|
Plagegeister aller Art und deren Bekämpfung: Langsames InternetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.11.2014, 01:03 | #1 |
| Langsames Internet Hallo Tut mir leid dass ich wieder eure Hilfe brauche aber das Internet wurde heute plötzlich wieder sehr langsam. Was Kann ich tun? |
02.11.2014, 06:54 | #2 |
/// the machine /// TB-Ausbilder | Langsames Internet hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
02.11.2014, 22:38 | #3 |
| Langsames Internet FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014 Ran by Joël (administrator) on JOEL-HP on 02-11-2014 18:20:34 Running from C:\Users\Joël\Downloads Loaded Profile: Joël (Available profiles: Joël) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BitTorrent Inc.) C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Dropbox, Inc.) C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Farbar) C:\Users\Joël\Downloads\FRST64(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.) HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-14] (AVAST Software) HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2012-01-18] (VMware, Inc.) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC) HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.) HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [uTorrent] => C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-29] (BitTorrent Inc.) HKU\S-1-5-21-1424248093-816826443-285343795-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () Startup: C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/35 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/35 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/35 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-1424248093-816826443-285343795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {CA84F3A1-C833-4BCE-8DF7-4C8474995A97} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-18] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158 FireFox: ======== FF ProfilePath: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Download videos and MP3s from YouTube - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-10-01] FF Extension: Popular Website Buddy - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\jid1-l6V8exwLVv1lBw@jetpack.xpi [2014-05-15] FF Extension: Adblock Plus - C:\Users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-02] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-10-31] FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-10-31] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-07-17] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-14] FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-10-01] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-14] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-14] (AVAST Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-09-15] (IObit) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed] R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed] R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2012-01-18] (VMware, Inc.) [File not signed] R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-01-18] () [File not signed] S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-14] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-14] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-14] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-14] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-14] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-14] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-14] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-14] () R3 AVer7231_x64; C:\Windows\System32\DRIVERS\AVer7231_x64.sys [1873024 2012-06-27] (AVerMedia TECHNOLOGIES, Inc.) R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2014-10-02] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-08] (Disc Soft Ltd) S3 ElgatoGC656Y; C:\Windows\System32\Drivers\ElgatoGC656.sys [94440 2014-07-07] (UB658) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [549704 2012-06-21] () S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-02 18:19 - 2014-11-02 18:19 - 00056454 _____ () C:\Users\Joël\Documents\FRST.txt 2014-11-02 18:17 - 2014-11-02 18:17 - 02114560 _____ (Farbar) C:\Users\Joël\Downloads\FRST64(1).exe 2014-11-02 14:20 - 2014-11-02 15:18 - 00000112 _____ () C:\Windows\setupact.log 2014-11-02 14:20 - 2014-11-02 14:20 - 00001924 _____ () C:\Windows\PFRO.log 2014-11-02 14:20 - 2014-11-02 14:20 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-02 01:20 - 2014-11-02 01:20 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2014-11-02 01:20 - 2014-11-02 01:20 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-11-02 01:20 - 2014-11-02 01:20 - 00000000 ____D () C:\Program Files\MSBuild 2014-11-02 01:20 - 2014-11-02 01:20 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-11-02 01:20 - 2014-11-02 01:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-11-02 01:06 - 2014-11-02 01:06 - 04974864 _____ (Piriform Ltd) C:\Users\Joël\Downloads\ccsetup419(1).exe 2014-11-02 00:52 - 2014-11-02 18:20 - 00022997 _____ () C:\Users\Joël\Downloads\FRST.txt 2014-11-02 00:52 - 2014-11-02 18:20 - 00000000 ____D () C:\FRST 2014-11-02 00:52 - 2014-11-02 00:52 - 00043898 _____ () C:\Users\Joël\Downloads\Addition.txt 2014-11-02 00:51 - 2014-11-02 00:51 - 02114048 _____ (Farbar) C:\Users\Joël\Downloads\FRST64.exe 2014-11-02 00:46 - 2014-11-02 00:46 - 00001177 _____ () C:\Users\Joël\Desktop\JRT.txt 2014-11-02 00:42 - 2014-11-02 00:42 - 01706359 _____ (Thisisu) C:\Users\Joël\Downloads\JRT(1).exe 2014-11-02 00:28 - 2014-11-02 00:28 - 00032125 _____ () C:\ComboFix.txt 2014-11-02 00:15 - 2014-11-02 00:28 - 00000000 ____D () C:\Qoobox 2014-11-02 00:15 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-02 00:15 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-02 00:15 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-02 00:15 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-02 00:15 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-02 00:15 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-02 00:15 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-02 00:15 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-02 00:13 - 2014-11-02 00:14 - 05591672 ____R (Swearware) C:\Users\Joël\Downloads\ComboFix.exe 2014-11-01 23:55 - 2014-11-01 23:59 - 00000000 ____D () C:\AdwCleaner 2014-11-01 23:51 - 2014-11-01 23:51 - 01998336 _____ () C:\Users\Joël\Downloads\AdwCleaner_4.002.exe 2014-11-01 23:49 - 2014-11-01 23:50 - 04974864 _____ (Piriform Ltd) C:\Users\Joël\Downloads\ccsetup419.exe 2014-11-01 23:31 - 2014-11-01 23:31 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-01 23:30 - 2014-11-01 23:30 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Joël\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-01 23:29 - 2014-11-01 23:50 - 00000000 ____D () C:\Users\Joël\Downloads\MW2-MP Multiplayer Crack Files v2.4+ (For play Online)-[COTTA Studios™]- 2014-11-01 23:28 - 2014-11-01 23:28 - 00021124 _____ () C:\Users\Joël\Downloads\[kickass.to]call.of.duty.modern.warfare.2.free.multiplayer.files.v2.4.cc.torrent 2014-11-01 23:02 - 2014-11-01 23:16 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\OBS 2014-11-01 23:02 - 2014-11-01 23:02 - 00000937 _____ () C:\Users\Joël\Desktop\Open Broadcaster Software.lnk 2014-11-01 23:02 - 2014-11-01 23:02 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software 2014-11-01 23:02 - 2014-11-01 23:02 - 00000000 ____D () C:\Program Files\OBS 2014-11-01 23:02 - 2014-11-01 23:02 - 00000000 ____D () C:\Program Files (x86)\OBS 2014-11-01 23:01 - 2014-11-01 23:01 - 07463237 _____ () C:\Users\Joël\Downloads\OBS_0_637b_Installer.exe 2014-11-01 22:57 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2014-11-01 22:57 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll 2014-11-01 22:57 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2014-11-01 22:57 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2014-11-01 22:57 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2014-11-01 22:57 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2014-11-01 22:57 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll 2014-11-01 22:57 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2014-11-01 22:57 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2014-11-01 22:57 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2014-11-01 22:57 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2014-11-01 22:57 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2014-11-01 22:57 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll 2014-11-01 22:56 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2014-11-01 22:56 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll 2014-11-01 22:56 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2014-11-01 22:56 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2014-11-01 22:56 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2014-11-01 22:56 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2014-11-01 22:56 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2014-11-01 22:56 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2014-11-01 22:56 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2014-11-01 22:56 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2014-11-01 22:56 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2014-11-01 22:56 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2014-11-01 22:56 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2014-11-01 22:56 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2014-11-01 22:56 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2014-11-01 22:56 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2014-11-01 22:56 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2014-11-01 22:56 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2014-11-01 22:54 - 2014-11-01 22:54 - 00001191 _____ () C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 SP.lnk 2014-11-01 22:54 - 2014-11-01 22:54 - 00001191 _____ () C:\Users\Public\Desktop\Call of Duty Modern Warfare 2 MP.lnk 2014-11-01 22:54 - 2014-11-01 22:54 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\SplitmediaLabs 2014-11-01 22:54 - 2014-11-01 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision 2014-11-01 22:46 - 2014-11-01 23:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-01 22:46 - 2014-11-01 23:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-01 22:41 - 2014-11-01 22:42 - 00000000 ____D () C:\Users\Joël\Desktop\XSplit 2014-11-01 22:39 - 2014-11-01 22:39 - 39657456 ____R () C:\Users\Joël\Downloads\XSplit v1.3.1311.1201.rar 2014-11-01 22:36 - 2014-11-01 22:36 - 51194616 _____ (SplitmediaLabs) C:\Users\Joël\Downloads\xsplit_gc_installer.exe 2014-11-01 22:09 - 2014-11-01 23:15 - 749801214 _____ () C:\Users\Joël\Downloads\Legend of Zelda, The - Twilight Princess.7z.part 2014-11-01 17:34 - 2014-11-01 17:42 - 168342149 _____ () C:\Users\Joël\Downloads\Super Mario Sunshine (Europe) (En,Fr,De,Es,It).7z.part 2014-11-01 17:28 - 2014-11-01 17:28 - 00000000 ____D () C:\Users\Joël\Documents\Dolphin Emulator 2014-11-01 17:07 - 2011-02-10 04:57 - 00000000 ____D () C:\Users\Joël\Desktop\MasterBoy 2014-11-01 17:06 - 2014-11-01 17:07 - 07949170 _____ () C:\Users\Joël\Downloads\MasterBoy2.02.Signed.zip 2014-11-01 17:02 - 2014-11-01 17:02 - 00575238 _____ () C:\Users\Joël\Downloads\GeMP_3.3-1611(1).rar 2014-11-01 16:48 - 2014-11-01 22:08 - 00000000 ____D () C:\Users\Joël\Desktop\Dolphin 2014-11-01 16:47 - 2013-09-23 19:20 - 13477888 _____ () C:\Users\Joël\Downloads\Dolphin.exe 2014-11-01 16:47 - 2013-09-23 19:20 - 00806912 _____ () C:\Users\Joël\Downloads\DSPTool.exe 2014-11-01 16:47 - 2013-09-23 19:20 - 00000000 ____D () C:\Users\Joël\Downloads\Sys 2014-11-01 16:47 - 2013-09-23 19:20 - 00000000 ____D () C:\Users\Joël\Downloads\Languages 2014-11-01 16:47 - 2013-09-22 19:28 - 00057168 _____ (Microsoft Corporation) C:\Users\Joël\Downloads\vcomp100.dll 2014-11-01 16:47 - 2013-09-20 00:01 - 00417320 _____ () C:\Users\Joël\Downloads\OpenAL32.dll 2014-11-01 16:47 - 2013-01-04 14:09 - 00000451 _____ () C:\Users\Joël\Downloads\cpack_package_description.txt 2014-11-01 16:47 - 2011-09-28 23:53 - 00397824 _____ () C:\Users\Joël\Downloads\SDL.dll 2014-11-01 16:47 - 2011-09-28 23:53 - 00018326 _____ () C:\Users\Joël\Downloads\license.txt 2014-11-01 12:55 - 2014-11-01 12:55 - 00434579 _____ () C:\Users\Joël\Downloads\Super Bomberman 2.zip 2014-11-01 12:51 - 2014-11-01 12:51 - 00342153 _____ () C:\Users\Joël\Downloads\Goof Troop.zip 2014-11-01 12:50 - 2014-11-01 12:50 - 00566356 _____ () C:\Users\Joël\Downloads\Aero Fighters.zip 2014-11-01 12:49 - 2014-11-01 12:49 - 00348487 _____ () C:\Users\Joël\Downloads\Super Mario Kart.zip 2014-11-01 10:53 - 2014-11-01 12:58 - 00000000 ____D () C:\Users\Joël\Desktop\Super Nintendo Games 2014-11-01 10:50 - 2007-01-24 17:22 - 00594432 _____ () C:\Users\Joël\Desktop\zsnesw.exe 2014-11-01 10:48 - 2014-11-01 10:48 - 00867785 _____ () C:\Users\Joël\Downloads\zsnesw151.zip 2014-11-01 01:58 - 2014-11-01 01:58 - 00000000 ____D () C:\Users\Joël\Desktop\Programme 2014-11-01 01:57 - 2014-11-01 02:02 - 00000000 ____D () C:\Users\Joël\Desktop\Restsachen 2014-11-01 01:19 - 2014-11-01 01:33 - 00000072 _____ () C:\Users\Joël\Documents\JoistickN64.jsf 2014-11-01 01:07 - 2014-11-01 01:08 - 10571443 _____ () C:\Users\Joël\Downloads\SCP-DS-Driver-Package-1.2.0.160.7z 2014-11-01 01:06 - 2014-11-01 01:06 - 02467816 _____ () C:\Users\Joël\Downloads\MotioninJoy_060004_amd64_signed.zip 2014-11-01 01:05 - 2014-11-01 01:05 - 04115757 _____ () C:\Users\Joël\Downloads\MotioninJoy_070000_signed.zip 2014-11-01 00:20 - 2014-11-01 00:20 - 01000000 _____ () C:\Users\Joël\Downloads\local 0.6.0001 Full English.part2.rar 2014-11-01 00:20 - 2014-11-01 00:20 - 01000000 _____ () C:\Users\Joël\Downloads\local 0.6.0001 Full English.part1.rar 2014-11-01 00:20 - 2014-11-01 00:20 - 00638623 _____ () C:\Users\Joël\Downloads\local 0.6.0001 Full English.part3.rar 2014-11-01 00:17 - 2014-11-01 00:17 - 02295668 _____ () C:\Users\Joël\Downloads\MotioninJoy_060001_amd64.zip 2014-11-01 00:17 - 2014-11-01 00:17 - 01978098 _____ () C:\Users\Joël\Downloads\MotioninJoy_060001_x86.zip 2014-10-31 23:59 - 2014-11-01 01:06 - 00000000 ____D () C:\Program Files\MotioninJoy 2014-10-31 23:57 - 2014-10-31 23:58 - 02324562 _____ (www.motioninjoy.com ) C:\Users\Joël\Downloads\MotioninJoy_060001_amd64_signed.exe 2014-10-31 23:47 - 2014-10-31 23:47 - 00918162 _____ () C:\Users\Joël\Downloads\TocaEdit.zip 2014-10-31 23:42 - 2014-10-31 23:42 - 00001458 _____ () C:\Users\Joël\Downloads\Xpadder.ini 2014-10-31 18:41 - 2014-10-31 18:41 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\MotioninJoy 2014-10-31 18:40 - 2010-05-03 16:12 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll 2014-10-31 18:23 - 2014-10-31 18:23 - 00816854 _____ () C:\Users\Joël\Downloads\JoyToKey_en.zip 2014-10-31 18:14 - 2014-10-31 18:14 - 00002932 _____ () C:\Windows\System32\Tasks\{A7B46BDD-C862-49DE-B43C-680736A7B63C} 2014-10-31 18:13 - 2014-10-31 18:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-31 18:12 - 2014-10-31 18:12 - 00002932 _____ () C:\Windows\System32\Tasks\{CF030C54-0A1D-4F7F-817C-F97C5889DADF} 2014-10-31 18:12 - 2014-10-31 18:12 - 00002932 _____ () C:\Windows\System32\Tasks\{AB743845-5798-4955-B94C-DE1B6DA9B041} 2014-10-31 18:12 - 2014-10-31 18:12 - 00002932 _____ () C:\Windows\System32\Tasks\{16AA9BA4-245E-4DDA-8018-7B94561E63E1} 2014-10-31 18:11 - 2014-10-31 18:11 - 00002932 _____ () C:\Windows\System32\Tasks\{53376D40-26A9-4AB8-BD3A-01E663446AA5} 2014-10-31 18:10 - 2014-10-31 18:11 - 01009664 _____ () C:\Users\Joël\Downloads\Xpadder.exe 2014-10-30 00:56 - 2014-10-30 00:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf 2014-10-30 00:55 - 2013-05-05 17:32 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys 2014-10-30 00:55 - 2013-01-07 10:56 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll 2014-10-30 00:54 - 2014-10-30 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories 2014-10-30 00:54 - 2014-10-30 00:54 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories 2014-10-30 00:30 - 2014-10-30 00:30 - 00709791 _____ () C:\Users\Joël\Downloads\BetterDS3_1.2.1.zip 2014-10-30 00:29 - 2014-10-30 00:29 - 00759932 _____ () C:\Users\Joël\Downloads\BetterDS3_1.5.3(1).zip 2014-10-30 00:15 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2014-10-30 00:14 - 2014-10-30 00:15 - 01786043 _____ () C:\Users\Joël\Downloads\PS3 x64.zip 2014-10-29 23:37 - 2014-10-29 23:37 - 00002930 _____ () C:\Windows\System32\Tasks\{D0C6E61D-73B0-4921-91B6-E9DC4CAA7D3A} 2014-10-29 23:34 - 2014-10-29 23:34 - 00759932 _____ () C:\Users\Joël\Downloads\BetterDS3_1.5.3.zip 2014-10-29 23:32 - 2014-10-29 23:32 - 01125200 _____ () C:\Users\Joël\Downloads\Better DS3 - CHIP-Installer.exe 2014-10-29 22:22 - 2014-10-29 22:22 - 02523114 _____ () C:\Users\Joël\Downloads\MotioninJoy.7z 2014-10-29 22:00 - 2014-10-29 22:00 - 00351992 _____ (Microsoft Corporation) C:\Users\Joël\Downloads\verdan32.exe 2014-10-29 21:58 - 2014-10-29 21:58 - 01125200 _____ () C:\Users\Joël\Downloads\MotioninJoy - CHIP-Installer(1).exe 2014-10-29 21:54 - 2014-10-29 21:54 - 00000072 _____ () C:\Users\Joël\Documents\joystick.jsf 2014-10-29 21:25 - 2014-10-31 19:58 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6 2014-10-29 21:25 - 2014-10-29 21:53 - 00000000 ____D () C:\Program Files (x86)\Project64 1.6 2014-10-29 21:25 - 2014-10-29 21:25 - 00002079 _____ () C:\Users\Joël\Desktop\Project64 1.6.lnk 2014-10-29 21:21 - 2014-10-29 21:21 - 02080797 _____ (Project64 ) C:\Users\Joël\Downloads\project64_1.6.exe 2014-10-29 21:15 - 2014-10-29 21:15 - 00000000 ____D () C:\Program Files (x86)\Activision 2014-10-26 21:26 - 2014-10-26 21:32 - 61353425 _____ () C:\Users\Joël\Downloads\Conker's Bad Fur Day.zip 2014-10-26 21:25 - 2014-10-26 21:28 - 27729528 _____ () C:\Users\Joël\Downloads\Donkey Kong 64.zip 2014-10-26 21:24 - 2014-10-26 21:25 - 12585210 _____ () C:\Users\Joël\Downloads\Super Smash Bros..zip 2014-10-26 21:06 - 2014-10-26 21:09 - 28237412 _____ () C:\Users\Joël\Downloads\Legend of Zelda, The - Majora's Mask (Europe).zip 2014-10-26 21:05 - 2014-10-26 21:05 - 01784707 _____ () C:\Users\Joël\Downloads\DaedalusX64-574.rar 2014-10-26 21:05 - 2014-10-26 21:05 - 01778617 _____ () C:\Users\Joël\Downloads\DaedalusX64-572 32-bit.rar 2014-10-26 18:14 - 2014-10-26 18:14 - 00100436 _____ () C:\Users\Joël\Downloads\25605_UltimateVSHMenu.rar 2014-10-26 16:35 - 2014-10-26 16:35 - 01322018 _____ () C:\Users\Joël\Downloads\6.xx-down(1).zip 2014-10-26 16:23 - 2014-10-26 16:23 - 00464449 _____ () C:\Users\Joël\Downloads\release639me5.zip 2014-10-26 16:16 - 2014-10-26 16:16 - 05585217 _____ () C:\Users\Joël\Downloads\PSP-Module-Checker.zip 2014-10-26 16:11 - 2014-10-26 16:11 - 01322018 _____ () C:\Users\Joël\Downloads\6.xx-down.zip 2014-10-26 16:03 - 2014-10-26 16:05 - 21962174 _____ () C:\Users\Joël\Downloads\pspgraderv008.zip 2014-10-26 15:49 - 2014-10-26 15:52 - 27089888 _____ () C:\Users\Joël\Downloads\PSP_500_FW_UPDATE.RAR 2014-10-26 15:42 - 2014-10-26 15:42 - 01117118 _____ () C:\Users\Joël\Downloads\RECOVERY.zip 2014-10-26 14:23 - 2014-10-26 14:25 - 25627019 _____ () C:\Users\Joël\Downloads\7bdd5f894c092c07cf8068ce60edaf48.rar 2014-10-26 13:58 - 2014-10-26 13:58 - 00459488 _____ () C:\Users\Joël\Downloads\17254_401M332.rar 2014-10-26 13:46 - 2014-10-26 13:47 - 26895072 _____ () C:\Users\Joël\Downloads\Legend of Zelda, The - Ocarina of Time.zip 2014-10-23 08:40 - 2014-10-23 08:40 - 00579233 _____ () C:\Users\Joël\Downloads\Black Ops 2 Game Save Editor.rar 2014-10-23 08:31 - 2014-10-23 08:31 - 00015760 _____ () C:\Users\Joël\Downloads\Sozialarbeiterin+hart+im+Wald+gefickt+%E2%80%93+Heimlich+gefilmt(1).torrent 2014-10-23 08:24 - 2014-10-23 08:24 - 00015760 _____ () C:\Users\Joël\Downloads\Sozialarbeiterin+hart+im+Wald+gefickt+%E2%80%93+Heimlich+gefilmt.torrent 2014-10-19 14:21 - 2014-10-19 14:21 - 00028132 _____ () C:\Users\Joël\Downloads\A5569133C69CBF9798E626ACED3D19683F3D82BE.torrent 2014-10-18 21:02 - 2014-10-18 21:02 - 27419378 _____ () C:\Users\Joël\Downloads\MultiBeast-Mountain-Lion-Edition-5.5.5.zip 2014-10-18 18:01 - 2014-10-18 18:01 - 00000000 ____D () C:\$WINDOWS.~BT 2014-10-18 17:43 - 2014-10-18 17:44 - 00000000 ____D () C:\Users\Joël\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2014-10-18 17:43 - 2014-10-18 17:43 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2014-10-18 17:41 - 2014-10-18 17:41 - 02721168 _____ (Microsoft Corporation) C:\Users\Joël\Downloads\windowsusbdvdtool_19480.exe 2014-10-18 16:02 - 2013-07-10 18:42 - 00000000 ____D () C:\Windows\onhax-temp 2014-10-18 16:01 - 2014-10-18 16:01 - 03865619 _____ () C:\Users\Joël\Downloads\Windows 8.0 Activator 2014.rar 2014-10-18 15:56 - 2014-10-18 15:56 - 00139951 _____ () C:\Users\Joël\Downloads\Windows 8.1 Activator 2.rar 2014-10-18 15:56 - 2014-10-18 15:56 - 00004355 _____ () C:\Users\Joël\Downloads\W7-8.0-8.1 Keys.txt 2014-10-18 15:55 - 2014-10-18 15:56 - 10068067 _____ () C:\Users\Joël\Downloads\KMSpico 9.3.3.rar 2014-10-18 15:45 - 2014-10-18 15:45 - 02392018 _____ () C:\Users\Joël\Downloads\For_Windows_8_3(1).rar 2014-10-18 15:40 - 2014-10-18 15:40 - 00002886 _____ () C:\Windows\System32\Tasks\{D85A24B3-D48F-4598-8E27-F76B2A8EF310} 2014-10-18 15:40 - 2014-10-18 15:40 - 00002886 _____ () C:\Windows\System32\Tasks\{AC2A9EE0-9FB9-49DC-B676-D74622B76485} 2014-10-18 15:39 - 2014-10-18 15:39 - 00002886 _____ () C:\Windows\System32\Tasks\{CD3DD6CE-EDFC-4EA9-8914-6E59CCE95E7A} 2014-10-18 15:30 - 2014-10-18 16:16 - 00000000 ____D () C:\Users\Joël\Downloads\Windows 8.1 Pro VL X64 MULTI-6 ESD Pre-Activated Oct 2014 2014-10-18 12:27 - 2014-10-18 12:27 - 00010223 _____ () C:\Users\Joël\Downloads\Windows 8 7850 Activator v0 9 3 [found-on-www-bitreactor-to].torrent 2014-10-18 11:27 - 2014-10-18 11:37 - 107159599 _____ () C:\Users\Joël\Downloads\16462_FarUrlRacTeaFasWel201VOi.rar 2014-10-18 10:45 - 2014-10-18 10:48 - 00000000 ____D () C:\Users\Joël\Downloads\Windows 8.1 AIO 48in1 with Update x64 en-US Oct2014 2014-10-17 23:49 - 2014-10-18 01:58 - 00000000 ____D () C:\Users\Joël\Downloads\Call of Duty Modern Warfare 2 2014-10-09 14:12 - 2014-10-09 14:12 - 00002137 _____ () C:\Users\Public\Desktop\VMware Workstation.lnk 2014-10-09 14:12 - 2014-10-09 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-10-09 14:12 - 2012-01-18 14:47 - 00942192 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll 2014-10-09 14:12 - 2012-01-18 14:47 - 00433264 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe 2014-10-09 14:12 - 2012-01-18 14:47 - 00354416 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe 2014-10-09 14:12 - 2012-01-18 14:47 - 00063088 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys 2014-10-09 14:12 - 2012-01-18 14:46 - 00030320 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys 2014-10-09 14:12 - 2011-08-29 21:11 - 00039024 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys 2014-10-09 14:11 - 2014-10-09 14:12 - 04281991 _____ () C:\Users\Joël\Downloads\ML_VMWARE_iHackintosh.zip 2014-10-09 14:11 - 2014-10-09 14:11 - 00000000 ____D () C:\Users\Public\Documents\Shared Virtual Machines 2014-10-09 14:11 - 2014-10-09 14:11 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-10-09 12:49 - 2014-10-09 13:31 - 00000000 ____D () C:\Users\Joël\Downloads\OS X 10.8 Mountain Lion Retail VMware Image 2014-10-09 12:36 - 2014-10-09 12:36 - 03339822 _____ () C:\Users\Joël\Downloads\mac-os-x-lion-10.7.5-update-fixer.zip 2014-10-09 11:51 - 2014-10-31 18:51 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoël 2014-10-09 11:51 - 2014-10-31 18:51 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoël.job 2014-10-09 11:23 - 2014-10-09 12:48 - 00000000 ____D () C:\Users\Joël\Downloads\Mac OS X Snow Leopard 10.6.8 VMware Image [Ultimate Build] 2014-10-09 11:21 - 2014-10-09 11:21 - 00000000 ____D () C:\Users\Joël\Downloads\VMware Workstation 8 FULL 2014-10-09 02:02 - 2014-10-09 13:51 - 00000000 ____D () C:\Users\Joël\Documents\Virtual Machines 2014-10-09 00:33 - 2014-10-09 01:44 - 4240605184 ____R () C:\Users\Joël\Downloads\OSX_10.6.7.iso 2014-10-08 23:58 - 2014-10-11 14:33 - 00000000 ____D () C:\Users\Joël\AppData\Local\VMware 2014-10-08 23:57 - 2014-10-11 14:56 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\VMware 2014-10-08 23:47 - 2014-10-08 23:47 - 00001024 _____ () C:\Windows\SysWOW64\%TMP% 2014-10-08 23:46 - 2014-11-02 14:20 - 00000000 ____D () C:\ProgramData\VMware 2014-10-08 23:46 - 2014-10-09 14:11 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-10-08 23:29 - 2014-10-09 00:05 - 00000000 ____D () C:\Users\Joël\Downloads\Mac OS X Lion 10.7.5 VMware Image 2014-10-08 23:23 - 2014-10-08 23:29 - 2194900992 _____ () C:\Users\Joël\Downloads\OS X Yosemite PB4.dmg 2014-10-08 23:19 - 2014-10-08 23:26 - 513772400 ____R (VMware, Inc.) C:\Users\Joël\Downloads\VMware-workstation-full-10.0.0-1295980.exe 2014-10-08 20:15 - 2014-11-02 01:08 - 00000000 ____D () C:\Users\Joël\AppData\Local\CrashDumps 2014-10-08 13:44 - 2014-10-08 13:45 - 11840839 _____ () C:\Users\Joël\Downloads\Windows6.1-KB2670838-x64.msu 2014-10-08 13:43 - 2014-10-08 13:43 - 00001136 _____ () C:\Users\Public\Desktop\Game Capture HD.lnk 2014-10-08 13:43 - 2014-10-08 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato 2014-10-08 13:43 - 2014-10-08 13:43 - 00000000 ____D () C:\Program Files\Elgato 2014-10-08 13:42 - 2014-10-08 14:03 - 00000000 ____D () C:\Users\Joël\AppData\Local\ub65x 2014-10-08 13:42 - 2014-10-08 13:42 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Elgato 2014-10-08 13:42 - 2014-10-08 13:42 - 00000000 ____D () C:\Program Files (x86)\Elgato 2014-10-08 13:41 - 2014-10-08 13:41 - 42127360 _____ () C:\Users\Joël\Downloads\GameCaptureSetup_2.01.36.msi 2014-10-08 09:50 - 2014-10-31 19:56 - 00000576 _____ () C:\Users\Joël\Desktop\x360ce.ini 2014-10-08 09:02 - 2014-10-08 09:02 - 00001276 _____ () C:\Users\Joël\Desktop\Middle Earth Shadow of Mordor.lnk 2014-10-08 09:02 - 2014-10-08 09:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor 2014-10-07 20:39 - 2014-10-07 23:28 - 00000000 ____D () C:\Users\Joël\Downloads\Middle.Earth.Shadow.of.Mordor.HD.Texture.Pack.Addon-CODEX 2014-10-07 19:56 - 2014-10-07 19:56 - 00003012 _____ () C:\Windows\System32\Tasks\{AC2F21BE-3401-4A84-B69A-1E5406AA9993} 2014-10-07 19:40 - 2014-10-07 19:40 - 00000000 ____D () C:\Users\Joël\Documents\WB Games 2014-10-07 19:40 - 2014-10-07 19:40 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Steam 2014-10-07 19:11 - 2014-10-08 09:02 - 00000000 ____D () C:\Program Files (x86)\Middle Earth Shadow of Mordor 2014-10-06 21:59 - 2014-10-07 14:21 - 00000000 ____D () C:\Users\Joël\Downloads\codex-middle.earth.shadow.of.mordor 2014-10-06 19:31 - 2014-10-06 19:31 - 00000000 ____D () C:\Users\Joël\AppData\Local\My Games 2014-10-06 18:00 - 2014-10-06 19:35 - 2116012032 ____R () C:\Users\Joël\Downloads\Windows8.1_x64_Updates_25_09_2014.iso 2014-10-06 18:00 - 2014-10-06 18:54 - 29579264 ____R () C:\Users\Joël\Downloads\Civilization V.iso 2014-10-06 17:55 - 2014-10-06 17:55 - 00000000 ____D () C:\Users\Joël\Downloads\KMS Activator for Windows + Office's + KMSpico Activator v9 2014-10-04 13:58 - 2014-10-04 13:58 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Joël\Downloads\mbam-setup-2.0.2.1012(4).exe 2014-10-04 00:14 - 2014-10-04 00:14 - 01702068 _____ (Thisisu) C:\Users\Joël\Downloads\JRT.exe 2014-10-03 23:57 - 2014-10-03 23:57 - 00220696 _____ () C:\Users\Joël\Documents\cc_20141004_005731.reg 2014-10-03 22:46 - 2014-10-03 22:46 - 00000042 _____ () C:\Windows\SysWOW64\AK083E209605E394C.lie 2014-10-03 22:46 - 2014-10-03 22:46 - 00000000 ____D () C:\Rbackup 2014-10-03 22:45 - 2014-10-03 22:45 - 02787720 _____ (www.PerfectUninstaller.com ) C:\Users\Joël\Downloads\PerfectUninstaller_Setup.exe 2014-10-03 20:51 - 2014-10-03 20:51 - 01375089 _____ () C:\Users\Joël\Downloads\AdwCleaner_3.311.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-02 18:20 - 2014-04-08 23:49 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\uTorrent 2014-11-02 18:20 - 2014-04-01 23:07 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Skype 2014-11-02 17:00 - 2014-04-01 19:32 - 02060908 _____ () C:\Windows\WindowsUpdate.log 2014-11-02 15:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-11-02 14:28 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-02 14:28 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-02 14:21 - 2014-04-09 23:58 - 00000000 ___RD () C:\Users\Joël\Dropbox 2014-11-02 14:21 - 2014-04-09 23:46 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\Dropbox 2014-11-02 14:20 - 2011-07-18 01:26 - 00000000 ____D () C:\ProgramData\PDFC 2014-11-02 14:20 - 2011-07-18 01:09 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-02 14:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-02 13:37 - 2014-10-02 11:36 - 00000000 ____D () C:\Users\Joël\Downloads\NCH Debut Video Capture Software v2 02 incl Keygen-LAXiTY 2014-11-02 01:21 - 2011-07-18 00:54 - 00712990 _____ () C:\Windows\system32\perfh007.dat 2014-11-02 01:21 - 2011-07-18 00:54 - 00155952 _____ () C:\Windows\system32\perfc007.dat 2014-11-02 01:09 - 2014-05-11 06:27 - 00000000 ____D () C:\Users\Joël\AppData\Local\Apps\2.0 2014-11-02 01:08 - 2014-07-25 01:14 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-11-02 01:08 - 2014-04-08 18:35 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\DAEMON Tools Lite 2014-11-02 01:07 - 2014-09-15 18:32 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-02 00:27 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-11-02 00:02 - 2014-09-15 16:25 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-02 00:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-11-01 23:32 - 2014-09-14 21:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-01 23:31 - 2014-09-14 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-01 23:31 - 2014-09-14 21:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-01 23:16 - 2014-09-21 21:21 - 00000000 ____D () C:\Users\Joël\AppData\Local\Adobe 2014-11-01 23:04 - 2014-10-02 19:05 - 00000000 ____D () C:\Users\Joël\Documents\Bandicam 2014-11-01 16:54 - 2009-07-14 06:13 - 01567388 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-01 10:50 - 2014-10-01 16:53 - 00000000 ____D () C:\Users\Joël\Desktop\Games 2014-11-01 02:04 - 2014-08-24 11:29 - 00000000 ____D () C:\Windows\pss 2014-11-01 01:06 - 2014-07-15 08:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2014-11-01 00:43 - 2014-10-01 22:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol 2014-11-01 00:24 - 2014-04-01 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-31 16:57 - 2014-09-14 23:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-30 01:01 - 2014-07-27 18:04 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-10-29 21:58 - 2014-07-15 08:38 - 04117346 _____ () C:\Users\Joël\Downloads\MotioninJoy_071001_signed.zip 2014-10-24 18:07 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-10-19 04:11 - 2014-04-02 03:47 - 00000000 ____D () C:\ProgramData\Recovery 2014-10-18 18:06 - 2014-08-24 14:05 - 00001890 _____ () C:\Windows\diagwrn.xml 2014-10-18 18:06 - 2014-08-24 14:05 - 00001890 _____ () C:\Windows\diagerr.xml 2014-10-18 16:39 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-10-18 16:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-10-17 23:32 - 2014-04-24 20:25 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\TrueCrypt 2014-10-10 11:40 - 2014-04-29 01:41 - 00011264 _____ () C:\Users\Joël\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-10-09 15:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK 2014-10-09 15:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR 2014-10-09 15:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-10-09 15:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-10-09 14:12 - 2011-02-11 18:15 - 01678048 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-10-09 11:30 - 2014-04-03 16:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-10-09 11:28 - 2014-04-03 16:54 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\HP Support Assistant 2014-10-09 11:28 - 2014-04-02 23:19 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\HpUpdate 2014-10-08 13:05 - 2014-04-08 23:08 - 00000000 ____D () C:\Users\Joël\AppData\Roaming\vlc 2014-10-06 19:32 - 2014-07-27 19:06 - 00000000 ____D () C:\Users\Joël\AppData\Local\SKIDROW 2014-10-06 19:31 - 2014-04-02 18:27 - 00000000 ____D () C:\Users\Joël\Documents\My Games 2014-10-06 13:28 - 2011-02-11 18:00 - 00000000 ____D () C:\Windows\Panther 2014-10-04 14:23 - 2014-09-29 20:47 - 00000000 ____D () C:\Users\Joël\AppData\Local\15972 2014-10-03 17:29 - 2009-07-14 03:34 - 00000615 _____ () C:\Windows\win.ini Some content of TEMP: ==================== C:\Users\Joël\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofyjop.dll C:\Users\Joël\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION! LastRegBack: 2014-10-26 13:18 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2014 Ran by Joël at 2014-11-02 18:21:13 Running from C:\Users\Joël\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Advanced Archive Password Recovery (HKCU\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Age Of Empires 3 version 1.0.0.0 (HKLM-x32\...\{9723A036-AC58-4D9A-B677-8D5BD2F312EF}_is1) (Version: 1.0.0.0 - Strogino CS Portal) Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios) Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden AirParrot (HKLM\...\{D523F3B0-B5FE-43D0-BFE7-62CA0DD598BD}) (Version: 1.1.7 - Squirrels) Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software) B109n-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.2.454 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden BrightiaPlusの削除 (HKLM-x32\...\BrightiaPlus) (Version: - ) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version: - Activision) CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden clrmamepro (HKLM-x32\...\clrmamepro) (Version: 4.00.15.0 - Roman Scherzer) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions) Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dead Island Riptide (c) Deep Silver version 1 (HKLM-x32\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - ) Deadfall Adventures (HKLM-x32\...\RGVhZGZhbGxBZHZlbnR1cmVz_is1) (Version: 1 - ) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.) DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC) Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) DUNGEONS (HKLM-x32\...\{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}) (Version: 1.0.0.1 - Realmforge Studios GmbH) Earthworm Jim 1 and 2 (HKLM-x32\...\GOGPACKEARTHWORMJIM12_is1) (Version: 2.0.0.7 - GOG.com) Earthworm Jim 3D (HKLM-x32\...\Earthworm Jim 3D) (Version: - ) Elcomsoft Phone Password Breaker (HKLM-x32\...\{91E3CFF8-5A2F-4895-A6BE-6883A66C6CD8}) (Version: 3.00.106.2053 - Elcomsoft Co. Ltd.) Elgato Game Capture HD (HKLM-x32\...\{71445FE8-5355-49EE-BC77-6B86C0A92155}) (Version: 2.01.36.763 - Elgato Systems GmbH) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Free Video Editor version 1.4.5.923 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.5.923 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.44.922 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.922 - DVDVideoSoft Ltd.) Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Game Capture HD v2.3.3.38 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.38 - Elgato Systems) Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - ) Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photosmart Wireless B109n-z All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{79A72AAD-7ED4-49D8-872D-D1465061F9DB}) (Version: - HP) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP) HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard) HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard) HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5902.0 - IDT) ILLUSION ジンコウガクエン (HKLM-x32\...\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}) (Version: 1.00.0000 - ILLUSION) ILLUSION ジンコウガクエン きゃらめいく (HKLM-x32\...\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}) (Version: 1.00.0000 - ILLUSION) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit) iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.) Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 10.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - ) LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden Logix Product Key Viewer (HKLM-x32\...\Logix Product Key Viewer) (Version: - S.C. Logix S.R.L.) Logix Product Key Viewer (x32 Version: 1.2.1.11 - S.C. Logix S.R.L.) Hidden Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS) Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - ) Magic The Gathering Online (HKCU\...\35c9d60442fbb010) (Version: 3.4.81.404 - Wizards of the Coast) Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4D243BA7-9AC4-46D1-90E5-EEB88974F501}) (Version: 2.0.687.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}) (Version: 2.0.687.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Office ScreenTip Language 2013 - Deutsch (HKLM\...\{90150000-00BD-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - ) MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MotioninJoy DS3 driver version 0.6.0004 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0004 - www.motioninjoy.com) Mozilla Firefox 33.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.5 - Hewlett-Packard) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR) Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden NVIDIA 3D Vision Driver 267.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.95 - NVIDIA Corporation) NVIDIA Graphics Driver 267.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.95 - NVIDIA Corporation) NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - ) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.1 - Tracker Software Products Ltd) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com) piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64) PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.0 - PS3 Media Server) PS3.ProxyServer (HKLM-x32\...\{FE4086E1-FA7F-4A7A-8FC5-061337B5787E}) (Version: 1.0.0 - CF3B5) PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Rayman Legends (HKLM-x32\...\UmF5bWFuTGVnZW5kcw==_is1) (Version: 1 - ) Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard) Republic Heroes (HKLM-x32\...\{5612C844-55BC-4B77-82C2-A2E28962418E}) (Version: 1.00.0000 - LucasArts) RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.) RomCenter 3.7.1 (HKLM-x32\...\romcenter_is1) (Version: 3.7.1 - Eric Bole-Feysot) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Sonic Generations (HKLM-x32\...\Sonic Generations_is1) (Version: 1.0 - SEGA) Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version: - ) Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian) Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts) Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Thief, âåðñèÿ 1.1.0.0 (HKLM-x32\...\Thief_is1) (Version: 1.1.0.0 - RePack by SEYTER) Tomb Raider: The First Era (HKLM-x32\...\{9F5D630D-CBA3-4C4F-BDDA-3BAB7FD15541}_is1) (Version: Final - Eidos Interactive) Tomb Raider: Underworld 1.0 (HKLM-x32\...\Tomb Raider: Underworld) (Version: - ) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation) Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 3.5.0 - Universal Media Server) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.2.28060 - VMware, Inc) VMware Workstation (x32 Version: 8.0.2.28060 - VMware, Inc.) Hidden WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.01 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH) Worms Ultimate Mayhem - Deluxe Edition (HKLM-x32\...\Worms Ultimate Mayhem - Deluxe Edition_is1) (Version: - ) XBMC (HKCU\...\XBMC) (Version: - Team XBMC) Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1424248093-816826443-285343795-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 26-10-2014 12:25:09 Geplanter Prüfpunkt 29-10-2014 20:23:59 Installed Project64 1.6 29-10-2014 21:29:00 Gerätetreiber-Paketinstallation: www.MotioninJoy.com Microsoft Common Controller für Windows-Klasse 29-10-2014 22:42:56 Gerätetreiber-Paketinstallation: www.MotioninJoy.com Microsoft Common Controller für Windows-Klasse 29-10-2014 23:19:35 Gerätetreiber-Paketinstallation: www.MotioninJoy.com Microsoft Common Controller für Windows-Klasse 29-10-2014 23:54:26 DirectX wurde installiert 29-10-2014 23:55:58 Gerätetreiber-Paketinstallation: Scarlet.Crush Productions Systemgeräte 29-10-2014 23:56:18 Gerätetreiber-Paketinstallation: Scarlet.Crush Productions 01-11-2014 00:08:53 Gerätetreiber-Paketinstallation: Scarlet.Crush Productions Universal Serial Bus devices 01-11-2014 21:45:13 Installed Adobe Flash Player 11 ActiveX. 01-11-2014 21:55:09 DirectX wurde installiert 01-11-2014 23:35:00 Removed Adobe Flash Player 11 ActiveX. 02-11-2014 00:19:33 Windows Modules Installer ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-11-02 00:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {024A2859-258D-4493-A2BB-BB1C93878BCE} - System32\Tasks\{16AA9BA4-245E-4DDA-8018-7B94561E63E1} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] () Task: {043146BB-350D-44C5-9B01-C4F240CA6696} - System32\Tasks\{2CFE9671-6269-4456-AE5B-52EBC7540F6D} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] () Task: {0EC8C87F-E64A-4F50-9234-2366982BF911} - \ea727281-8281-467f-bafd-cf5fb6f1777a-3 No Task File <==== ATTENTION Task: {13ABB5D9-A800-41E7-A8F2-394C199424AF} - System32\Tasks\HPCeeScheduleForJoël => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {1E5DAFCC-BAD7-4DB0-B551-553EFED2D933} - System32\Tasks\{896A5FB8-E31E-48C9-95A7-72FC5CDBB772} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] () Task: {1F6AE4F6-7C1C-4099-8CE4-6C82D2C0846C} - System32\Tasks\{3A66FE75-2B3C-42DE-AA81-A206009E7FDC} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.) Task: {2471713F-F155-45F6-AA8D-4585DA34BDA0} - System32\Tasks\{D85A24B3-D48F-4598-8E27-F76B2A8EF310} => L:\setup.exe Task: {2BEC0B85-8E65-4951-B6AF-B17B275D3C3A} - System32\Tasks\{CF030C54-0A1D-4F7F-817C-F97C5889DADF} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] () Task: {33E022D9-8641-4192-91AC-25B1ABC011F2} - System32\Tasks\{732E911D-7F7F-485E-810B-5D327D1BB2F0} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts) Task: {36300EE4-0538-4B0C-952A-659D2BD3E586} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] () Task: {364D25EC-3FBC-4F1F-B266-2EF6F61DDEC1} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink) Task: {374B3FF1-863A-46E3-9B02-35B07303D7D3} - System32\Tasks\{956F7214-E483-4153-AADB-0108A6806404} => C:\Cronus\BrightiaP\Brightia.exe [2014-07-23] () Task: {424EF6F3-F3D4-4115-A33C-E748FC3539F7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {4A6D28BD-B225-40D9-93E2-C6BA4AE2E205} - System32\Tasks\{AC2F21BE-3401-4A84-B69A-1E5406AA9993} => C:\Program Files (x86)\Middle Earth Shadow of Mordor\x64\ShadowOfMordor.exe [1999-12-11] (WB Games, Inc.) Task: {55360A86-21DC-4312-8C86-11C0D7ABBCA2} - \ea727281-8281-467f-bafd-cf5fb6f1777a-5 No Task File <==== ATTENTION Task: {5621FBF6-ABE9-41B9-B953-43E1B91B5FEC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-14] (AVAST Software) Task: {583032CA-74F5-41DD-A5D8-08FB0AC2D041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2014-10-07] (Microsoft) Task: {5DF9FE70-2F1E-45BA-B903-658003C2B0DF} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-08] () Task: {658F9644-580D-4278-8E58-ACA879BC7F03} - \ea727281-8281-467f-bafd-cf5fb6f1777a-2 No Task File <==== ATTENTION Task: {67CDA07F-A004-4E40-B3D9-C58FAC000C4D} - \ea727281-8281-467f-bafd-cf5fb6f1777a-4 No Task File <==== ATTENTION Task: {72FF79AC-4632-42ED-92B0-ECE635FE5C43} - System32\Tasks\{B6824839-96C6-4F30-A31D-ACC966EC6D60} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.) Task: {73B35674-B2B4-4DD5-BABF-B293D3C8BF1E} - System32\Tasks\{6F1F8080-4EC6-41B8-BDE0-36D4534D4A8A} => C:\Users\Joël\Downloads\gta_sa.exe [2011-12-15] () Task: {7514A5FE-CF5B-445B-8734-FE0A5C861842} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {7DE40AF8-A4B4-48F6-ACDF-DFFDBD9191F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {7FE9D29B-B11A-46D9-85EA-D81E7229FDA0} - System32\Tasks\{F35F547B-5A5B-4BA3-814D-9DA2A4ACC117} => L:\Brightia.exe Task: {821C4BAA-3EE1-46CB-8272-F054B306F6E9} - System32\Tasks\{A7B46BDD-C862-49DE-B43C-680736A7B63C} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] () Task: {8392010E-1EF9-4952-BB27-F668C57C8BCD} - System32\Tasks\{AB743845-5798-4955-B94C-DE1B6DA9B041} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] () Task: {936DA1D0-D0A4-4895-AB42-FE2A652B893D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company) Task: {94113560-D325-4691-94FF-05B510656293} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {94EC3E70-EEBC-4C49-B9DF-D54FF95FBE88} - System32\Tasks\{53376D40-26A9-4AB8-BD3A-01E663446AA5} => C:\Users\Joël\Downloads\Xpadder.exe [2014-10-31] () Task: {959CA229-0258-499B-B36E-8DDC7ADA8A38} - System32\Tasks\{AC2A9EE0-9FB9-49DC-B676-D74622B76485} => L:\setup.exe Task: {9F8E6F53-B834-4BDB-919E-FEEC2481AD62} - System32\Tasks\{FAB1DF28-51CF-410C-94B7-F38DDE8A070E} => C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe [2010-12-23] (LucasArts) Task: {A0DCF04E-30A3-4F00-B76F-3E04E130A96C} - \ea727281-8281-467f-bafd-cf5fb6f1777a-1 No Task File <==== ATTENTION Task: {A53D3E3A-37AC-4410-97EE-179F96F70B0B} - System32\Tasks\{98D9A5E0-5254-4144-BFA9-38EB55BF0CB2} => C:\Program Files (x86)\LucasArts\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU.exe [2009-11-26] (Aspyr Media, Inc.) Task: {A92224E6-38AD-4C30-BC6F-0D9FF249818B} - System32\Tasks\{A4A92AE4-1311-46BB-92D4-C57C70110E8A} => C:\Windows\system32\msiexec.exe [2010-11-21] (Microsoft Corporation) Task: {A98C5DC5-528E-43AD-BD90-834CFD65955F} - System32\Tasks\{D0C6E61D-73B0-4921-91B6-E9DC4CAA7D3A} => C:\Users\Joël\Desktop\DS3_Tool.exe Task: {AD50DD87-3767-4EF4-ABE1-EFDA7E42A2D0} - System32\Tasks\{38225AF4-AE8A-4C1A-9223-4E4A3B464BB8} => C:\GOG Games\Earthworm Jim 1 and 2\Earthworm Jim 2\EWJ2.EXE [2008-11-28] () Task: {B265A417-2ADA-4F31-BCAD-A2FCE5A911D4} - System32\Tasks\{85B5CFAA-3995-4750-BBE9-33E500B03B91} => C:\Program Files (x86)\Deadfall Adventures\Binaries\Win32\ADVGame-Win32-Shipping.exe [2013-11-15] () Task: {BA21F98B-2E7A-4954-9767-67C4BEAD1AA7} - System32\Tasks\{202143D6-9C86-4B06-9877-A8C354898E23} => C:\Program Files (x86)\Sonic Generations\ConfigurationTool.exe [2011-11-04] (SEGA) Task: {BACBC536-0393-4751-B740-C71AF0A78A2B} - System32\Tasks\{9D97C117-B3EA-45BE-9B74-E267A0DDD156} => C:\Program Files (x86)\LucasArts\SWTFU2_PC_EFIGS_1.1_Update.exe [2010-12-06] (LucasArts) Task: {DE63C791-68F5-4DBA-B2BE-944C5296DE42} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company) Task: {E0C0B101-1438-4741-9DA2-730414DEBAAE} - System32\Tasks\{278B0EEE-4136-4E93-A7F9-C7C79F2981E3} => C:\Users\Joël\Downloads\GTASanAndreas\gta_sa.exe [2005-06-08] () Task: {E110F5AC-17AE-45B2-904A-F48A2A087B38} - System32\Tasks\{2661642C-9A09-45BF-B626-1899FBAE6039} => C:\Program Files (x86)\Star Wars.The Force Unleashed.Ultimate Sith Edition.v 1.2.1.29028\SWTFU Launcher.exe Task: {E829C878-233B-4E83-BF78-0BC00F2123A2} - System32\Tasks\{CD3DD6CE-EDFC-4EA9-8914-6E59CCE95E7A} => L:\setup.exe Task: {EE809B7C-C226-4F0A-8FB8-173CEE8D4F51} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-09-15] (IObit) Task: {FE61142E-29B5-4920-B27B-C238A622D931} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-07] (Microsoft) Task: C:\Windows\Tasks\HPCeeScheduleForJoël.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2012-10-01 19:36 - 2012-10-01 19:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-01-18 14:04 - 2012-01-18 14:04 - 11839488 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe 2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2014-05-05 23:21 - 2011-12-08 15:53 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe 2014-10-23 20:19 - 2014-10-23 20:19 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-09-14 23:16 - 2014-09-14 23:16 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-11-01 22:03 - 2014-11-01 22:03 - 02898944 _____ () C:\Program Files\AVAST Software\Avast\defs\14110101\algo.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-01-18 13:43 - 2012-01-18 13:43 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll 2014-07-27 10:41 - 2014-07-27 10:41 - 08892576 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-05-13 16:01 - 2014-05-13 16:01 - 03502592 _____ () C:\Windows\SysWow64\ffdshow.ax 2014-09-14 23:16 - 2014-09-14 23:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2014-05-05 23:21 - 2011-09-13 15:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll 2014-11-02 14:21 - 2014-11-02 14:21 - 00043008 _____ () c:\users\jol~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofyjop.dll 2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Joël\AppData\Roaming\Dropbox\bin\libcef.dll 2014-10-31 18:13 - 2014-10-31 18:13 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-11-01 23:15 - 2014-11-01 23:15 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:05E9FFE5 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Universal Media Server.lnk => C:\Windows\pss\Universal Media Server.lnk.CommonStartup MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: uTorrent => "C:\Users\Joël\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ========================= Accounts: ========================== Administrator (S-1-5-21-1424248093-816826443-285343795-500 - Administrator - Disabled) ASPNET (S-1-5-21-1424248093-816826443-285343795-1002 - Limited - Enabled) Gast (S-1-5-21-1424248093-816826443-285343795-501 - Limited - Disabled) Joël (S-1-5-21-1424248093-816826443-285343795-1000 - Administrator - Enabled) => C:\Users\Joël ==================== Faulty Device Manager Devices ============= Name: VMware Virtual Ethernet Adapter for VMnet1 Description: VMware Virtual Ethernet Adapter for VMnet1 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VMware Virtual Ethernet Adapter for VMnet8 Description: VMware Virtual Ethernet Adapter for VMnet8 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: VMware, Inc. Service: VMnetAdapter Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft-Teredo-Tunneling-Adapter Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Photosmart B110 series Description: Photosmart B110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/02/2014 02:21:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/02/2014 02:31:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10015 Error: (11/02/2014 02:31:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10015 Error: (11/02/2014 02:31:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/02/2014 01:30:54 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm IObitUninstaler.exe, Version 3.3.8.2663 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 5d0 Startzeit: 01cff632a586df4b Endzeit: 280 Anwendungspfad: C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Berichts-ID: 7b7c7761-6227-11e4-b9f8-e06995a7531d System errors: ============= Error: (11/02/2014 02:20:33 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d543a8f8-ba09-11e3-9a9e-806e6f6e6963}" können nicht gelesen werden. Error: (11/02/2014 02:20:32 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT) Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{33e4a300-01a7-4015-9350-c79a837aa608}" können nicht gelesen werden. Error: (11/02/2014 02:20:06 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar. Führen Sie auf dem Volume "E:" den Befehl "chkdsk" aus. Error: (11/02/2014 01:34:04 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Microsoft Office Sessions: ========================= Error: (11/02/2014 02:21:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/02/2014 02:31:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10015 Error: (11/02/2014 02:31:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10015 Error: (11/02/2014 02:31:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/02/2014 01:30:54 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: IObitUninstaler.exe3.3.8.26635d001cff632a586df4b280C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe7b7c7761-6227-11e4-b9f8-e06995a7531d CodeIntegrity Errors: =================================== Date: 2014-11-02 00:26:28.286 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-02 00:26:28.256 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-02 00:26:28.226 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-02 00:26:28.196 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-14 23:35:12.283 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-09-14 23:35:12.267 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz Percentage of memory in use: 43% Total physical RAM: 8174.53 MB Available physical RAM: 4594.53 MB Total Pagefile: 16347.23 MB Available Pagefile: 12111.13 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1848.86 GB) (Free:718.09 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:14.05 GB) (Free:1.73 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: () (Fixed) (Total:465.25 GB) (Free:438.45 GB) NTFS Drive l: (Disk_2) (CDROM) (Total:4.77 GB) (Free:0 GB) CDFS Drive m: (KOTOR2_1) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: D0FBDB0A) Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=1848.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 3253914B) Partition: GPT Partition Type. ==================== End Of Log ============================ |
03.11.2014, 16:50 | #4 | |
/// the machine /// TB-Ausbilder | Langsames InternetZitat:
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.11.2014, 18:57 | #5 |
| Langsames Internet Ja Momentan scheint wieder alles zu funktioneren. Code:
ATTFilter ComboFix 14-10-29.01 - Joël 03.11.2014 18:25:10.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.41.1031.18.8175.6662 [GMT 1:00] ausgeführt von:: c:\users\Joël\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((( Dateien erstellt von 2014-10-03 bis 2014-11-03 )))))))))))))))))))))))))))))) . . 2074-05-18 15:44 . 2008-03-21 12:46 607296 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll 2014-11-03 17:33 . 2014-11-03 17:33 -------- d-----w- c:\users\Public\AppData\Local\temp 2014-11-03 17:33 . 2014-11-03 17:33 -------- d-----w- c:\users\Joel\AppData\Local\temp 2014-11-03 17:33 . 2014-11-03 17:33 -------- d-----w- c:\users\Jo‰l\AppData\Local\temp 2014-11-03 17:33 . 2014-11-03 17:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-11-03 17:33 . 2014-11-03 17:33 -------- d-----w- c:\users\data\AppData\Local\temp 2014-11-03 17:33 . 2014-11-03 17:33 -------- d-----w- c:\users\Berni\AppData\Local\temp 2014-11-03 10:28 . 2014-11-03 10:28 -------- d-----w- c:\users\Joël\AppData\Local\PDFC 2014-11-02 21:39 . 2014-11-02 21:39 -------- d-----w- c:\users\Joël\AppData\Roaming\HPAppData 2014-11-02 18:15 . 2014-11-02 18:15 -------- d-----w- c:\users\Joël\AppData\Local\Macromedia 2014-11-02 00:20 . 2014-11-02 00:20 -------- d-----w- c:\program files (x86)\Reference Assemblies 2014-11-02 00:20 . 2014-11-02 00:20 -------- d-----w- c:\program files (x86)\MSBuild 2014-11-02 00:20 . 2014-11-02 00:20 -------- d-----w- c:\windows\SysWow64\XPSViewer 2014-11-02 00:20 . 2014-11-02 00:20 -------- d-----w- c:\program files\Reference Assemblies 2014-11-02 00:20 . 2014-11-02 00:20 -------- d-----w- c:\program files\MSBuild 2014-11-01 23:52 . 2014-11-02 17:21 -------- d-----w- C:\FRST 2014-11-01 22:55 . 2014-11-01 22:59 -------- d-----w- C:\AdwCleaner 2014-11-01 22:02 . 2014-11-01 22:16 -------- d-----w- c:\users\Joël\AppData\Roaming\OBS 2014-11-01 22:02 . 2014-11-01 22:02 -------- d-----w- c:\program files\OBS 2014-11-01 22:02 . 2014-11-01 22:02 -------- d-----w- c:\program files (x86)\OBS 2014-11-01 21:56 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll 2014-11-01 21:54 . 2014-11-01 21:54 -------- d-----w- c:\users\Joël\AppData\Roaming\SplitmediaLabs 2014-11-01 21:46 . 2014-11-01 22:15 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-11-01 21:46 . 2014-11-01 22:15 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-10-31 22:59 . 2014-11-01 00:06 -------- d-----w- c:\program files\MotioninJoy 2014-10-31 17:41 . 2014-10-31 17:41 -------- d-----w- c:\users\Joël\AppData\Roaming\MotioninJoy 2014-10-31 17:40 . 2010-05-03 15:12 328712 ----a-w- c:\windows\system32\MijFrc.dll 2014-10-29 23:55 . 2013-05-05 16:32 39168 ----a-w- c:\windows\system32\drivers\ScpVBus.sys 2014-10-29 23:55 . 2013-01-07 09:56 1002728 ----a-w- c:\windows\system32\WinUSBCoInstaller2.dll 2014-10-29 23:54 . 2014-10-29 23:54 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories 2014-10-29 23:15 . 2012-05-12 11:31 121416 ----a-w- c:\windows\system32\drivers\MijXfilt.sys 2014-10-29 20:25 . 2014-10-29 20:25 40960 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe 2014-10-29 20:25 . 2014-10-29 20:25 40960 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2014-10-29 20:25 . 2014-10-29 20:53 -------- d-----w- c:\program files (x86)\Project64 1.6 2014-10-29 20:15 . 2014-10-29 20:15 -------- d-----w- c:\program files (x86)\Activision 2014-10-18 17:01 . 2014-10-18 17:01 -------- d-----w- C:\$WINDOWS.~BT 2014-10-18 16:43 . 2014-10-18 16:43 119808 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe 2014-10-18 15:02 . 2013-07-10 17:42 -------- d-----w- c:\windows\onhax-temp 2014-10-09 13:12 . 2012-01-18 13:47 63088 ----a-w- c:\windows\system32\drivers\vmx86.sys 2014-10-09 13:12 . 2012-01-18 13:47 354416 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe 2014-10-09 13:12 . 2012-01-18 13:47 433264 ----a-w- c:\windows\SysWow64\vmnat.exe 2014-10-09 13:12 . 2012-01-18 13:46 30320 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys 2014-10-09 13:12 . 2012-01-18 13:47 942192 ----a-w- c:\windows\system32\vnetlib64.dll 2014-10-09 13:12 . 2011-08-29 20:11 39024 ----a-w- c:\windows\system32\drivers\hcmon.sys 2014-10-09 13:11 . 2014-10-09 13:11 -------- d-----w- c:\program files (x86)\Common Files\VMware 2014-10-09 13:11 . 2014-10-09 13:11 -------- d-----w- c:\program files\Common Files\VMware 2014-10-08 22:58 . 2014-11-02 18:12 -------- d-----w- c:\users\Joël\AppData\Local\VMware 2014-10-08 22:57 . 2014-10-11 13:56 -------- d-----w- c:\users\Joël\AppData\Roaming\VMware 2014-10-08 22:46 . 2014-11-03 10:28 -------- d-----w- c:\programdata\VMware 2014-10-08 22:46 . 2014-10-09 13:11 -------- d-----w- c:\program files (x86)\VMware 2014-10-08 12:43 . 2014-10-08 12:43 -------- d-----w- c:\program files\Elgato 2014-10-08 12:42 . 2014-10-08 13:03 -------- d-----w- c:\users\Joël\AppData\Local\ub65x 2014-10-08 12:42 . 2014-10-08 12:42 -------- d-----w- c:\users\Joël\AppData\Roaming\Elgato 2014-10-08 12:42 . 2014-10-08 12:42 -------- d-----w- c:\program files (x86)\Elgato 2014-10-07 18:40 . 2014-10-07 18:40 -------- d-----w- c:\users\Joël\AppData\Roaming\Steam 2014-10-07 18:11 . 2014-10-08 08:02 -------- d-----w- c:\program files (x86)\Middle Earth Shadow of Mordor . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-11-01 22:32 . 2014-09-14 20:38 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-10-29 20:25 . 2014-10-29 20:25 40960 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2014-10-29 20:25 . 2014-10-29 20:25 40960 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe 2014-10-18 16:43 . 2014-10-18 16:43 119808 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe 2014-10-18 16:43 . 2014-10-18 16:43 119808 ----a-r- c:\users\Joël\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe 2014-10-02 10:37 . 2014-10-02 10:37 34512 ----a-w- c:\windows\system32\drivers\debutfilterx64.sys 2014-10-01 10:11 . 2014-09-14 20:38 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-10-01 10:11 . 2014-09-14 20:38 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-10-01 10:11 . 2014-09-14 20:38 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-09-15 00:08 . 2014-09-17 17:26 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4D8CCDEF-10B7-4FC7-B866-429F644D59E8}\mpengine.dll 2014-09-14 22:16 . 2014-09-14 22:16 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-09-14 22:16 . 2014-09-14 22:16 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys 2014-09-14 22:16 . 2014-09-14 22:16 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-09-14 22:16 . 2014-09-14 22:16 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-09-14 22:16 . 2014-09-14 22:16 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-09-14 22:16 . 2014-09-14 22:16 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-09-14 22:16 . 2014-09-14 22:16 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-09-14 22:16 . 2014-09-14 22:16 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2014-09-14 22:16 . 2014-09-14 22:16 307344 ----a-w- c:\windows\system32\aswBoot.exe 2014-09-14 22:16 . 2014-09-14 22:16 43152 ----a-w- c:\windows\avastSS.scr 2014-08-30 10:16 . 2010-06-24 18:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2014-08-29 11:01 . 2014-09-14 23:25 101694776 ----a-w- c:\windows\system32\MRT.exe 2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe 2014-08-23 02:07 . 2014-09-14 23:03 404480 ----a-w- c:\windows\system32\gdi32.dll 2014-08-23 01:45 . 2014-09-14 23:03 311808 ----a-w- c:\windows\SysWow64\gdi32.dll 2014-08-23 00:59 . 2014-09-14 23:03 3163648 ----a-w- c:\windows\system32\win32k.sys 2014-08-16 05:56 . 2014-09-14 23:23 1188864 ----a-w- c:\windows\system32\wininet.dll 2014-08-16 05:56 . 2014-09-14 23:23 1538048 ----a-w- c:\windows\system32\urlmon.dll 2014-08-16 05:56 . 2014-09-14 23:23 134144 ----a-w- c:\windows\system32\url.dll 2014-08-16 05:56 . 2014-09-14 23:23 97280 ----a-w- c:\windows\system32\mshtmled.dll 2014-08-16 05:56 . 2014-09-14 23:23 82944 ----a-w- c:\windows\system32\msfeedsbs.dll 2014-08-16 05:56 . 2014-09-14 23:23 735232 ----a-w- c:\windows\system32\msfeeds.dll 2014-08-16 05:56 . 2014-09-14 23:23 9055232 ----a-w- c:\windows\system32\mshtml.dll 2014-08-16 05:56 . 2014-09-14 23:23 64512 ----a-w- c:\windows\system32\jsproxy.dll 2014-08-16 05:56 . 2014-09-14 23:23 2466816 ----a-w- c:\windows\system32\iertutil.dll 2014-08-16 05:56 . 2014-09-14 23:23 247808 ----a-w- c:\windows\system32\ieui.dll 2014-08-16 05:56 . 2014-09-14 23:23 12289024 ----a-w- c:\windows\system32\ieframe.dll 2014-08-16 05:56 . 2014-09-14 23:23 495616 ----a-w- c:\windows\system32\dxtmsft.dll 2014-08-16 05:56 . 2014-09-14 23:23 314880 ----a-w- c:\windows\system32\dxtrans.dll 2014-08-16 05:56 . 2014-09-14 23:23 16384 ----a-w- c:\windows\system32\msfeedssync.exe 2014-08-16 05:56 . 2014-09-14 23:23 47616 ----a-w- c:\windows\system32\mshta.exe 2014-08-16 05:55 . 2014-09-14 23:23 174592 ----a-w- c:\windows\system32\ieUnatt.exe 2014-08-16 05:55 . 2014-09-14 23:23 1538048 ----a-w- c:\windows\system32\inetcpl.cpl 2014-08-16 05:36 . 2014-09-14 23:23 981504 ----a-w- c:\windows\SysWow64\wininet.dll 2014-08-16 05:35 . 2014-09-14 23:23 50176 ----a-w- c:\windows\SysWow64\mshta.exe 2014-08-16 05:35 . 2014-09-14 23:23 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2014-08-16 05:35 . 2014-09-14 23:23 1466368 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2014-08-16 05:05 . 2014-09-14 23:23 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2014-08-16 04:48 . 2014-09-14 23:23 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 131480 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-07-24 21650016] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912] "uTorrent"="c:\users\Joël\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-29 1385808] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-23 6501656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-14 4085896] "vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2012-01-18 103536] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-02-10 61112] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968] "DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-02-14 450560] . c:\users\Joël\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Joël\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2014-5-20 48688] HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] NETGEAR WNA3100 Genie.lnk - c:\program files (x86)\NETGEAR\WNA3100\WNA3100.exe [2014-5-5 8364288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableSecureUIAPath"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x] R2 WSWNA3100;WSWNA3100;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe [x] R3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x] R3 ElgatoGC656Y;Elgato Game Capture HD60;c:\windows\system32\Drivers\ElgatoGC656.sys;c:\windows\SYSNATIVE\Drivers\ElgatoGC656.sys [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x] R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x] R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x] R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x] R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_amd64.sys;c:\windows\SYSNATIVE\drivers\SRS_AE_amd64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 aswRvrt;avast! Revert; [x] S0 aswVmm;avast! VM Monitor; [x] S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x] S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x] S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x] S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x] S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x] S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x] S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys;SysWOW64\drivers\vstor2-mntapi10-shared.sys [x] S3 AVer7231_x64;AVerMedia 7231 capture service;c:\windows\system32\DRIVERS\AVer7231_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer7231_x64.sys [x] S3 debutfilter;Debut Filter Driver v6.40.01;c:\windows\system32\DRIVERS\debutfilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\debutfilterx64.sys [x] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhalt des "geplante Tasks" Ordners . 2014-10-31 c:\windows\Tasks\HPCeeScheduleForJoël.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 2014-09-15 15:25 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-09-14 22:16 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2014-06-24 22:04 164760 ----a-w- c:\users\Joël\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-07 21720] . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.com uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000 IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105 TCP: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL FF - ProfilePath - c:\users\Joël\AppData\Roaming\Mozilla\Firefox\Profiles\7b1fw05a.default\ . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) AddRemove-Call of Duty Modern Warfare 2_is1 - c:\program files (x86)\Activision\Modern Warfare 2\unins001.exe AddRemove-Earthworm Jim 3D - c:\windows\IsUn0407.exe AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2014-11-03 18:35:44 ComboFix-quarantined-files.txt 2014-11-03 17:35 ComboFix2.txt 2014-11-01 23:28 . Vor Suchlauf: 25 Verzeichnis(se), 771'352'436'736 Bytes frei Nach Suchlauf: 26 Verzeichnis(se), 771'075'756'032 Bytes frei . - - End Of File - - 44F580CC72EEED34E55FDF022AA630A4 |
04.11.2014, 10:50 | #6 |
/// the machine /// TB-Ausbilder | Langsames Internet Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Langsames Internet |
Themen zu Langsames Internet |
brauche, heute, hilfe, inter, interne, internet, langsames, langsames internet, plötzlich |