 - 00001445 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-16 12:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-14 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-13 21:26 - 2014-02-27 17:56 - 00000000 ____D () C:\ProgramData\BBestSavveForYou
2014-03-13 21:26 - 2014-01-05 00:43 - 00000000 ____D () C:\Users\Joël\Documents\WBFS Manager Covers
2014-03-12 14:10 - 2012-04-08 18:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 14:10 - 2012-04-08 18:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 14:10 - 2012-03-16 18:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 13:32 - 2012-03-16 21:09 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashDumps
2014-03-11 12:17 - 2014-03-11 12:17 - 00000000 ____D () C:\Users\Joël\AppData\Local\DriverToolkit
2014-03-11 12:17 - 2014-03-11 12:16 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-03-11 12:16 - 2014-03-11 12:16 - 02243616 _____ (Megaify Software ) C:\Users\Joël\Downloads\driver_setup.exe
2014-03-11 12:16 - 2014-03-11 12:16 - 00001073 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk
2014-03-11 12:10 - 2014-03-11 12:10 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-11 12:09 - 2014-03-11 12:09 - 15359912 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Joël\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.23.0-retail.exe
2014-03-11 12:09 - 2014-03-11 12:09 - 00000000 ____D () C:\ProgramData\Samsung
2014-03-08 21:57 - 2014-03-08 21:57 - 00002947 _____ () C:\Users\Joël\Downloads\wapthevoice.php
2014-03-06 20:29 - 2014-02-15 01:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 20:29 - 2012-05-03 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-06 16:41 - 2014-03-06 16:30 - 00014925 _____ () C:\Windows\IE11_main.log
2014-03-06 16:28 - 2012-03-16 03:36 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 15:44 - 2014-03-06 15:44 - 01071000 _____ (Solid State Networks) C:\Users\Joël\Downloads\install_flashplayer12x32_mssd_aaa_aih.exe
2014-02-28 01:13 - 2014-02-28 01:11 - 16935746 _____ () C:\Users\Joël\Downloads\GW_BETA_RELEASE_2.0b2.zip
2014-02-27 17:56 - 2014-01-30 21:30 - 00000000 ____D () C:\ProgramData\1f4fe01926131428
2014-02-26 02:20 - 2014-02-26 02:16 - 335645696 _____ () C:\Users\Joël\Downloads\PS4UPDATE.PUP
2014-02-24 02:47 - 2014-01-10 18:58 - 00000000 ____D () C:\Users\Joël\Desktop\games
2014-02-24 02:45 - 2014-01-04 20:03 - 00000000 ____D () C:\Users\Joël\Desktop\data
2014-02-24 02:44 - 2014-02-24 02:44 - 00536064 _____ (Igor Pavlov) C:\Users\Joël\Desktop\7za.exe
2014-02-24 02:44 - 2014-02-24 02:44 - 00015360 _____ (Juergen Auer, freiberuflicher Programmierer, Berlin. Aktuelle Version: hxxp://www.sql-und-xml.de/freeware-tools/) C:\Users\Joël\Desktop\download.exe
2014-02-23 21:07 - 2014-02-23 21:07 - 00002037 _____ () C:\Users\Public\Desktop\Titan Quest.lnk
2014-02-23 21:07 - 2014-02-23 21:05 - 00000000 ___SD () C:\Program Files (x86)\Xfire
2014-02-23 21:07 - 2014-02-23 21:05 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Xfire
2014-02-23 21:07 - 2012-04-08 16:42 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-02-23 21:07 - 2012-03-16 21:05 - 00000000 ____D () C:\Users\Joël\Documents\My Games
2014-02-23 21:05 - 2014-02-23 21:05 - 00000969 _____ () C:\Users\Public\Desktop\Xfire.lnk
2014-02-23 21:03 - 2013-05-13 14:36 - 00125713 _____ () C:\Windows\DirectX.log
2014-02-23 20:58 - 2014-02-23 20:58 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-02-23 20:58 - 2011-07-18 01:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-23 20:47 - 2012-04-09 02:51 - 00000000 ____D () C:\Users\Joël\AppData\Local\PokerStars
2014-02-23 20:46 - 2012-04-09 02:51 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-02-23 00:51 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Syncios
2014-02-20 13:59 - 2012-11-26 13:06 - 00000000 ____D () C:\Users\Joël\AppData\Local\Apple Computer
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Users\Joël\Documents\Syncios
2014-02-20 12:49 - 2014-02-20 12:49 - 00000000 ____D () C:\Program Files (x86)\Syncios
2014-02-20 12:47 - 2014-02-20 12:46 - 17367264 _____ (Anvsoft, Inc. ) C:\Users\Joël\Downloads\syncios.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00538120 _____ (hxxp://hitsblender.com/) C:\Users\Joël\Downloads\play_Ice_T,_The_Iceberg___F.exe
2014-02-16 15:54 - 2014-02-16 15:54 - 00001917 _____ () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00001893 _____ () C:\Users\Joël\Desktop\HitsBlender.lnk
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\ProgramData\HitsBlender
2014-02-16 15:54 - 2014-02-16 15:54 - 00000000 ____D () C:\Program Files (x86)\HitsBlender
2014-02-16 15:54 - 2012-12-13 23:49 - 00000000 ____D () C:\Users\Joël\AppData\Local\cache
2014-02-15 14:32 - 2014-01-09 20:29 - 00000000 ____D () C:\Users\Joël\Desktop\Ds games
2014-02-15 01:26 - 2014-02-15 01:26 - 00000107 _____ () C:\Users\Joël\Desktop\JOEL.rar
2014-02-15 00:47 - 2014-02-15 02:10 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL (2)
2014-02-15 00:47 - 2014-02-15 00:47 - 00032768 _____ () C:\Users\Joël\Desktop\JOEL

Files to move or delete:
====================
C:\Users\Joël\setup.exe


Some content of TEMP:
====================
C:\Users\Joël\AppData\Local\Temp\aoe3x-105-english.exe
C:\Users\Joël\AppData\Local\Temp\aoe3x-105-german.exe
C:\Users\Joël\AppData\Local\Temp\AskSLib.dll
C:\Users\Joël\AppData\Local\Temp\avgnt.exe
C:\Users\Joël\AppData\Local\Temp\bitool.dll
C:\Users\Joël\AppData\Local\Temp\DMLizard.exe
C:\Users\Joël\AppData\Local\Temp\drm_dyndata_7380012.dll
C:\Users\Joël\AppData\Local\Temp\FreemakeAudioConverter_1.1.0.46.exe
C:\Users\Joël\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.7.exe
C:\Users\Joël\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.3.exe
C:\Users\Joël\AppData\Local\Temp\htmlayout.dll
C:\Users\Joël\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
C:\Users\Joël\AppData\Local\Temp\jna1560133547180391452.dll
C:\Users\Joël\AppData\Local\Temp\jna3932220247942491266.dll
C:\Users\Joël\AppData\Local\Temp\jna4918936229527986984.dll
C:\Users\Joël\AppData\Local\Temp\jna6234593704751008541.dll
C:\Users\Joël\AppData\Local\Temp\jna6723966985013961709.dll
C:\Users\Joël\AppData\Local\Temp\jna6770613259274550288.dll
C:\Users\Joël\AppData\Local\Temp\jna7820359329025734031.dll
C:\Users\Joël\AppData\Local\Temp\jna864224005719677311.dll
C:\Users\Joël\AppData\Local\Temp\jna8972611800363284495.dll
C:\Users\Joël\AppData\Local\Temp\jna9077574278784789503.dll
C:\Users\Joël\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Joël\AppData\Local\Temp\Mobogenie_Setup_2.1.23_515.exe
C:\Users\Joël\AppData\Local\Temp\MSNAD41.exe
C:\Users\Joël\AppData\Local\Temp\Offer.exe
C:\Users\Joël\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Joël\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Joël\AppData\Local\Temp\standalonepatcherX.exe
C:\Users\Joël\AppData\Local\Temp\toolbar6231023.exe
C:\Users\Joël\AppData\Local\Temp\uninst1.exe
C:\Users\Joël\AppData\Local\Temp\uninstall3293805.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-11 13:54

==================== End Of Log ============================

--- --- ---

--- --- ---

cosinus · 17.03.2014, 00:48

Da schlummert doch noch mehr.

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Joel14 · 17.03.2014, 13:31

Code:

ATTFilter

ComboFix 14-03-16.01 - Joël 17.03.2014  13:18:28.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.41.1031.18.8175.6126 [GMT 1:00]
ausgeführt von:: c:\users\JoÙl\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\SysWow64\X86
c:\windows\WindowsUpdate.log
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-17 bis 2014-03-17  ))))))))))))))))))))))))))))))
.
.
2074-05-18 16:44 . 2008-03-21 13:46	607296	------w-	c:\program files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll
2014-03-17 12:24 . 2014-03-17 12:24	--------	d-----w-	c:\users\Public\AppData\Local\temp
2014-03-17 12:24 . 2014-03-17 12:24	--------	d-----w-	c:\users\jo l\AppData\Local\temp
2014-03-17 12:24 . 2014-03-17 12:24	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-03-16 22:20 . 2014-03-16 22:20	--------	d-----w-	c:\windows\ERUNT
2014-03-16 13:25 . 2014-03-16 23:02	--------	d-----w-	C:\FRST
2014-03-11 11:17 . 2014-03-11 11:17	--------	d-----w-	c:\users\Joël\AppData\Local\DriverToolkit
2014-03-11 11:16 . 2014-03-11 11:17	--------	d-----w-	c:\program files (x86)\DriverToolkit
2014-03-11 11:10 . 2014-03-11 11:10	--------	d-----w-	c:\program files\SAMSUNG
2014-03-11 11:09 . 2014-03-11 11:09	--------	d-----w-	c:\programdata\Samsung
2014-03-06 15:41 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2014-03-06 15:28 . 2014-02-13 00:37	272496	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-02-27 16:56 . 2014-03-13 20:26	--------	d-----w-	c:\programdata\BBestSavveForYou
2014-02-23 20:05 . 2014-02-23 20:07	--------	d-----w-	c:\users\Joël\AppData\Roaming\Xfire
2014-02-23 20:05 . 2014-02-23 20:07	--------	d-s---w-	c:\program files (x86)\Xfire
2014-02-23 20:03 . 2007-01-03 13:16	40960	----a-r-	c:\windows\SysWow64\psfind.dll
2014-02-23 20:03 . 2006-07-11 17:43	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2014-02-23 19:58 . 2014-02-23 19:58	--------	d-----w-	c:\program files (x86)\THQ
2014-02-23 19:51 . 2006-02-07 14:45	757760	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2014-02-23 19:51 . 2006-02-07 14:44	65024	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2014-02-23 19:51 . 2006-02-07 14:40	204800	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2014-02-23 19:51 . 2006-02-07 14:40	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2014-02-23 19:51 . 2006-02-07 14:40	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2014-02-23 19:51 . 2005-11-13 22:19	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2014-02-23 19:51 . 2014-02-23 19:51	331908	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2014-02-23 19:51 . 2014-02-23 19:51	200836	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2014-02-20 11:49 . 2014-02-22 23:51	--------	d-----w-	c:\users\Joël\AppData\Roaming\Syncios
2014-02-20 11:49 . 2014-02-20 11:49	--------	d-----w-	c:\program files (x86)\Syncios
2014-02-16 14:54 . 2014-03-16 22:46	--------	d-----w-	c:\users\Joël\AppData\Local\HitsBlender
2014-02-16 14:54 . 2014-02-16 14:54	--------	d-----w-	c:\program files (x86)\HitsBlender
2014-02-16 14:54 . 2014-02-16 14:54	--------	d-----w-	c:\programdata\HitsBlender
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 13:10 . 2012-04-08 17:21	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 13:10 . 2012-03-16 17:58	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-22 07:52 . 2014-01-22 07:52	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-01-22 07:52 . 2014-01-22 07:52	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-01-19 13:31 . 2014-01-19 13:31	224016	--s---r-	c:\windows\SysWow64\TABCTL32.OCX
2014-01-19 13:31 . 2014-01-19 13:31	1010720	--s---r-	c:\windows\SysWow64\MSCHRT20.OCX
2014-01-19 13:31 . 2014-01-19 13:31	152848	--s---r-	c:\windows\SysWow64\COMDLG32.OCX
2013-12-27 15:58 . 2013-12-27 15:58	1825792	----a-w-	c:\windows\SysWow64\m2megaplugin_pandu.dll
2013-12-18 11:44 . 2013-08-07 12:39	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-12-18 11:44 . 2013-08-07 12:39	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-12-18 11:44 . 2013-08-07 12:39	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2010-11-21 03:24	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38	1720976	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-02-25 1821888]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe" [2013-07-17 7237720]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
"BitTorrent"="c:\users\Joël\AppData\Roaming\BitTorrent\BitTorrent.exe" [2013-05-29 1125456]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Mondkalender"="22" [X]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-02-10 61112]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-06-17 296056]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-18 689744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2013-12-10 1243656]
"HOSTS Anti-Adware_PUPs"="c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe" [2014-01-08 302961]
"Syncios device service"="c:\program files (x86)\Syncios\SynciosDeviceService.exe" [2013-11-15 723456]
.
c:\users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
HitsBlender.lnk - c:\program files (x86)\HitsBlender\HitsBlender.exe [2014-2-14 1449984]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
R2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe;c:\program files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe [x]
R2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe;c:\windows\SYSNATIVE\libusbd-nt.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 WSWNA3100;WSWNA3100;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 vpcuxd;USB-Virtualisierungsstubdienst;c:\windows\system32\DRIVERS\vpcuxd.sys;c:\windows\SYSNATIVE\DRIVERS\vpcuxd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AVer7231_x64;AVerMedia 7231 capture service;c:\windows\system32\DRIVERS\AVer7231_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer7231_x64.sys [x]
S3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 13:10]
.
2014-03-17 c:\windows\Tasks\DriverToolkit Autorun.job
- c:\program files (x86)\DriverToolkit\DriverToolkit.exe [2014-03-11 13:22]
.
2014-03-17 c:\windows\Tasks\WpsUpdateTask_Joël.job
- c:\program files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-09-17 23:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:37	2322576	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-26 835072]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\6ad22dyw.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.ch/
FF - ExtSQL: !HIDDEN! 2012-05-15 16:28; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Croc 2 - c:\windows\IsUn0407.exe
AddRemove-Der Mondkalender - c:\windows\IsUn0407.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-f9d62fda-2190-4b1c-b5eb-60bff78bf46d - c:\program files (x86)\Show-Password\Uninstall.exe
AddRemove-PC Speed Maximizer_is1 - c:\program files (x86)\PC Speed Maximizer\unins000.exe
AddRemove-Registry Helper - c:\program files (x86)\Registry Helper\uninst.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{e81a9dc1} - c:\progra~2\GS-ENA~1\ASSIST~1.DLL
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
AddRemove-{F6A71DC7-28F4-C6C7-8FA9-8A56C80FC96A} - c:\programdata\BBestSavveForYou\9.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4072727702-2463935606-4169030245-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{883F54A2-571D-8ED6-B7A3-A4BE3FEB35A0}*]
"oahbdehojejfnbijgdeagnlkbcgfdh"=hex:69,61,6c,61,65,65,62,63,67,6d,69,6b,63,61,
   66,67,64,67,00,f9
"nanbnemehljdpjlmclnbcmjlpobn"=hex:69,61,6c,61,65,65,62,63,67,6d,69,6b,63,61,
   66,67,64,67,00,00
.
[HKEY_USERS\S-1-5-21-4072727702-2463935606-4169030245-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:eb,b2,bc,6e,8e,43,99,57,4e,0a,9d,d4,32,5d,44,fb,f3,87,98,7c,84,a4,c1,
   55,d6,27,ec,96,f2,9d,f7,65,a3,f9,c7,9c,b5,83,60,ca,3d,a4,e3,b2,1c,78,a7,1b,\
"??"=hex:a0,85,c7,63,d7,4e,60,f5,47,d3,99,36,01,6b,b9,5f
.
[HKEY_USERS\S-1-5-21-4072727702-2463935606-4169030245-1000\Software\SecuROM\License information*]
"datasecu"=hex:76,74,3b,c9,ae,41,cc,16,b2,6a,f3,04,38,bc,5e,dd,22,08,06,88,82,
   07,3a,79,36,57,50,f6,af,ba,e5,fd,0c,a8,d5,84,c8,66,b6,70,76,94,79,d3,44,ab,\
"rkeysecu"=hex:b6,12,a2,75,26,8d,19,a0,34,eb,a0,63,24,b5,b2,1f
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-17  13:30:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-17 12:30
ComboFix2.txt  2012-12-04 20:24
.
Vor Suchlauf: 1451848663040 Bytes frei
Nach Suchlauf: 1475619024896 Bytes frei
.
- - End Of File - - 5538CDAAF19B19AF60FA37EB67FE1F02

cosinus · 17.03.2014, 16:33

Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Joel14 · 17.03.2014, 21:59

Es scheint wieder alles zu funktionieren. Danke

Internet lädt ewigs obwohl gute verbindung besteht

Plagegeister aller Art und deren Bekämpfung: Internet lädt ewigs obwohl gute verbindung besteht