|
Alles rund um Windows: Keine Verbindung zum Benachrichtigungsdienst für SystemereignisseWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
12.05.2015, 18:09 | #1 |
| Problem: Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Hallo zusammen! Ich bin gerade umgezogen und habe, nachdem das Internet dann auch wieder ging, endlich meinen PC angeschlossen. Ich hatte schon seit längerem das Problem, das der Design-Dienst manchmal nicht funktioniert hat und ich ihn neustarten musste. Nun habe ich aber ohne Grund einen Bluescreen bekommen und der PC scheint, nachdem der Küchenfritze leider ein paar Mal den Strom abgedreht hat, neugestartet zu sein und jedes Mal diesen CHKDSH-Check oder so gemacht zu haben. Ich habe allerdings keine Ahnung warum das so ist, wo die Logs gespeichert sind und was sie bedeuten. Auf jeden Fall kommt jetzt auch immer die Meldung, dass keine Verbindung zum Benachrichtigungsdienst für Systemereignisse hergestellt werden konnte und Aero wird nicht angezeigt. Dazu ist der PC viel zu langsam und hängt dauernd. Wenn ich ein PDF Dokument öffnen will, lädt er jetzt nur kurz und nichts passiert. Vorher hat sich sogar der ganze Explorrer dabei aufgehängt. Der PDF-Reader 'erscheint' im Taskmanager geöffnet, lässt sich aber nicht beenden. Der Taskmanager hängt sich auf, weil ich gleichzeitg was in Firefox drücke oder auf Start drücke. Gefühlsmäßig hängt bei jedem zweitem Klick irgendwas. Ich habe vor dem Umzug nichts neu installiert oder so. Ich weiß echt nicht, woran es liegen kann und was ich tun kann Meine Daten: Windows 7 Ultimate 32bit Intel (R) Core i3-3220 CPU @ 3,30GHz (4 CPUs) 4096Mb RAM Nvidia Geforce GT 630 Habe Avast installiert. Die Startzeit-Prüfung hat PUP: NSIS:Crossrider-EJ im AdwCleaner-Quarantäne-Ordner ergeben und das ganze in den Avast-Quarantäne-Ordner verschoben, was allerdings nichts an der Situation verändert hat. Ich hoffe ihr könnt mir helfen! |
12.05.2015, 18:26 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Anleitung / Hilfe Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
12.05.2015, 20:53 | #3 |
| Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Details Hi,
__________________danke für die schnelle Antwort! Nein, andere Scans mit Logs/Funden habe ich nicht gemacht. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015 Ran by Flavia (administrator) on FLAVIA-PC on 12-05-2015 21:47:42 Running from C:\Users\Flavia\Downloads Loaded Profiles: Flavia (Available profiles: Flavia) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Englisch (USA) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Portrait Displays, Inc) C:\Program Files\Portrait Displays\forteManager\dthtml.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe (Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe799_old.tmp (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.) HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] () AppInit_DLLs: ´ê6 => ´ê6 File Not Found ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyServer: [S-1-5-21-4132011797-2711336362-2655832662-1000] => http=localhost:8118;https=localhost:8118;ftp=localhost:8118;socks=localhost:9050 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKLM -> DefaultScope value is missing. BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2011-11-03] () BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - No File Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] () Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] () DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] () Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks) FF Plugin: @qq.com/TXSSO -> C:\Program Files\Common Files\Tencent\TXSSO\1.2.2.37\Bin\npSSOAxCtrlForPTLogin.dll [2013-12-30] (Tencent) FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] () FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks) FF user.js: detected! => C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\user.js [2014-01-16] FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.) FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21] FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21] FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26] FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25] FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-23] Chrome: ======= CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24] CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24] CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08] CHR Extension: (Plus-HD-2.5) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd [2013-11-17] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24] CHR Extension: (电脑管家上网防护) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2015-02-26] CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found] CHR HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Flavia\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-11] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software) R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed] R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.) R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] () S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts) S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed] S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH) S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed] S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] () R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] () R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] () R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation) R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.) S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors) S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.) S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT) S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-12] () R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) S2 adfs; No ImagePath S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X] S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S1 QMUdisk; \??\C:\Program Files\腾讯游戏\QQPCMgr\10.6.15950.224\QMUdisk.sys [X] S3 StarOpen; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 taphss; system32\DRIVERS\taphss.sys [X] S3 taphss6; system32\DRIVERS\taphss6.sys [X] S3 TS888; \??\C:\Program Files\腾讯游戏\QQPCMgr\10.6.15950.224\TS888.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vtany; \??\C:\Windows\vtany.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-12 21:47 - 2015-05-12 21:48 - 00025597 _____ () C:\Users\Flavia\Downloads\FRST.txt 2015-05-12 21:47 - 2015-05-12 21:47 - 00000000 ____D () C:\FRST 2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe 2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software 2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software 2015-05-12 16:02 - 2015-05-12 16:02 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real 2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000 2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package 2015-05-08 14:40 - 2015-05-08 14:40 - 00009928 ____N () C:\bootsqm.dat 2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package 2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip 2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip 2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip 2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package 2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package 2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package 2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package 2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package 2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package 2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package 2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package 2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package 2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip 2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package 2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package 2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package 2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package 2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package 2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package 2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package 2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package 2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package 2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package 2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package 2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package 2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package 2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package 2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package 2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package 2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package 2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package 2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip 2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package 2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package 2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package 2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package 2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package 2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package 2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package 2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package 2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package 2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package 2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package 2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package 2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package 2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package 2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package 2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip 2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package 2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package 2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip 2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package 2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package 2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans Classic Slip-On Core (male) by Pinzombiecupcake.package 2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package 2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package 2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip 2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip 2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip 2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip 2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip 2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip 2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip 2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip 2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package 2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package 2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package 2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package 2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package 2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package 2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package 2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package 2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package 2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package 2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package 2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package 2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package 2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package 2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package 2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip 2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip 2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package 2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package 2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package 2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package 2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package 2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package 2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package 2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package 2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip 2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package 2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package 2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package 2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package 2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package 2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package 2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package 2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package 2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games 2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk 2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk 2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games 2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames 2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip 2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package 2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package 2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package 2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package 2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package 2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package 2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package 2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package 2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package 2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package 2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package 2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package 2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package 2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package 2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip 2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package 2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package 2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package 2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package 2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package 2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package 2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip 2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package 2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip 2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package 2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package 2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package 2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package 2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package 2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package 2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package 2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package 2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package 2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package 2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package 2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip 2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package 2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package 2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package 2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package 2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip 2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package 2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package 2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package 2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package 2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip 2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip 2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package 2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games 2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts 2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin 2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin 2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk 2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4 2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin 2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04 2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList 2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead 2015-04-19 13:58 - 2015-05-12 21:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 09:38 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 09:38 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-04-15 09:38 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-15 09:38 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-15 09:38 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-04-15 09:38 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-04-15 09:38 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-04-15 09:38 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-04-15 09:38 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-15 09:38 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-04-15 09:38 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-15 09:38 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-04-15 09:38 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-15 09:38 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-04-15 09:38 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-04-15 09:38 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-15 09:38 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-04-15 09:38 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-15 09:38 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-04-15 09:38 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-15 09:38 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-15 09:38 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-15 09:38 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-04-15 09:38 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-15 09:38 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-04-15 09:38 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-04-15 09:38 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-15 09:38 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-04-15 09:38 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-15 09:38 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-04-15 09:38 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-04-15 09:38 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-15 09:38 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-15 09:38 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-15 09:38 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-15 09:38 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-15 09:38 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-15 09:38 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-04-15 09:38 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-15 09:38 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-15 09:38 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-15 09:38 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-12 21:38 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard 2015-05-12 19:05 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files 2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software 2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2015-05-12 16:14 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-12 16:14 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-12 16:09 - 2009-12-28 01:26 - 01729234 _____ () C:\Windows\WindowsUpdate.log 2015-05-12 16:07 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia 2015-05-12 16:03 - 2011-09-25 14:34 - 00145038 _____ () C:\Windows\setupact.log 2015-05-12 16:02 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2015-05-12 16:02 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-12 16:01 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-12 16:00 - 2011-09-25 16:31 - 00576054 _____ () C:\Windows\PFRO.log 2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download 2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung 2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss 2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify 2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify 2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2015-05-11 14:18 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat 2015-05-11 14:18 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat 2015-05-11 14:18 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat 2015-05-11 14:18 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat 2015-05-11 14:18 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat 2015-05-11 14:18 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat 2015-05-11 14:18 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-08 14:46 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps 2015-05-06 10:17 - 2015-02-10 18:17 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin 2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin 2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat 2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity 2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks 2015-04-26 18:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente 2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp 2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx 2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe 2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe 2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe 2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java 2015-04-16 09:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-04-15 10:18 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-15 10:10 - 2009-12-27 17:09 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-15 10:09 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body ==================== Files in the root of some directories ======= 2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG 2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin 2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat 2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel 2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg 2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2} 2015-02-27 18:27 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0001.dat 2015-02-25 22:32 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0006.dat 2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Files to move or delete: ==================== C:\ProgramData\DT0001.dat C:\ProgramData\DT0006.dat Some content of TEMP: ==================== C:\Users\Flavia\AppData\Local\temp\dxwebsetup.exe C:\Users\Flavia\AppData\Local\temp\FoxitUpdater.exe C:\Users\Flavia\AppData\Local\temp\jre-8u45-windows-au.exe C:\Users\Flavia\AppData\Local\temp\uninst.exe C:\Users\Flavia\AppData\Local\temp\uninstall_complete.exe C:\Users\Flavia\AppData\Local\temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-05 10:31 ==================== End Of Log ============================ EDIT: Oh Mist, wer lesen kann ist klar im Vorteil, hab die Exe nicht auf dem Desktop gespeichert. Sorry, soll ichs nochmal machen? Geändert von BlueAzure (12.05.2015 um 21:09 Uhr) |
12.05.2015, 20:54 | #4 |
| Lösung: Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015 Ran by Flavia at 2015-05-12 21:48:47 Running from C:\Users\Flavia\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled) Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated) Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - ) Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D) Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team) Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal) CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version: - ) Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.) Echo of Soul (HKLM\...\Echo of Soul) (Version: - ) EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.) forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.) Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.) Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.) Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.) Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.) Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version: - DVDVideoSoft Ltd.) Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel) iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.) Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - ) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft) Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenAL (HKLM\...\OpenAL) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf) Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.) Pando Media Booster Packages (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Pando Media Booster Packages) (Version: - ) <==== ATTENTION PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version: - ) SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB) Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - ) TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH) The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd) Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com) Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios) Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll () CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 03-04-2015 11:18:39 Windows Update 05-04-2015 13:08:17 Windows Update 06-04-2015 10:07:45 Windows Backup 06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0. 06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0. 06-04-2015 11:54:30 Removed Skype™ 6.11 10-04-2015 12:19:34 Windows Update 10-04-2015 17:34:27 avast! antivirus system restore point 12-04-2015 19:00:08 Windows Backup 15-04-2015 09:37:53 Windows Update 15-04-2015 10:02:58 Windows Update 16-04-2015 10:49:16 Installed Java 7 Update 75 18-04-2015 11:11:22 Windows Update 19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later. 20-04-2015 15:59:31 Windows Backup 23-04-2015 16:17:06 Removed Aeria Ignite 25-04-2015 10:07:27 Windows Update 26-04-2015 19:00:12 Windows Backup 29-04-2015 09:27:46 Windows Update 03-05-2015 12:21:03 avast! antivirus system restore point 03-05-2015 19:00:05 Windows Backup 03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 06-05-2015 08:53:50 Windows Update 11-05-2015 14:22:32 Windows Backup 12-05-2015 00:40:46 Removed Samsung Kies ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall" Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\ Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1 Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.) Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\ Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe" Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\ Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault Task: {A6A38923-60C1-4348-AC8F-2908E613B86F} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0 Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated) Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-05-12 00:31 - 2015-05-12 00:31 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15051101\algo.dll 2015-05-12 16:05 - 2015-05-12 16:05 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051200\algo.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2009-12-27 18:54 - 2007-10-11 17:17 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll 2014-10-19 09:06 - 2014-10-19 09:06 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll 2012-11-09 19:04 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-02-22 12:43 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2009-12-27 18:54 - 2007-10-11 17:17 - 00167936 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll 2009-12-27 18:54 - 2007-10-11 17:16 - 00102400 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2009-12-27 18:54 - 2007-10-11 17:17 - 00077824 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll 2009-12-27 18:55 - 2007-10-04 14:36 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\drivers\vista.dll 2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7571 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe" MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe ==================== Faulty Device Manager Devices ============= Name: adfs Description: adfs Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: adfs Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: USB Device(VID_1f3a_PID_efe8) Description: USB Device(VID_1f3a_PID_efe8) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: USB Devices Service: usbUDisc Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: tencent QMUdisk Description: tencent QMUdisk Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: QMUdisk Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/12/2015 09:37:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15506 Error: (05/12/2015 09:37:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15506 Error: (05/12/2015 09:37:49 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/12/2015 04:03:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (05/12/2015 04:03:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (05/12/2015 04:03:08 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (05/12/2015 04:02:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550. Error: (05/12/2015 04:02:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (05/12/2015 04:02:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::ResetBIOS Reset SASD failed, error=0 Error: (05/12/2015 04:02:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::UpdateSASD Failed to set the sleep time, error=0 System errors: ============= Error: (05/12/2015 06:47:24 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Der Dienst "Foxit Cloud Safe Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (05/12/2015 04:02:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (05/12/2015 03:44:07 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:44:06 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:44:05 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:44:03 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:44:02 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:44:01 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:43:08 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (05/12/2015 03:43:07 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Microsoft Office Sessions: ========================= Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time. This session ended with a crash. Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-05-12 21:46:12.422 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 21:40:59.328 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 19:12:05.494 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 18:45:35.565 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 18:35:59.857 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 16:02:41.481 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 12:53:26.964 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 00:44:16.097 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 00:37:16.392 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 00:28:36.241 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Percentage of memory in use: 40% Total physical RAM: 3565.21 MB Available physical RAM: 2123.98 MB Total Pagefile: 7128.71 MB Available Pagefile: 5198.34 MB Total Virtual: 3071.88 MB Available Virtual: 2925.04 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:94.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD) Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
12.05.2015, 21:21 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Wie Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte Malwarebytes Anti-Malware
(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!) 2. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
13.05.2015, 07:55 | #6 |
| Wo Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Lösung! So, obwohl der Benachrichtigungsdienst nun nach jedem Neustart nach den Scans wieder von selbst gestartet ist und Aero funktioniert, hängt sich trotzdem alles dauernd auf. Ich kann einen normalen Doppelklick im Explorer machen und er hängt sich so schlimm auf, dass ich den ganzen PC ausmachen muss. Fast genauso schlimm bei Firefox. (obwohl ich heut morgen einen Moment lang das Gefühl hatte, dass es jetzt wieder okay ist; da hab ich mich wohl geirrt) Es hat schon Ewigkeiten und Neustarts gedauert, bis ich den Log vom AdwCleaner aus dem Explorer öffnen konnte....PDFs werden entweder garnicht geöffnet oder nur nach langer Zeit oder alles hängt sich auf... Ich verstehs echt nicht, was ist denn los? Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 12.05.2015 Suchlauf-Zeit: 22:31:42 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.12.07 Rootkit Datenbank: v2015.04.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Flavia Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 386143 Verstrichene Zeit: 31 Min, 52 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 7 PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test (4354).BackgroundHostObject, In Quarantäne, [6f58464cfb8fe74fa9d48f9250b418e8], PUP.Optional.SpeedTest.A, HKLM\SOFTWARE\CLASSES\Speed Test (4354).BackgroundHostObject.1, In Quarantäne, [a91eb6dcdcae0d29a0dd7aa77c8858a8], PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.5, In Quarantäne, [9e292e64afdb58dece0630e4af5527d9], PUP.Optional.PlusHD.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.5, In Quarantäne, [b611f0a2c5c553e3c01427ed18ec1ee2], PUP.Optional.SearchElf.C, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\APPDATALOW\SOFTWARE\SearchElf_1.2, In Quarantäne, [f1d6632f42483df9eb9f706aa3601ce4], PUP.Optional.InstallCore.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [e3e4533fa4e63afc2badb070758f857b], PUP.Optional.InstallCore.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [4780e1b1fe8c9b9b218187af02037987], Registrierungswerte: 1 PUP.Optional.InstallCore.A, HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, In Quarantäne, [4780e1b1fe8c9b9b218187af02037987] Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 17 PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\userCode, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\actions, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\popupResource, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.OpenCandy, C:\Users\Flavia\AppData\Roaming\OpenCandy, In Quarantäne, [1ea92e6490fa2c0ada352c744eb5ff01], PUP.Optional.OpenCandy, C:\Users\Flavia\AppData\Roaming\OpenCandy\DFBD94179E1749C080B69A455ED8CE58, In Quarantäne, [1ea92e6490fa2c0ada352c744eb5ff01], PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858], PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me\cache, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858], PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24], PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc, In Quarantäne, [9433197948420f27315b8a2c44bf53ad], Dateien: 93 PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\crossriderManifest.json, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\background.html, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\manifest.json, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\popup.html, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\manifest.xml, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins.json, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\102_dealply_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\105_corticas_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\108_icm_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\120_luck_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\178_revizer_ws_dynamic_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\179_revizer_p_dynamic_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\17_jQuery.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\19_CHAppAPIWrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\1_base.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\21_debug.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\22_resources.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\28_initializer.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\47_resources_background.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\7_hooks.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\80_CHPopupAppAPI.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\97_resourceApiWrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\userCode\background.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\extensionData\userCode\extension.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\icon128.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\icon16.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\icon48.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\icons\actions\1.png, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\background.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\main.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\chrome.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\cookie.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\message.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\pageAction.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\api\pageActionBG.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\app_api.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\bg_app_api.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\consts.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\cookie_store.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\crossriderAPI.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\delegate.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\events.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\extensionDataStore.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\installer.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\logFile.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\logging.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\reports.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\storageWrapper.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\updateManager.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\util.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\xhr.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\popupResource\newPopup.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.CrossRider.A, C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd\1.25.80_0\js\lib\popupResource\popup.js, In Quarantäne, [c9fedeb46e1c8baba69dabba34d1b54b], PUP.Optional.OpenCandy, C:\Users\Flavia\AppData\Roaming\OpenCandy\DFBD94179E1749C080B69A455ED8CE58\PokkiInstaller.exe, In Quarantäne, [1ea92e6490fa2c0ada352c744eb5ff01], PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858], PUP.Optional.NextLive.A, C:\Users\Flavia\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [3a8df89a3555e25494fbfca553b0a858], PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354\install_helper.exe, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24], PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354\speedtest4354.crx, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24], PUP.Optional.SpeedTest.A, C:\Users\Flavia\AppData\Roaming\speedtest4354\speedtest4354DeskTopIcon.ico, In Quarantäne, [1fa82171d7b371c5e0d1356c1de6dc24], PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc\config.dat, In Quarantäne, [9433197948420f27315b8a2c44bf53ad], PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc\STTL.DAT, In Quarantäne, [9433197948420f27315b8a2c44bf53ad], PUP.Optional.Updater.A, C:\Users\Flavia\AppData\Roaming\FoxTab\UpdateProc\TTL.DAT, In Quarantäne, [9433197948420f27315b8a2c44bf53ad], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.204 - Bericht erstellt 12/05/2015 um 23:33:07 # Aktualisiert 12/05/2015 von Xplode # Datenbank : 2015-05-12.2 [Server] # Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86) # Benutzername : Flavia - FLAVIA-PC # Gestarted von : C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : TS888 [#] Dienst Gelöscht : QMUdisk ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Flavia\Favorites\StumbleUpon Ordner Gelöscht : C:\Program Files\Uniblue Ordner Gelöscht : C:\Program Files\Common Files\tencent Ordner Gelöscht : C:\Windows\system32\tencent Ordner Gelöscht : C:\Windows\system32\config\systemprofile\AppData\Roaming\tencent Ordner Gelöscht : C:\Users\Flavia\AppData\Local\emaze Ordner Gelöscht : C:\Users\Flavia\AppData\Local\genienext Ordner Gelöscht : C:\Users\Flavia\AppData\Local\Mobogenie Ordner Gelöscht : C:\Users\Flavia\AppData\LocalLow\HPAppData Ordner Gelöscht : C:\Users\Flavia\AppData\Roaming\FoxTab Ordner Gelöscht : C:\Users\Flavia\AppData\Roaming\KingSoft Ordner Gelöscht : C:\Users\Flavia\AppData\Roaming\tencent Ordner Gelöscht : C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm Datei Gelöscht : C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\user.js Datei Gelöscht : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js ***** [ Geplante Tasks ] ***** Task Gelöscht : RunAsStdUser Task for VeohWebPlayer ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Schlüssel Gelöscht : HKCU\Software\Classes\pokki Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon] Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2} Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft Schlüssel Gelöscht : HKLM\SOFTWARE\VBMZ Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee for Microsoft PowerPoint Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=localhost:8118;hxxps=localhost:8118;ftp=localhost:8118;socks=localhost:9050 Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - localhost;127.0.01;<local> ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17728 -\\ Mozilla Firefox v37.0.2 (x86 de) -\\ Google Chrome v [C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms} [C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=3212_2&babsrc=SP_ss&mntrId=2a21be6200000000000000ff9e5a681c -\\ Chromium v ************************* AdwCleaner[R0].txt - [4594 Bytes] - [12/05/2015 23:32:14] AdwCleaner[S0].txt - [4251 Bytes] - [12/05/2015 23:33:07] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4310 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.7.0 (05.09.2015:1) OS: Windows 7 Ultimate x86 Ran by Flavia on 13.05.2015 at 7:59:04.00 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\drivergenius Successfully deleted: [Folder] C:\Users\Flavia\AppData\Roaming\getrighttogo Successfully deleted: [Folder] C:\Windows\System32\ai_recyclebin ~~~ FireFox Emptied folder: C:\Users\Flavia\AppData\Roaming\mozilla\firefox\profiles\ppf858wc.default\minidumps [84 files] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13.05.2015 at 8:01:52.62 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015 Ran by Flavia (administrator) on FLAVIA-PC on 13-05-2015 08:04:53 Running from C:\Users\Flavia\Desktop Loaded Profiles: Flavia (Available profiles: Flavia) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Englisch (USA) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] () AppInit_DLLs: ´ê6 => ´ê6 File Not Found ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - No File Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - No File Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] () Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks) FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] () FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.) FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21] FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21] FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26] FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25] FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30] Chrome: ======= CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24] CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24] CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24] CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software) S2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed] S2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.) R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] () S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] S2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.) S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts) S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed] S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH) S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed] S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] () R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] () R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] () R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation) R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.) S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors) S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.) S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT) S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-13] () R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) S2 adfs; No ImagePath S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X] S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 StarOpen; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 taphss; system32\DRIVERS\taphss.sys [X] S3 taphss6; system32\DRIVERS\taphss6.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vtany; \??\C:\Windows\vtany.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-13 08:04 - 2015-05-13 08:05 - 00023017 _____ () C:\Users\Flavia\Desktop\FRST.txt 2015-05-13 08:04 - 2015-05-13 08:04 - 01141248 _____ (Farbar) C:\Users\Flavia\Desktop\FRST.exe 2015-05-13 08:01 - 2015-05-13 08:01 - 00001465 _____ () C:\Users\Flavia\Desktop\JRT.txt 2015-05-13 07:59 - 2015-05-13 07:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FLAVIA-PC-Windows-7-Ultimate-(32-bit).dat 2015-05-13 07:59 - 2015-05-13 07:59 - 00000000 ____D () C:\RegBackup 2015-05-13 07:43 - 2015-05-13 07:59 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2015-05-12 23:32 - 2015-05-12 23:33 - 00000000 ____D () C:\AdwCleaner 2015-05-12 23:29 - 2015-05-12 23:27 - 02720307 _____ (Thisisu) C:\Users\Flavia\Desktop\JRT.exe 2015-05-12 23:29 - 2015-05-12 23:26 - 02209792 _____ () C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe 2015-05-12 23:21 - 2015-05-12 23:21 - 00026009 _____ () C:\Users\Flavia\Desktop\mbam.txt 2015-05-12 22:31 - 2015-05-12 23:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-12 22:30 - 2015-05-12 22:30 - 00001028 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-05-12 22:30 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-12 22:30 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-12 22:30 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-12 22:29 - 2015-05-12 22:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Flavia\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-12 21:48 - 2015-05-12 21:50 - 00079509 _____ () C:\Users\Flavia\Downloads\Addition.txt 2015-05-12 21:47 - 2015-05-13 08:04 - 00000000 ____D () C:\FRST 2015-05-12 21:47 - 2015-05-12 21:50 - 00064531 _____ () C:\Users\Flavia\Downloads\FRST.txt 2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe 2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software 2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software 2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real 2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000 2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package 2015-05-08 14:40 - 2015-05-08 14:40 - 00009928 ____N () C:\bootsqm.dat 2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package 2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip 2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip 2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip 2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package 2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package 2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package 2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package 2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package 2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package 2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package 2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package 2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package 2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip 2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package 2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package 2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package 2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package 2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package 2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package 2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package 2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package 2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package 2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package 2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package 2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package 2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package 2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package 2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package 2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package 2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package 2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package 2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip 2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package 2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package 2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package 2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package 2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package 2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package 2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package 2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package 2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package 2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package 2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package 2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package 2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package 2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package 2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package 2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip 2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package 2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package 2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip 2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package 2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package 2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans Classic Slip-On Core (male) by Pinzombiecupcake.package 2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package 2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package 2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip 2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip 2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip 2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip 2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip 2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip 2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip 2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip 2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package 2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package 2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package 2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package 2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package 2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package 2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package 2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package 2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package 2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package 2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package 2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package 2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package 2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package 2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package 2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip 2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip 2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package 2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package 2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package 2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package 2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package 2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package 2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package 2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package 2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip 2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package 2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package 2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package 2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package 2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package 2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package 2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package 2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package 2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games 2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk 2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk 2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games 2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames 2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip 2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package 2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package 2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package 2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package 2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package 2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package 2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package 2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package 2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package 2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package 2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package 2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package 2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package 2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package 2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip 2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package 2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package 2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package 2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package 2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package 2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package 2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip 2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package 2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip 2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package 2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package 2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package 2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package 2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package 2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package 2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package 2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package 2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package 2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package 2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package 2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip 2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package 2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package 2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package 2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package 2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip 2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package 2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package 2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package 2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package 2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip 2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip 2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package 2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games 2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts 2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin 2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin 2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk 2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4 2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin 2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04 2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList 2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead 2015-04-19 13:58 - 2015-05-12 23:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 09:38 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 09:38 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-04-15 09:38 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-04-15 09:38 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-04-15 09:38 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-04-15 09:38 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-04-15 09:38 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-04-15 09:38 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-04-15 09:38 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-04-15 09:38 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-04-15 09:38 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-04-15 09:38 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-04-15 09:38 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-04-15 09:38 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-04-15 09:38 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-04-15 09:38 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-04-15 09:38 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-04-15 09:38 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-04-15 09:38 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-04-15 09:38 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-04-15 09:38 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-04-15 09:38 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-04-15 09:38 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-04-15 09:38 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-04-15 09:38 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-04-15 09:38 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-04-15 09:38 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-04-15 09:38 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-04-15 09:38 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-04-15 09:38 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-04-15 09:38 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-04-15 09:38 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-04-15 09:38 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-04-15 09:38 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-04-15 09:38 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-04-15 09:38 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-04-15 09:38 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-04-15 09:38 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-04-15 09:38 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-04-15 09:38 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-04-15 09:38 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-04-15 09:38 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-04-15 09:38 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-04-15 09:38 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-13 08:02 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps 2015-05-13 07:59 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2015-05-13 07:59 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files 2015-05-13 07:52 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-13 07:52 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-13 07:49 - 2009-12-28 01:26 - 01756880 _____ () C:\Windows\WindowsUpdate.log 2015-05-13 07:45 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard 2015-05-13 07:44 - 2011-09-25 14:34 - 00145542 _____ () C:\Windows\setupact.log 2015-05-13 07:43 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-13 07:43 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-13 07:42 - 2011-09-25 16:31 - 00623506 _____ () C:\Windows\PFRO.log 2015-05-12 23:32 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat 2015-05-12 23:32 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat 2015-05-12 23:32 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat 2015-05-12 23:32 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat 2015-05-12 23:32 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat 2015-05-12 23:32 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat 2015-05-12 23:32 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-12 23:11 - 2011-03-30 17:25 - 00000000 ____D () C:\Windows\Minidump 2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software 2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2015-05-12 16:07 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia 2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download 2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung 2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss 2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify 2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify 2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin 2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat 2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity 2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks 2015-04-26 18:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente 2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp 2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx 2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe 2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe 2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe 2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java 2015-04-16 09:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2015-04-15 10:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-04-15 10:18 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT 2015-04-15 10:10 - 2009-12-27 17:09 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-04-15 10:09 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body ==================== Files in the root of some directories ======= 2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG 2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin 2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat 2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel 2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg 2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2} 2015-02-27 18:27 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0001.dat 2015-02-25 22:32 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0006.dat 2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Files to move or delete: ==================== C:\ProgramData\DT0001.dat C:\ProgramData\DT0006.dat Some content of TEMP: ==================== C:\Users\Flavia\AppData\Local\temp\dxwebsetup.exe C:\Users\Flavia\AppData\Local\temp\FoxitUpdater.exe C:\Users\Flavia\AppData\Local\temp\jre-8u45-windows-au.exe C:\Users\Flavia\AppData\Local\temp\Quarantine.exe C:\Users\Flavia\AppData\Local\temp\sqlite3.dll C:\Users\Flavia\AppData\Local\temp\uninst.exe C:\Users\Flavia\AppData\Local\temp\uninstall_complete.exe C:\Users\Flavia\AppData\Local\temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-05 10:31 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Geändert von BlueAzure (13.05.2015 um 08:32 Uhr) |
13.05.2015, 12:48 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
13.05.2015, 17:32 | #8 |
| Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Huch, dachte ich hätte die Addition.txt angehängt. Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015 Ran by Flavia at 2015-05-13 08:05:46 Running from C:\Users\Flavia\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled) Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated) Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - ) Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D) Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team) Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal) CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version: - ) Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.) Echo of Soul (HKLM\...\Echo of Soul) (Version: - ) EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.) forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.) Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.) Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.) Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.) Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.) Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version: - DVDVideoSoft Ltd.) Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel) iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.) Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - ) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft) Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenAL (HKLM\...\OpenAL) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf) Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.) Pando Media Booster Packages (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Pando Media Booster Packages) (Version: - ) <==== ATTENTION PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version: - ) SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB) Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - ) TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH) The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd) Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios) Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll () CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 03-04-2015 11:18:39 Windows Update 05-04-2015 13:08:17 Windows Update 06-04-2015 10:07:45 Windows Backup 06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0. 06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0. 06-04-2015 11:54:30 Removed Skype™ 6.11 10-04-2015 12:19:34 Windows Update 10-04-2015 17:34:27 avast! antivirus system restore point 12-04-2015 19:00:08 Windows Backup 15-04-2015 09:37:53 Windows Update 15-04-2015 10:02:58 Windows Update 16-04-2015 10:49:16 Installed Java 7 Update 75 18-04-2015 11:11:22 Windows Update 19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later. 20-04-2015 15:59:31 Windows Backup 23-04-2015 16:17:06 Removed Aeria Ignite 25-04-2015 10:07:27 Windows Update 26-04-2015 19:00:12 Windows Backup 29-04-2015 09:27:46 Windows Update 03-05-2015 12:21:03 avast! antivirus system restore point 03-05-2015 19:00:05 Windows Backup 03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 06-05-2015 08:53:50 Windows Update 11-05-2015 14:22:32 Windows Backup 12-05-2015 00:40:46 Removed Samsung Kies ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall" Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\ Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1 Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.) Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\ Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe" Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\ Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0 Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated) Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-05-12 22:32 - 2015-05-12 22:32 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051202\algo.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-03-19 13:54 - 2015-03-19 13:54 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7571 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe" MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe ==================== Faulty Device Manager Devices ============= Name: adfs Description: adfs Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: adfs Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: USB Device(VID_1f3a_PID_efe8) Description: USB Device(VID_1f3a_PID_efe8) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: USB Devices Service: usbUDisc Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/13/2015 08:01:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: DropboxExt.24.dll, Version: 1.0.0.24, Zeitstempel: 0x53a8c6fe Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000732b ID des fehlerhaften Prozesses: 0xb58 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::ResetBIOS Reset SASD failed, error=0 Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::UpdateSASD Failed to set the sleep time, error=0 Error: (05/13/2015 07:59:36 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CISCTPnpDriverApi::SetBIOSWakeTime *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2 Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::ResetBIOS Reset SASD failed, error=0 Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::UpdateSASD Failed to set the sleep time, error=0 Error: (05/13/2015 07:43:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CISCTPnpDriverApi::SetBIOSWakeTime *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2 Error: (05/12/2015 11:34:53 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 System errors: ============= Error: (05/13/2015 08:00:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Media Player Network Sharing Service" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/13/2015 07:59:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "ISCT Always Updated Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Restart the service. Error: (05/13/2015 07:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Foxit Cloud Safe Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/13/2015 07:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Portrait Displays Display Tune Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/13/2015 07:59:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office Sessions: ========================= Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time. This session ended with a crash. Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-05-13 08:04:52.782 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 07:58:57.406 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 07:43:26.827 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 23:34:49.486 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 23:29:05.418 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 23:19:56.247 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 23:12:43.972 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 23:06:44.617 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 22:30:05.935 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-12 22:11:02.800 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Percentage of memory in use: 45% Total physical RAM: 3565.21 MB Available physical RAM: 1933.72 MB Total Pagefile: 7128.71 MB Available Pagefile: 5218.18 MB Total Virtual: 3071.88 MB Available Virtual: 2944.43 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:94.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD) Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
13.05.2015, 17:53 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
13.05.2015, 18:42 | #10 |
| Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse [gelöst] So, hab das mit den Pando Media Booster Packages gemacht. Den Google Update Helper habe ich anscheinend nicht. Den normalen Pando Media Booster soll ich aber nicht auswählen ja? (kann man mit dem Programm auch Anwendungen löschen, die sich nicht mehr auf normale Weise deinstallieren lassen?) |
13.05.2015, 18:47 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse [gelöst] Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
13.05.2015, 18:54 | #12 |
| Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse [gelöst] FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2015 Ran by Flavia (administrator) on FLAVIA-PC on 13-05-2015 19:50:59 Running from C:\Users\Flavia\Desktop Loaded Profiles: Flavia (Available profiles: Flavia) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Englisch (USA) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SurfRight B.V.) C:\Program Files\HitmanPro.Alert\hmpalert.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe (Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Portrait Displays, Inc) C:\Program Files\Portrait Displays\forteManager\dthtml.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Akamai Technologies, Inc.) C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe (Portrait Displays Inc.) C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [DT LGE] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-10-11] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Flavia\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-02-22] () AppInit_DLLs: ´ê6 => ´ê6 File Not Found ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-03] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll No File BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-10] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - No File Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - No File Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} https://wstatic.plaync.co.kr/common/UniUpdate/NCLoader.8.cab DPF: {640044E9-92A3-4B89-A615-1F65354D3A65} hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} hxxp://lads.myspace.com/upload/MySpaceUploader2.cab DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] () Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-19] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks) FF Plugin: @real.com/nppl3260;version=6.0.11.2852 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll No File FF Plugin: @real.com/nprjplug;version=1.0.3.732 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll No File FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.46 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2008-06-03] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.732 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll No File FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll [2009-10-19] () FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-4132011797-2711336362-2655832662-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-02-22] (Pando Networks) FF Plugin ProgramFiles/Appdata: C:\Users\Flavia\AppData\Roaming\mozilla\plugins\npDXStudioPlugin.DLL [2010-01-26] (Worldweaver Ltd.) FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-images.xml [2014-12-21] FF SearchPlugin: C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\searchplugins\google-maps.xml [2014-12-21] FF Extension: WOT - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26] FF Extension: Adblock Plus - C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Profiles\ppf858wc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-31] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-09-25] FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Firefox\Extensions: [{282BBB71-6301-4E39-9F74-00210BB4E0B3}] - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} FF Extension: XULRunner - C:\Users\Flavia\AppData\Local\{282BBB71-6301-4E39-9F74-00210BB4E0B3} [2011-04-30] Chrome: ======= CHR Profile: C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-24] CHR Extension: (Google Search) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-24] CHR Extension: (avast! WebRep) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-03-08] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-02-24] CHR Extension: (Gmail) - C:\Users\Flavia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-24] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [Not Found] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-03] (Avast Software) R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-27] (Microsoft Corporation) R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-10-11] () [File not signed] R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.) R2 hmpalertsvc; C:\Program Files\HitmanPro.Alert\hmpalert.exe [1876816 2014-12-20] (SurfRight B.V.) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [116224 2012-02-09] () S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed] S3 npggsvc; C:\Windows\system32\GameMon.des [4573608 2013-05-13] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-03] (Electronic Arts) S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2012-06-21] (Overwolf Ltd) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S3 xsherlock; C:\Windows\system32\xsherlock.xem [670816 2012-07-01] (Wellbia.com Co., Ltd.) [File not signed] S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH) S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-03-16] () [File not signed] S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-01-08] () R1 AsrAppCharger; C:\Windows\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (Windows (R) Win 7 DDK provider) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-03] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-03] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-03] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-03] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-03] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427992 2015-05-03] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-03] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-03] () R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [75640 2014-12-20] () R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21952 2012-02-09] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21952 2012-02-09] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [40936 2013-01-19] () R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation) R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [734208 2009-05-25] (Ralink Technology Corp.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation) R3 PdiPorts; C:\Windows\System32\Drivers\PdiPorts.sys [15920 2006-11-16] (Portrait Displays, Inc.) S3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors) S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3328472 2011-07-28] (Windows (R) Win 7 DDK provider) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-06-17] (Duplex Secure Ltd.) S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) S3 TesSafe; C:\Windows\system32\TesSafe.sys [834832 2015-03-06] (TENCENT) S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-28] (Scott) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-03] (Avast Software) R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [31680 2015-05-13] () R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.) S2 adfs; No ImagePath S3 catchme; \??\C:\Users\Flavia\AppData\Local\Temp\catchme.sys [X] S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 StarOpen; No ImagePath S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 taphss; system32\DRIVERS\taphss.sys [X] S3 taphss6; system32\DRIVERS\taphss6.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vtany; \??\C:\Windows\vtany.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-13 19:50 - 2015-05-13 19:51 - 00024688 _____ () C:\Users\Flavia\Desktop\Main.txt 2015-05-13 19:49 - 2015-05-13 19:49 - 00000000 ____D () C:\Users\Flavia\Desktop\FRST-OlderVersion 2015-05-13 19:31 - 2015-05-13 19:31 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Flavia\Downloads\revosetup95.exe 2015-05-13 19:31 - 2015-05-13 19:31 - 00001190 _____ () C:\Users\Flavia\Desktop\Revo Uninstaller.lnk 2015-05-13 19:31 - 2015-05-13 19:31 - 00000000 ____D () C:\Program Files\VS Revo Group 2015-05-13 15:45 - 2015-05-13 15:45 - 00086976 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp 2015-05-13 15:26 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 15:14 - 2015-05-13 15:23 - 00000000 ____D () C:\5e70d9db387db9995457cc6f15b48b 2015-05-13 10:35 - 2015-05-13 10:35 - 00145871 _____ () C:\Users\Flavia\Downloads\Robe-rose.package 2015-05-13 10:07 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-05-13 10:07 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 10:07 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 10:07 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 10:07 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 10:07 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 10:07 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 10:07 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 10:07 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 10:07 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 10:07 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 10:07 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 10:07 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 10:07 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 10:07 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 10:07 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 10:07 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 10:07 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 10:07 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 10:07 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 10:07 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 10:07 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 10:07 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 10:07 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 10:07 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 10:07 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 10:07 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 10:07 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 10:07 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 10:07 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 10:07 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 10:07 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 10:07 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 10:07 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 10:07 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 10:07 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 10:07 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 10:07 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 10:07 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 10:07 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 10:07 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 10:07 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 10:07 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 10:07 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 10:07 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 10:07 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 10:07 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 10:07 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 10:07 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 10:07 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 10:07 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 10:07 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 10:06 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 10:06 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 10:06 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 10:06 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 10:06 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 10:06 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 10:06 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 10:06 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 10:06 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 10:06 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 10:05 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-13 08:43 - 2015-05-13 08:43 - 00004390 _____ () C:\Users\Flavia\Desktop\AdwCleaner[S0].txt 2015-05-13 08:05 - 2015-05-13 08:07 - 00078781 _____ () C:\Users\Flavia\Desktop\Addition.txt 2015-05-13 08:04 - 2015-05-13 19:49 - 01143808 _____ (Farbar) C:\Users\Flavia\Desktop\FRST.exe 2015-05-13 08:04 - 2015-05-13 08:07 - 00064025 _____ () C:\Users\Flavia\Desktop\FRST.txt 2015-05-13 08:01 - 2015-05-13 08:01 - 00001465 _____ () C:\Users\Flavia\Desktop\JRT.txt 2015-05-13 07:59 - 2015-05-13 07:59 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FLAVIA-PC-Windows-7-Ultimate-(32-bit).dat 2015-05-13 07:59 - 2015-05-13 07:59 - 00000000 ____D () C:\RegBackup 2015-05-12 23:32 - 2015-05-12 23:33 - 00000000 ____D () C:\AdwCleaner 2015-05-12 23:29 - 2015-05-12 23:27 - 02720307 _____ (Thisisu) C:\Users\Flavia\Desktop\JRT.exe 2015-05-12 23:29 - 2015-05-12 23:26 - 02209792 _____ () C:\Users\Flavia\Desktop\AdwCleaner_4.204.exe 2015-05-12 23:21 - 2015-05-12 23:21 - 00026009 _____ () C:\Users\Flavia\Desktop\mbam.txt 2015-05-12 22:31 - 2015-05-12 23:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-12 22:30 - 2015-05-12 22:30 - 00001028 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-12 22:30 - 2015-05-12 22:30 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-05-12 22:30 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-12 22:30 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-12 22:30 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-12 22:29 - 2015-05-12 22:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Flavia\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-12 21:48 - 2015-05-12 21:50 - 00079509 _____ () C:\Users\Flavia\Downloads\Addition.txt 2015-05-12 21:47 - 2015-05-13 19:51 - 00000000 ____D () C:\FRST 2015-05-12 21:47 - 2015-05-12 21:50 - 00064531 _____ () C:\Users\Flavia\Downloads\FRST.txt 2015-05-12 21:45 - 2015-05-12 21:45 - 01141248 _____ (Farbar) C:\Users\Flavia\Downloads\FRST.exe 2015-05-12 18:47 - 2015-05-12 18:47 - 00002059 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2015-05-12 18:47 - 2015-05-12 18:47 - 00000000 ____D () C:\Users\Public\Foxit Software 2015-05-12 18:46 - 2015-05-12 18:46 - 00000000 ____D () C:\Program Files\Foxit Software 2015-05-12 00:47 - 2015-05-12 00:47 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Real 2015-05-11 19:45 - 2015-05-11 19:45 - 00000000 __SHD () C:\found.000 2015-05-11 18:20 - 2015-04-18 11:03 - 00272296 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2015-05-11 18:20 - 2015-04-18 11:03 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2015-05-08 14:49 - 2015-05-08 14:49 - 00108513 _____ () C:\Users\Flavia\Downloads\Swim Suit v2.package 2015-05-08 14:25 - 2015-05-08 14:25 - 00412306 _____ () C:\Users\Flavia\Downloads\Sims4Krampus_RandomBathingsuits.package 2015-05-08 14:25 - 2015-05-08 14:25 - 00412243 _____ () C:\Users\Flavia\Downloads\1271248.zip 2015-05-08 14:20 - 2015-05-08 14:20 - 11148041 _____ () C:\Users\Flavia\Downloads\1274607.zip 2015-05-08 14:19 - 2015-05-08 14:19 - 00247066 _____ () C:\Users\Flavia\Downloads\1294924.zip 2015-05-08 14:08 - 2015-05-08 14:18 - 00466431 _____ () C:\Users\Flavia\Downloads\Birba32_fy_BulletSwimsuit.package 2015-05-08 14:05 - 2015-05-08 14:07 - 00530134 _____ () C:\Users\Flavia\Downloads\Birba32_fy_AlphaStringSwimsuit.package 2015-05-08 13:51 - 2015-05-08 13:51 - 00559198 _____ () C:\Users\Flavia\Downloads\Leather vest with tube top [CB].package 2015-05-08 13:51 - 2015-05-08 13:51 - 00326145 _____ () C:\Users\Flavia\Downloads\1Z_outfit_fem_sunny_Otshorts_neu3F.package 2015-05-07 21:35 - 2015-05-07 21:35 - 01135032 _____ () C:\Users\Flavia\Downloads\uktrash_SundaySweaterDress.package 2015-05-07 21:35 - 2015-05-07 21:35 - 00143756 _____ () C:\Users\Flavia\Downloads\Wolfcry_LaceJeansShort.package 2015-05-07 21:31 - 2015-05-07 21:31 - 01485427 _____ () C:\Users\Flavia\Downloads\S4_DelicateLace_Mh75.package 2015-05-07 21:30 - 2015-05-07 21:30 - 00638215 _____ () C:\Users\Flavia\Downloads\Simsimay_2DyBlazer.package 2015-05-07 21:29 - 2015-05-07 21:29 - 00460843 _____ () C:\Users\Flavia\Downloads\uktrash_CropTankTop.package 2015-05-07 21:29 - 2015-05-07 21:29 - 00411079 _____ () C:\Users\Flavia\Downloads\1285044.zip 2015-05-07 21:28 - 2015-05-07 21:28 - 00292353 _____ () C:\Users\Flavia\Downloads\simsoertchen_white top sexy - kawaii -.package 2015-05-07 21:27 - 2015-05-07 21:27 - 00252514 _____ () C:\Users\Flavia\Downloads\Printed Crop tops.package 2015-05-07 21:27 - 2015-05-07 21:27 - 00151527 _____ () C:\Users\Flavia\Downloads\longlivetherecklessandthesims_yfTop_SweaterOffShoulder_AWG.package 2015-05-07 21:24 - 2015-05-07 21:24 - 00646329 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_LaceBodycon (1).package 2015-05-07 21:24 - 2015-05-07 21:24 - 00587743 _____ () C:\Users\Flavia\Downloads\LollaLeeloo_F_Longsleeve.package 2015-05-07 21:23 - 2015-05-07 21:23 - 01913334 _____ () C:\Users\Flavia\Downloads\uktrash_BasicsLongSleeve.package 2015-05-07 21:23 - 2015-05-07 21:23 - 00923513 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Stripe Print Knitted Dress.package 2015-05-07 21:22 - 2015-05-07 21:22 - 00493988 _____ () C:\Users\Flavia\Downloads\~Zodapop~ (S4) Tartan Check Crop Top.package 2015-05-07 21:18 - 2015-05-07 21:18 - 02086542 _____ () C:\Users\Flavia\Downloads\Metens_Serenity.package 2015-05-07 21:17 - 2015-05-07 21:17 - 00210168 _____ () C:\Users\Flavia\Downloads\2.package 2015-05-07 21:07 - 2015-05-07 21:07 - 01212670 _____ () C:\Users\Flavia\Downloads\Birba32_fy_winterbootpastel.package 2015-05-07 21:06 - 2015-05-07 21:06 - 00971151 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 eyecolors 09.package 2015-05-07 21:05 - 2015-05-07 21:05 - 01860807 _____ () C:\Users\Flavia\Downloads\SL_yf_ZuhairMurad_Gown1.package 2015-05-07 21:03 - 2015-05-07 21:03 - 00805049 _____ () C:\Users\Flavia\Downloads\BL_Sequin Blazer.package 2015-05-07 11:44 - 2015-05-07 11:44 - 00321678 _____ () C:\Users\Flavia\Downloads\S4FD_MissLicious_Tanks.package 2015-05-07 11:44 - 2015-05-07 11:44 - 00132781 _____ () C:\Users\Flavia\Downloads\Jeans.package 2015-05-07 11:42 - 2015-05-07 11:42 - 00291721 _____ () C:\Users\Flavia\Downloads\top renda dani's.package 2015-05-07 11:41 - 2015-05-07 11:41 - 00169125 _____ () C:\Users\Flavia\Downloads\cutesims4_gtw top india.package 2015-05-07 11:40 - 2015-05-07 11:40 - 01976727 _____ () C:\Users\Flavia\Downloads\1294014.zip 2015-05-07 11:39 - 2015-05-07 11:39 - 01373730 _____ () C:\Users\Flavia\Downloads\Birba32_fy_LaceCipriaDress.package 2015-05-07 11:39 - 2015-05-07 11:39 - 00345945 _____ () C:\Users\Flavia\Downloads\Cleotopia-MiniShortsRippedColorful.package 2015-05-07 11:38 - 2015-05-07 11:38 - 00504146 _____ () C:\Users\Flavia\Downloads\Spring Dress set.package 2015-05-07 11:37 - 2015-05-07 11:37 - 00668569 _____ () C:\Users\Flavia\Downloads\Milk Lace Dress.package 2015-05-07 11:37 - 2015-05-07 11:37 - 00074451 _____ () C:\Users\Flavia\Downloads\cutesims4_romantic_White_Tube.package 2015-05-07 11:36 - 2015-05-07 11:36 - 00500120 _____ () C:\Users\Flavia\Downloads\Aztec Top by Pinkzombiecupcake.package 2015-05-07 11:36 - 2015-05-07 11:36 - 00451796 _____ () C:\Users\Flavia\Downloads\Blusa Renda Branca.package 2015-05-07 11:33 - 2015-05-07 11:33 - 00090648 _____ () C:\Users\Flavia\Downloads\Leeah_yfShoes_CalfCowboy_SuedeChocolate.package 2015-05-07 11:30 - 2015-05-07 11:30 - 00607019 _____ () C:\Users\Flavia\Downloads\Madlen Scafati Boots.package 2015-05-07 11:30 - 2015-05-07 11:30 - 00403762 _____ () C:\Users\Flavia\Downloads\Madlen Cirino Shoes.package 2015-05-07 11:29 - 2015-05-07 11:29 - 00710251 _____ () C:\Users\Flavia\Downloads\Madlen Tiziano Shoes.package 2015-05-07 11:29 - 2015-05-07 11:29 - 00511975 _____ () C:\Users\Flavia\Downloads\Madlen Umbria Shoes.package 2015-05-07 11:28 - 2015-05-07 11:28 - 00387493 _____ () C:\Users\Flavia\Downloads\Madlen Livia Shoes.package 2015-05-07 11:27 - 2015-05-07 11:28 - 00417972 _____ () C:\Users\Flavia\Downloads\Madlen Eris Boots.package 2015-05-07 11:27 - 2015-05-07 11:27 - 00603820 _____ () C:\Users\Flavia\Downloads\Madlen Ambrogio Shoes.package 2015-05-07 11:26 - 2015-05-07 11:26 - 01278415 _____ () C:\Users\Flavia\Downloads\1294236.zip 2015-05-07 11:26 - 2015-05-07 11:26 - 00704730 _____ () C:\Users\Flavia\Downloads\Madlen Nineveh Shoes.package 2015-05-07 11:25 - 2015-05-07 11:25 - 00497960 _____ () C:\Users\Flavia\Downloads\Madlen Novara Sandals.package 2015-05-07 11:22 - 2015-05-07 11:22 - 00287377 _____ () C:\Users\Flavia\Downloads\Toska.zip 2015-05-07 11:22 - 2015-05-07 11:22 - 00134871 _____ () C:\Users\Flavia\Downloads\ZIP UP BOOTS.package 2015-05-07 11:21 - 2015-05-07 11:21 - 00756084 _____ () C:\Users\Flavia\Downloads\Madlen Neroni Sneakers (Male).package 2015-05-07 11:21 - 2015-05-07 11:21 - 00161515 _____ () C:\Users\Flavia\Downloads\Vans Classic Slip-On Core (male) by Pinzombiecupcake.package 2015-05-07 11:20 - 2015-05-07 11:20 - 00451295 _____ () C:\Users\Flavia\Downloads\Madlen Orlando Shoes (Male).package 2015-05-07 11:20 - 2015-05-07 11:20 - 00187334 _____ () C:\Users\Flavia\Downloads\THL_NikeShoesSB_M.package 2015-05-07 11:18 - 2015-05-07 11:19 - 00095991 _____ () C:\Users\Flavia\Downloads\Jazminerev.zip 2015-05-07 11:18 - 2015-05-07 11:18 - 00101879 _____ () C:\Users\Flavia\Downloads\TugmeL-S4_Daphne-FYA.zip 2015-05-07 11:17 - 2015-05-07 11:17 - 00102633 _____ () C:\Users\Flavia\Downloads\AlyssaDíazPérezbySimFabulous.zip 2015-05-07 11:17 - 2015-05-07 11:17 - 00091261 _____ () C:\Users\Flavia\Downloads\MsBlue_JasminBlue.zip 2015-05-07 11:16 - 2015-05-07 11:16 - 00089561 _____ () C:\Users\Flavia\Downloads\MK_KendallEdwards.zip 2015-05-07 11:15 - 2015-05-07 11:15 - 00095291 _____ () C:\Users\Flavia\Downloads\Bryant Caliente.zip 2015-05-07 11:14 - 2015-05-07 11:15 - 00090187 _____ () C:\Users\Flavia\Downloads\MaseoUehara-Munter_Bacon2.zip 2015-05-07 11:12 - 2015-05-07 11:12 - 04833426 _____ () C:\Users\Flavia\Downloads\1291079.zip 2015-05-07 11:12 - 2015-05-07 11:12 - 00385291 _____ () C:\Users\Flavia\Downloads\MsBlue_LauraSkin.package 2015-05-07 11:10 - 2015-05-07 11:10 - 00448444 _____ () C:\Users\Flavia\Downloads\curbs_hat4_rosa.package 2015-05-07 11:10 - 2015-05-07 11:10 - 00278001 _____ () C:\Users\Flavia\Downloads\altea127 Visor Hat .package 2015-05-07 11:09 - 2015-05-07 11:09 - 00648473 _____ () C:\Users\Flavia\Downloads\[SrslyBrownie] (S4) Sheer Leggings .package 2015-05-07 11:09 - 2015-05-07 11:09 - 00119657 _____ () C:\Users\Flavia\Downloads\Vault101Hat.package 2015-05-07 11:08 - 2015-05-07 11:08 - 00686972 _____ () C:\Users\Flavia\Downloads\Birba32_fy_SideBandLeggings.package 2015-05-07 11:07 - 2015-05-07 11:07 - 00338585 _____ () C:\Users\Flavia\Downloads\cutesims4_replay skinny jeans - set.package 2015-05-07 11:07 - 2015-05-07 11:07 - 00056175 _____ () C:\Users\Flavia\Downloads\PDsims_SpikedBobbySocks.package 2015-05-07 11:06 - 2015-05-07 11:06 - 02335029 _____ () C:\Users\Flavia\Downloads\[SrslySims] (S4) High Waist PVC Leggings.package 2015-05-07 11:06 - 2015-05-07 11:06 - 00156997 _____ () C:\Users\Flavia\Downloads\TS4 Stockings Cat by Irink@a.package 2015-05-07 11:05 - 2015-05-07 11:05 - 01379143 _____ () C:\Users\Flavia\Downloads\altea127 Sonia Tights.package 2015-05-07 11:05 - 2015-05-07 11:05 - 00049164 _____ () C:\Users\Flavia\Downloads\Metens_Seduction.package 2015-05-07 11:03 - 2015-05-07 11:03 - 00395555 _____ () C:\Users\Flavia\Downloads\[Sintiklia]Eyeshadow 7.package 2015-05-07 11:02 - 2015-05-07 11:02 - 00338242 _____ () C:\Users\Flavia\Downloads\Alin22_NecklaceShapes.package 2015-05-07 11:01 - 2015-05-07 11:02 - 00718560 _____ () C:\Users\Flavia\Downloads\LLSIMS_LayeredNecklace_001.package 2015-05-07 11:01 - 2015-05-07 11:01 - 00810278 _____ () C:\Users\Flavia\Downloads\1269610.zip 2015-05-07 11:00 - 2015-05-07 11:00 - 00252918 _____ () C:\Users\Flavia\Downloads\Mallard Close.zip 2015-05-07 11:00 - 2015-05-07 11:00 - 00032549 _____ () C:\Users\Flavia\Downloads\Wood_Style.package 2015-05-07 10:59 - 2015-05-07 10:59 - 00427598 _____ () C:\Users\Flavia\Downloads\1Z_dress_marine_neu2D.package 2015-05-07 10:58 - 2015-05-07 10:58 - 00166194 _____ () C:\Users\Flavia\Downloads\SV Earrings with round jewel.package 2015-05-07 10:58 - 2015-05-07 10:58 - 00079101 _____ () C:\Users\Flavia\Downloads\NataliS_Spring and crystal earings FT-FA.package 2015-05-07 10:57 - 2015-05-07 10:57 - 00144082 _____ () C:\Users\Flavia\Downloads\NataliS_Crystal drop earrings FT-FA.package 2015-05-07 10:56 - 2015-05-07 10:56 - 00054561 _____ () C:\Users\Flavia\Downloads\MYOBI-zest-eyes.package 2015-05-07 10:55 - 2015-05-07 10:55 - 00089604 _____ () C:\Users\Flavia\Downloads\MYOBI-jelly-eyemask.package 2015-05-07 10:54 - 2015-05-07 10:54 - 00041317 _____ () C:\Users\Flavia\Downloads\EnticingSims_Feather Tattoo.package 2015-05-07 10:53 - 2015-05-07 10:53 - 01851664 _____ () C:\Users\Flavia\Downloads\MILK Jasmine Skintone.zip 2015-05-07 10:53 - 2015-05-07 10:53 - 00003782 _____ () C:\Users\Flavia\Downloads\cateye.package 2015-05-07 10:51 - 2015-05-07 10:51 - 04378955 _____ () C:\Users\Flavia\Downloads\MILK Divine.package 2015-05-07 10:51 - 2015-05-07 10:51 - 00269171 _____ () C:\Users\Flavia\Downloads\Love Frekles by Pinkzombiecupcake.package 2015-05-07 10:50 - 2015-05-07 10:50 - 00042966 _____ () C:\Users\Flavia\Downloads\MYOBI-samantha-facedetail.package 2015-05-07 10:49 - 2015-05-07 10:49 - 00265490 _____ () C:\Users\Flavia\Downloads\MorganeParis_For_Natalis_Nails_02.package 2015-05-07 10:49 - 2015-05-07 10:49 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL(1).package 2015-05-07 10:48 - 2015-05-07 10:48 - 00209148 _____ () C:\Users\Flavia\Downloads\PS Lip 01.package 2015-05-07 10:47 - 2015-05-07 10:47 - 00217924 _____ () C:\Users\Flavia\Downloads\Aveira_LipglossN3.package 2015-05-07 09:48 - 2015-05-07 09:48 - 00000000 ____D () C:\ProgramData\Aeria Games 2015-05-06 10:32 - 2015-05-06 10:32 - 00001608 _____ () C:\Users\Flavia\Desktop\Echo of Soul.lnk 2015-05-06 10:17 - 2015-05-06 10:17 - 00001950 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk 2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-05-06 10:17 - 2015-05-06 10:17 - 00000000 ____D () C:\Program Files\Aeria Games 2015-05-06 09:46 - 2015-05-06 10:17 - 00000000 ____D () C:\AeriaGames 2015-05-05 13:00 - 2015-05-05 13:00 - 00268383 _____ () C:\Users\Flavia\Downloads\Cenothera Biennis - by Onyxium.zip 2015-05-05 12:59 - 2015-05-05 12:59 - 00164311 _____ () C:\Users\Flavia\Downloads\MYOBI-opulent-lipcolour.package 2015-05-05 12:58 - 2015-05-05 12:58 - 00772625 _____ () C:\Users\Flavia\Downloads\[EVE62]lipstick1.package 2015-05-05 12:58 - 2015-05-05 12:58 - 00042707 _____ () C:\Users\Flavia\Downloads\Doll Lipstick Nr1. by Baarbiie-GiirL .package 2015-05-05 12:57 - 2015-05-05 12:57 - 00203248 _____ () C:\Users\Flavia\Downloads\S-Club LL thesims4 Lipstick 09.package 2015-05-05 12:57 - 2015-05-05 12:57 - 00062311 _____ () C:\Users\Flavia\Downloads\Autumn dream lipstick by Pinzombiecupcake.package 2015-05-05 12:56 - 2015-05-05 12:56 - 00252650 _____ () C:\Users\Flavia\Downloads\MYOBI-lilt-lipcolour.package 2015-05-05 12:55 - 2015-05-05 12:55 - 00044856 _____ () C:\Users\Flavia\Downloads\Syrup Lipstick by Baarbiie-GiirL.package 2015-05-05 12:54 - 2015-05-05 12:54 - 00003717 _____ () C:\Users\Flavia\Downloads\Doll Eyeliner.package 2015-05-05 12:53 - 2015-05-05 12:53 - 00135801 _____ () C:\Users\Flavia\Downloads\[GrizzlySimr] Sohlein Classy Eyeshadow.package 2015-05-05 12:52 - 2015-05-05 12:52 - 00122500 _____ () C:\Users\Flavia\Downloads\[simbastic] smokey_glitter_eyeshadow.package 2015-05-05 12:52 - 2015-05-05 12:52 - 00043249 _____ () C:\Users\Flavia\Downloads\mormo_eyeshadow1_AF.package 2015-05-05 12:51 - 2015-05-05 12:51 - 01685607 _____ () C:\Users\Flavia\Downloads\MYOBI-fiona-eyeshadow.package 2015-05-05 12:42 - 2015-05-05 12:42 - 00132889 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows16 M .package 2015-05-05 12:41 - 2015-05-05 12:41 - 00192771 _____ () C:\Users\Flavia\Downloads\MYOBI-nemo-brows.package 2015-05-05 12:40 - 2015-05-05 12:40 - 19387267 _____ () C:\Users\Flavia\Downloads\1265549.zip 2015-05-05 12:40 - 2015-05-05 12:40 - 01063041 _____ () C:\Users\Flavia\Downloads\SV Summer floral dress.package 2015-05-05 12:39 - 2015-05-05 12:39 - 00109478 _____ () C:\Users\Flavia\Downloads\S-Club WM thesims4 Eyebrows12 F.package 2015-05-05 12:38 - 2015-05-05 12:38 - 04103232 _____ () C:\Users\Flavia\Downloads\Realistic beard By Pinkzombiecupcake.package 2015-05-05 12:38 - 2015-05-05 12:38 - 00025198 _____ () C:\Users\Flavia\Downloads\Eyebrow with 8 colours.package 2015-05-05 12:36 - 2015-05-05 12:37 - 07179080 _____ () C:\Users\Flavia\Downloads\beard nr 2.package 2015-05-05 12:35 - 2015-05-05 12:35 - 08296793 _____ () C:\Users\Flavia\Downloads\Cazy_c119-Nicholas_r.package 2015-05-05 11:18 - 2015-05-05 11:18 - 00494281 _____ () C:\Users\Flavia\Downloads\1268783.zip 2015-05-05 11:17 - 2015-05-05 11:17 - 20023938 _____ () C:\Users\Flavia\Downloads\Stealthic Like Lust (Hair).package 2015-05-05 11:17 - 2015-05-05 11:17 - 00468442 _____ () C:\Users\Flavia\Downloads\1266813.zip 2015-05-05 11:16 - 2015-05-05 11:16 - 23228914 _____ () C:\Users\Flavia\Downloads\Stealthic Haunting (Hair).package 2015-05-05 11:15 - 2015-05-05 11:16 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair)(1).package 2015-05-05 11:14 - 2015-05-05 11:14 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229(1).package 2015-05-05 11:10 - 2015-05-05 11:11 - 24898232 _____ () C:\Users\Flavia\Downloads\Stealthic Sleepwalking (Hair).package 2015-05-05 11:10 - 2015-05-05 11:10 - 05337936 _____ () C:\Users\Flavia\Downloads\Skysims-hair257g.package 2015-05-05 11:09 - 2015-05-05 11:09 - 17935799 _____ () C:\Users\Flavia\Downloads\Stealthic Captivated (Hair).package 2015-05-05 11:08 - 2015-05-05 11:08 - 06313851 _____ () C:\Users\Flavia\Downloads\skysims-hair-229.package 2015-05-05 11:06 - 2015-05-05 11:06 - 21139442 _____ () C:\Users\Flavia\Downloads\Stealthic Runaway (Hair).package 2015-05-05 11:04 - 2015-05-05 11:04 - 04326482 _____ () C:\Users\Flavia\Downloads\Skysims Hair 208-lok sims4.package 2015-05-05 11:03 - 2015-05-05 11:03 - 21509106 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair)(1).package 2015-05-05 11:02 - 2015-05-05 11:02 - 11803982 _____ () C:\Users\Flavia\Downloads\Cazy_c172-Izzy_t-e_type2_re.package 2015-05-05 11:01 - 2015-05-05 11:01 - 00208048 _____ () C:\Users\Flavia\Downloads\Tantars Estate.zip 2015-05-05 11:00 - 2015-05-05 11:00 - 23136216 _____ () C:\Users\Flavia\Downloads\Stealthic Midsummer Night (Hair and Acc).package 2015-05-05 11:00 - 2015-05-05 11:00 - 05331542 _____ () C:\Users\Flavia\Downloads\Skysims-hair149.package 2015-05-05 10:59 - 2015-05-05 10:59 - 08029586 _____ () C:\Users\Flavia\Downloads\Nightcrawler AF Hair Turn It Up.package 2015-05-05 10:57 - 2015-05-05 10:57 - 21011847 _____ () C:\Users\Flavia\Downloads\Stealthic Amber Lights (Hair).package 2015-05-05 10:56 - 2015-05-05 10:56 - 07481536 _____ () C:\Users\Flavia\Downloads\Alesso_Circus.zip 2015-05-05 10:55 - 2015-05-05 10:55 - 06149100 _____ () C:\Users\Flavia\Downloads\Skysims-Hair-113.package 2015-05-05 10:53 - 2015-05-05 10:53 - 31996596 _____ () C:\Users\Flavia\Downloads\Stealthic Daughter (Hair).package 2015-05-05 10:52 - 2015-05-05 10:53 - 21697048 _____ () C:\Users\Flavia\Downloads\Stealthic Sanctuary (Hair).package 2015-05-05 10:51 - 2015-05-05 10:51 - 19367239 _____ () C:\Users\Flavia\Downloads\Stealthic Hysteria (Hair).package 2015-05-04 17:59 - 2015-05-04 17:59 - 03451698 _____ () C:\Users\Flavia\Downloads\1427212032d4244028654db8b5795c78.zip 2015-05-04 17:57 - 2015-05-04 17:57 - 02772812 _____ () C:\Users\Flavia\Downloads\141571469380eb3fb6e18314cd5679e3.zip 2015-05-04 17:53 - 2015-05-04 17:53 - 21497179 _____ () C:\Users\Flavia\Downloads\Stealthic Vapor (Hair).package 2015-05-03 21:04 - 2015-05-03 21:04 - 00000000 ____D () C:\Program Files\Origin Games 2015-05-03 20:50 - 2015-05-03 20:50 - 00000000 ____D () C:\Users\Flavia\Documents\Electronic Arts 2015-05-03 20:48 - 2015-05-03 21:04 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Origin 2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-05-03 20:45 - 2015-05-03 20:47 - 00000000 ____D () C:\Program Files\Origin 2015-05-03 20:45 - 2015-05-03 20:45 - 00000905 _____ () C:\Users\Public\Desktop\Origin.lnk 2015-05-03 20:43 - 2015-05-03 20:43 - 00000000 ____D () C:\ProgramData\Package Cache 2015-05-03 20:41 - 2015-05-03 20:41 - 00002051 _____ () C:\Users\Public\Desktop\The Sims 4.lnk 2015-05-03 20:41 - 2015-05-03 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 2015-05-03 20:34 - 2015-05-03 20:34 - 00000000 ____D () C:\Program Files\The Sims 4 2015-05-03 19:57 - 2015-05-03 21:11 - 00000000 ____D () C:\ProgramData\Origin 2015-05-03 19:51 - 2015-05-03 20:45 - 00000000 ____D () C:\ProgramData\Electronic Arts 2015-05-03 12:23 - 2015-05-03 12:23 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe 2015-05-03 12:23 - 2015-05-03 12:23 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr 2015-04-28 10:53 - 2015-04-28 10:53 - 00000000 ____D () C:\Users\Flavia\Downloads\[FS]Day04 2015-04-23 15:32 - 2015-04-23 15:32 - 00000000 __SHD () C:\Users\Flavia\AppData\Local\EmieBrowserModeList 2015-04-23 15:05 - 2015-04-23 15:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2015-04-22 11:15 - 2015-05-06 10:31 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames 2015-04-19 14:10 - 2015-04-19 14:10 - 00000000 ____D () C:\ProgramData\Ahead 2015-04-19 13:58 - 2015-05-13 19:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-19 13:58 - 2015-04-19 13:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-04-19 13:58 - 2015-04-19 13:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-04-18 11:04 - 2015-04-18 11:04 - 00000000 ____D () C:\Program Files\Common Files\Java 2015-04-18 11:03 - 2015-04-18 11:03 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-16 10:50 - 2015-04-18 11:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-04-15 09:39 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-04-15 09:39 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-04-15 09:39 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-04-15 09:39 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-04-15 09:38 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-04-15 09:38 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-04-15 09:38 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-04-15 09:38 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2015-04-15 09:38 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll 2015-04-15 09:38 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-04-15 09:37 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-04-15 09:37 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-05-13 19:39 - 2014-01-16 17:13 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\0P1T1G1Q1F 2015-05-13 19:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2015-05-13 18:56 - 2011-07-09 18:33 - 00000000 ____D () C:\Users\Flavia\AppData\Local\PMB Files 2015-05-13 18:25 - 2014-12-20 14:36 - 00000000 ____D () C:\Windows\CryptoGuard 2015-05-13 18:25 - 2009-12-28 01:26 - 02064622 _____ () C:\Windows\WindowsUpdate.log 2015-05-13 15:54 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-13 15:54 - 2009-07-14 06:34 - 00024368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-13 15:52 - 2014-08-14 11:55 - 00651504 _____ () C:\Windows\system32\perfh01F.dat 2015-05-13 15:52 - 2014-08-14 11:55 - 00140826 _____ () C:\Windows\system32\perfc01F.dat 2015-05-13 15:52 - 2011-05-21 00:31 - 00423246 _____ () C:\Windows\system32\perfh012.dat 2015-05-13 15:52 - 2011-05-21 00:31 - 00121210 _____ () C:\Windows\system32\perfc012.dat 2015-05-13 15:52 - 2010-01-20 16:25 - 00411600 _____ () C:\Windows\system32\perfh011.dat 2015-05-13 15:52 - 2010-01-20 16:25 - 00122926 _____ () C:\Windows\system32\perfc011.dat 2015-05-13 15:52 - 2009-12-27 16:41 - 04400078 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-13 15:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-05-13 15:45 - 2012-11-09 19:08 - 00031680 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2015-05-13 15:45 - 2011-09-25 14:34 - 00145878 _____ () C:\Windows\setupact.log 2015-05-13 15:45 - 2010-01-20 16:10 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-05-13 15:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-13 15:45 - 2009-07-14 06:33 - 02339336 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-13 15:44 - 2011-09-25 16:31 - 00624828 _____ () C:\Windows\PFRO.log 2015-05-13 15:44 - 2010-04-28 09:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-05-13 15:42 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-13 15:26 - 2009-12-27 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-13 15:23 - 2013-07-11 10:02 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-13 15:14 - 2009-12-27 17:09 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-13 15:10 - 2010-06-04 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-13 08:02 - 2012-11-09 19:40 - 00000000 ____D () C:\Users\Flavia\AppData\Local\CrashDumps 2015-05-12 23:11 - 2011-03-30 17:25 - 00000000 ____D () C:\Windows\Minidump 2015-05-12 18:48 - 2013-01-31 14:12 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Foxit Software 2015-05-12 18:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2015-05-12 16:07 - 2009-12-27 16:44 - 00000000 ____D () C:\Users\Flavia 2015-05-12 00:45 - 2011-09-15 17:48 - 00000000 ____D () C:\Download 2015-05-12 00:43 - 2014-05-27 12:07 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Samsung 2015-05-12 00:43 - 2009-12-27 18:54 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2015-05-11 20:55 - 2011-09-25 15:14 - 00000000 ____D () C:\Windows\pss 2015-05-11 20:38 - 2012-12-05 21:15 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Spotify 2015-05-11 20:37 - 2012-12-05 21:14 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Spotify 2015-05-11 18:39 - 2013-08-02 10:35 - 00000992 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-05-11 18:21 - 2015-01-23 17:12 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR 2015-05-03 20:05 - 2013-03-16 15:21 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Origin 2015-05-03 12:23 - 2014-05-16 17:00 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2015-05-03 12:23 - 2014-01-07 17:20 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys 2015-05-03 12:23 - 2013-03-17 18:59 - 00209048 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2015-05-03 12:23 - 2013-03-17 18:59 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2015-05-03 12:23 - 2012-02-24 15:33 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys 2015-05-03 12:23 - 2011-09-25 16:52 - 00427992 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys 2015-05-03 12:23 - 2011-09-25 16:51 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys 2015-05-03 12:23 - 2011-09-25 16:51 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys 2015-04-30 16:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat 2015-04-26 19:18 - 2012-04-18 19:53 - 00000000 ____D () C:\Users\Flavia\AppData\Roaming\Audacity 2015-04-26 19:03 - 2012-07-28 11:45 - 00000000 ____D () C:\Users\Flavia\Downloads\eBooks 2015-04-25 16:03 - 2013-11-01 15:29 - 00000000 ____D () C:\Users\Flavia\Downloads\Dokumente 2015-04-25 09:54 - 2013-01-19 15:17 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-04-22 11:15 - 2013-03-15 12:46 - 00000000 ___HD () C:\Windows\msdownld.tmp 2015-04-22 11:15 - 2010-08-06 13:49 - 00000000 ____D () C:\Windows\system32\directx 2015-04-19 14:00 - 2015-01-16 12:23 - 00000000 ____D () C:\Users\Flavia\AppData\Local\Adobe 2015-04-19 13:57 - 2009-12-28 16:55 - 00000000 ____D () C:\Program Files\Adobe 2015-04-19 13:56 - 2009-12-28 16:55 - 00000000 ____D () C:\ProgramData\Adobe 2015-04-18 11:03 - 2013-02-21 13:11 - 00000000 ____D () C:\Program Files\Java 2015-04-15 10:44 - 2014-12-10 19:18 - 00000000 ____D () C:\Windows\system32\appraiser 2015-04-15 10:44 - 2014-05-01 19:52 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-04-13 18:07 - 2015-03-09 17:41 - 00000000 ____D () C:\Users\Flavia\Top Body ==================== Files in the root of some directories ======= 2014-01-20 15:12 - 2014-01-27 16:12 - 0000085 _____ () C:\Users\Flavia\AppData\Roaming\WB.CFG 2011-04-29 13:55 - 2011-04-29 13:55 - 0009216 _____ () C:\Users\Flavia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-03-30 19:59 - 2011-07-22 13:50 - 0000000 _____ () C:\Users\Flavia\AppData\Local\Itiqeyabeguyoya.bin 2011-03-30 19:59 - 2011-07-21 10:02 - 0000120 _____ () C:\Users\Flavia\AppData\Local\Kholohiyesupa.dat 2015-04-10 16:47 - 2015-04-10 16:47 - 0005197 _____ () C:\Users\Flavia\AppData\Local\recently-used.xbel 2012-04-25 22:36 - 2012-07-11 23:50 - 0007597 _____ () C:\Users\Flavia\AppData\Local\resmon.resmoncfg 2011-09-25 10:24 - 2011-09-25 10:24 - 0000000 _____ () C:\Users\Flavia\AppData\Local\{07929EE3-DAD7-4105-8DF8-2CE403B4C7E2} 2015-02-27 18:27 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0001.dat 2015-02-25 22:32 - 2015-03-06 13:11 - 0000040 _____ () C:\ProgramData\DT0006.dat 2010-02-22 15:38 - 2010-02-22 15:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Files to move or delete: ==================== C:\ProgramData\DT0001.dat C:\ProgramData\DT0006.dat Some content of TEMP: ==================== C:\Users\Flavia\AppData\Local\temp\dxwebsetup.exe C:\Users\Flavia\AppData\Local\temp\FoxitUpdater.exe C:\Users\Flavia\AppData\Local\temp\jre-8u45-windows-au.exe C:\Users\Flavia\AppData\Local\temp\Quarantine.exe C:\Users\Flavia\AppData\Local\temp\sqlite3.dll C:\Users\Flavia\AppData\Local\temp\uninst.exe C:\Users\Flavia\AppData\Local\temp\uninstall_complete.exe C:\Users\Flavia\AppData\Local\temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-05 10:31 ==================== End Of Log ============================ --- --- --- |
13.05.2015, 18:55 | #13 |
| Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse [gelöst]Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-05-2015 Ran by Flavia at 2015-05-13 19:51:50 Running from C:\Users\Flavia\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4132011797-2711336362-2655832662-500 - Administrator - Disabled) Flavia (S-1-5-21-4132011797-2711336362-2655832662-1000 - Administrator - Enabled) => C:\Users\Flavia Guest (S-1-5-21-4132011797-2711336362-2655832662-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-4132011797-2711336362-2655832662-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated) Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - ) Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden AION Free-To-Play (HKLM\...\AION Free-To-Play) (Version: v0.1 - Gameforge 4D) Akamai NetSession Interface (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) Audacity 2.0 (HKLM\...\Audacity_is1) (Version: - Audacity Team) Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2218 - AVAST Software) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden C4600 (Version: 130.0.425.000 - Hewlett-Packard) Hidden calibre (HKLM\...\{249F13C9-889B-405E-8987-F4E6AA90BD8E}) (Version: 0.9.17 - Kovid Goyal) CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4329 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden Digitale Bibliothek 4 (HKLM\...\Digitale Bibliothek 4) (Version: - ) Dropbox (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.) Echo of Soul (HKLM\...\Echo of Soul) (Version: - ) EXPERTool v8.6 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.6.0.0 - Gainward Co. Ltd.) forteManager (HKLM\...\{1883A84D-94AA-432C-9519-FA31B6B118B9}) (Version: 2.80.002 - Portrait Displays, Inc.) Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.4.96.511 - Foxit Software Inc.) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.) Free Audio Converter version 5.0.46.820 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.) Free AVI Video Converter version 5.0.18.1005 (HKLM\...\Free AVI Video Converter_is1) (Version: 5.0.18.1005 - DVDVideoSoft Ltd.) Free MP4 Video Converter version 5.0.23.320 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.) Free Studio version 5.1.7 (HKLM\...\Free Studio_is1) (Version: - DVDVideoSoft Ltd.) Free Video Dub version 2.0.22.925 (HKLM\...\Free Video Dub_is1) (Version: 2.0.22.925 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.23.320 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.23.320 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.11.33.1005 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.33.1005 - DVDVideoSoft Ltd.) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HD Video Plugin (HKLM\...\HD Video Plugin) (Version: 1.28.153.5 - Plugin) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x86 (HKLM\...\{175A0271-B6F3-4AB6-ADAD-DC9D17F4A321}) (Version: 2.0.1083.0 - Intel) iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.) Java 7 Update 80 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 3.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 3.9.5 - ) LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - ) Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden MEDION MD86511 (HKLM\...\{1251B5BC-E285-4078-98C9-ED21F61B552A}) (Version: 1.0.0.0 - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2F750C77-1FEC-44F9-88CC-2CE322EBD61E}) (Version: 1.1.0324 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version: - NCsoft) Netzmanager (HKLM\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG) Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenAL (HKLM\...\OpenAL) (Version: - ) Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Overwolf (HKLM\...\{4150D0B5-D203-419B-9C49-9B615AF11BAF}) (Version: 0.33.199 - Overwolf) Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.) PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden SDFormatter (HKLM\...\{5A347920-4AFC-11D5-9FB0-800649886934}) (Version: - ) SDK (Version: 1.40.002 - Portrait Displays, Inc.) Hidden SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB) Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - ) TERA (HKLM\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH) The Sims 4 Version 1.0 u1 (HKLM\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.0 u1 - EA Games) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Uniblue RegistryBooster 2010 (HKLM\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd) Unity Web Player (HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation) Viva Piñata (HKLM\...\InstallShield_{343EFA17-5BC5-44DA-924F-539ECBEFF68C}) (Version: 1.00.0000 - Microsoft Game Studios) Viva Pinata (Version: 1.00.0000 - Microsoft Game Studios) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation) WinRAR 5.21 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WOT für Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\InprocServer32 -> C:\Users\Flavia\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll () CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Flavia\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{F12BE2CC-A901-4203-B4F2-ADCB957D1887}\InprocServer32 -> C:\ProgramData\Windows\wsse.dll No File CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Flavia\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 06-04-2015 10:07:45 Windows Backup 06-04-2015 11:49:08 Removed Adobe Shockwave Player 12.0. 06-04-2015 11:53:36 Removed Adobe Shockwave Player 12.0. 06-04-2015 11:54:30 Removed Skype™ 6.11 10-04-2015 12:19:34 Windows Update 10-04-2015 17:34:27 avast! antivirus system restore point 12-04-2015 19:00:08 Windows Backup 15-04-2015 09:37:53 Windows Update 15-04-2015 10:02:58 Windows Update 16-04-2015 10:49:16 Installed Java 7 Update 75 18-04-2015 11:11:22 Windows Update 19-04-2015 14:08:41 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later. 20-04-2015 15:59:31 Windows Backup 23-04-2015 16:17:06 Removed Aeria Ignite 25-04-2015 10:07:27 Windows Update 26-04-2015 19:00:12 Windows Backup 29-04-2015 09:27:46 Windows Update 03-05-2015 12:21:03 avast! antivirus system restore point 03-05-2015 19:00:05 Windows Backup 03-05-2015 20:42:40 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 06-05-2015 08:53:50 Windows Update 11-05-2015 14:22:32 Windows Backup 12-05-2015 00:40:46 Removed Samsung Kies 13-05-2015 09:32:56 Windows Update 13-05-2015 15:02:49 Windows Update 13-05-2015 19:33:49 Revo Uninstaller's restore point - Pando Media Booster Packages ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2013-11-17 14:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION Task: {06C689DC-E76C-4A21-8866-20195A7C7D8A} - System32\Tasks\{75581C9E-7CDE-4760-94A5-B7305B0DBEEB} => C:\Program Files\VOX3DPlaner2\Konfigurator\VOX3DPlaner2.exe Task: {0EA169F2-3396-4693-8141-E0B0BDEAD2D0} - System32\Tasks\{2BA6D508-0A05-49CB-A72A-BAE924AAA86D} => C:\Program Files\FIFA06\fifa06 demo.exe Task: {0EDCC5B6-3393-4E15-A50F-DAFD2C9832E3} - System32\Tasks\{1C432A36-43A8-4E97-9064-E347447B9584} => pcalua.exe -a "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall\Magical Diary - Horse Hall.exe" -d "C:\Users\Flavia\Downloads\Magical Diary - Horse Hall" Task: {10330BF6-A675-4800-A815-653A883EA389} - System32\Tasks\{1A0A79E3-33E7-4B14-AEE7-9402B154A87B} => C:\Program Files\Nexon\MabinogiEU\Mabinogi.exe Task: {118AB896-6545-4634-8DE0-05F08A6DAF5A} - System32\Tasks\{C0B08E39-FC9D-46D1-A7D0-6BFF81B8BFAA} => J:\Setup.exe Task: {1266A55D-07A0-4E1E-9850-9BAD8D5A9C13} - System32\Tasks\{E4CB1F65-9BC1-413F-BFE8-1E9629412274} => C:\Program Files\Origin Games\The Sims 3\Game\Bin\Sims3Launcher.exe Task: {135387F8-A0AF-4292-8994-E2BCC2B0EC1F} - System32\Tasks\{0040F31E-F0C2-4718-BE4B-C574915E4BC9} => pcalua.exe -a J:\setup.exe -d J:\ Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION Task: {15C3D743-59C8-4FFC-86D8-25C055A63066} - System32\Tasks\{FE3A9151-4B9D-490C-902E-5BA73455C78D} => C:\Program Files\FIFA06\AutoRun.exe Task: {16E8B459-123F-4050-8F2D-CB02F7AD2A7C} - System32\Tasks\{F74CF72E-9781-4504-8186-2857FBB1D1B9} => pcalua.exe -a C:\Users\Flavia\Vampire1CD1\demo32.exe -d C:\Users\Flavia\Vampire1CD1 Task: {19816D70-8705-49B4-B7E3-A7000B629593} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {224F3630-CB78-4C5B-A202-BB60DE1EE253} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {23E365D6-24D8-4700-BEEF-E67496FF5057} - System32\Tasks\{089899D8-646F-4E09-976A-F2857E4AE461} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {25FFB239-81CC-410B-B309-9869E3734E7B} - System32\Tasks\NRYP => Rundll32.exe "C:\Windows\system32\TSChannelx.dll",JVTZJMTO Task: {272C4B3C-B7FF-4E2C-A7D6-AA2CEB799B99} - System32\Tasks\{EF40B049-C1A4-429A-855E-7E736CD595F8} => C:\Users\Flavia\Pandora_Saga_MY_20090826.exe Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION Task: {27CA32BA-775A-4923-AD8D-F4C8A99E8490} - System32\Tasks\{99960E19-E1E3-4BC0-A7A4-A1F66A43DCFE} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe Task: {2B3DCFB4-2927-42C4-9870-9EF1FCEB80D2} - System32\Tasks\{23A04515-4009-43ED-8264-0AC9F9844B64} => J:\Setup.exe Task: {3041F3B3-D300-4F4D-8F4C-DD67AADE7B20} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.) Task: {34A8B566-44A8-456C-8A5C-0AEE57E4D0DD} - System32\Tasks\{E986319D-82CB-45ED-B545-2CD8B296A658} => J:\SETUP.EXE Task: {35CD2091-3830-43C5-AC08-BAFE84CA8F48} - System32\Tasks\{4B341BDB-DA54-42E7-A1FB-C9CDE0C95496} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {39A33003-0331-4A81-A608-D2F23205261C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {3D3BB7C7-E5BB-4C86-A2A5-30199569C9CC} - System32\Tasks\{A62C7B66-2F13-417E-A060-23782DDEAF20} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {44912348-372A-4DD4-8CB6-6DAC2C4AC1D8} - System32\Tasks\{25267E23-2FF8-4F82-B0AD-2BBE296B0A62} => J:\Setup.exe Task: {449B9DA7-0B3E-4E1C-8C9D-C6BF9FDF9C89} - System32\Tasks\{5D295678-F417-44D3-9555-C19215CB7C78} => pcalua.exe -a E:\setup.exe -d E:\ Task: {4A4B1380-D7DF-43FA-84D8-5ACA740F4295} - System32\Tasks\{D7160B9E-A401-4BA6-9910-7D3B17F6B085} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {4CC5B90C-C451-4CEE-A99D-6419EA202BDD} - System32\Tasks\{3BE569F6-B383-40A1-B2D8-372F5AE2AE37} => C:\Program Files\2K Games\Mafia II\pc\mafia2.exe Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION Task: {54A5AF44-E789-4BC6-999B-974485D891D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {54EBCF67-64E5-4ECB-8F5D-5D184E5BB5A1} - System32\Tasks\{2B245C46-ECB2-41C9-9976-CD44CDD321B8} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {5C2B861B-1BE5-46E0-9233-649BC50825CB} - System32\Tasks\{C57C0966-A03B-4532-87DD-BCC169B78F59} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {64A6AAA7-589E-4B22-B2FF-BE327C2DB015} - System32\Tasks\{9B1B0303-3793-4D0B-81B1-059D5D27551B} => E:\StartCD.exe Task: {69EBAFD0-8E9D-4507-81C1-914140DD02B7} - System32\Tasks\{7456ADC2-5627-4CD7-81E0-915ACE8069C7} => C:\Program Files\Viva Media\Alter Ego\AlterEgo.exe Task: {6F8F9112-A4E8-408B-802D-BD5499168F95} - System32\Tasks\{2D7C4757-CBC2-4149-901B-33F4AE95A112} => pcalua.exe -a "C:\Program Files\Vektoris3D25Plus\uninstall.exe" Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION Task: {7425C34A-8E3A-442C-A109-97D19E95760E} - System32\Tasks\{47941BC1-6CC9-42B4-82D9-05A8B357B1FE} => J:\Setup.exe Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION Task: {772E9FA9-B5F1-4CF3-BF28-524E23A07787} - System32\Tasks\{6105EF99-5F22-4B53-A3E1-3FAEF66E868A} => C:\Nexon\MabinogiEU\Mabinogi.exe Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION Task: {78A23ACE-C365-4389-9782-41C31F76D202} - System32\Tasks\{61557E34-772C-4E2F-BB3E-FE138B65AFD2} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {81DC7CF1-D24D-42B2-9105-916784164C94} - System32\Tasks\{EAC62CFA-EA8B-42D0-A599-13AC7CA93F90} => C:\Program Files\EagleGame\ShowTime\Bin\Final_Release\Launcher.exe Task: {84EA453B-234E-488D-B778-7FF247893378} - System32\Tasks\{49D40749-5F5F-482A-8312-83B9076882C1} => C:\Program Files\Runes of Magic\Runes of Magic.exe Task: {85A67C56-CEAB-429E-8E4C-7BD04C02DE46} - System32\Tasks\{B477751F-7EC4-47E6-BEFF-AD589581480F} => C:\Program Files\Electronic Arts\Die Sims 3\Game\Bin\TS3.exe Task: {86996018-097E-4AF9-9D91-76D8029146DB} - System32\Tasks\{94C70D2F-3BFB-44BE-86FD-D65818B82648} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe Task: {86C28AB1-5C52-46E1-935C-7B74A647D69F} - System32\Tasks\{29709F28-06CA-4E3E-9DC1-1CABD4A8227C} => J:\Setup.exe Task: {86FB483D-2035-4838-81C7-CEF7B37B4610} - System32\Tasks\{1673BF47-0F92-4B1D-B87E-4EBB27586308} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION Task: {8B2FBBE3-7C1E-4223-B2FB-9BB9E94C4EED} - System32\Tasks\{46A3F437-83A6-4E51-A907-76A3DA579DED} => C:\Program Files\The Adventure Company\Evany Schlüssel zur Freiheit\Evany.exe Task: {8BC2271C-234F-4E3C-BFCB-DDCA2B6962BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8F453FA1-759E-456E-ABB4-CD3E9886462E} - System32\Tasks\{11118169-3789-4C4D-BCAE-8832D80F70FE} => pcalua.exe -a C:\Users\Flavia\Downloads\NetmarbleDBOSetup.exe -d C:\Users\Flavia\Desktop Task: {91A325AA-8FAB-4A48-9A22-BE79FC121B65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4132011797-2711336362-2655832662-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe Task: {94734BFA-359F-4601-B879-1D63B8A98D08} - System32\Tasks\{42F5F183-C47D-4FC1-80A8-6839E5BA9D93} => pcalua.exe -a J:\Setup.exe -d J:\ Task: {947BCACF-EFEE-4890-9FF5-477553FA0B3B} - System32\Tasks\{601445B5-0494-4034-8562-EC2AD924F5CB} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {967AB9D1-D3BB-45D2-81F0-D5802AB2DFA0} - System32\Tasks\{F250B786-AD66-4FE5-8D5E-7E395764F3B9} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{343EFA17-5BC5-44DA-924F-539ECBEFF68C}\setup.exe" -c -runfromtemp -l0x0407 -removeonly Task: {96F01EEC-EC2F-4CED-9D40-306115A4C961} - System32\Tasks\{170FF8E8-C96D-40CF-8FCB-7DB4E8976221} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe Task: {9781BC6D-4495-453E-94FB-262BC14AB1C3} - System32\Tasks\{CF01B6F4-BECB-4298-9FFC-D696BF961AFD} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {A014E8EE-56A1-4E84-89C4-09283331A317} - System32\Tasks\{260B4302-4B67-4CA9-B0EC-D07F489E91A7} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.111/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault Task: {ADD8A39D-0D85-4A88-AD46-93E20B277877} - System32\Tasks\{CEB044B5-B67C-4C0F-8D31-E23A9B55BE93} => J:\startup.exe Task: {B2E8EE57-0899-41A0-AEEA-6E9C81636382} - System32\Tasks\{DD66FA04-B610-4FB0-A6EB-CAF7ADD2926A} => C:\Program Files\Microsoft Games\Viva Pinata\Startup.exe Task: {BA219B21-6C51-44A8-9D19-F17E49E1AD43} - System32\Tasks\{FCCF13A5-3AA1-4B1E-83D8-11D706C12D1A} => pcalua.exe -a C:\Users\Flavia\Pandora_Saga_MY_20090826.exe -d C:\Users\Flavia Task: {BB2A62CA-F06B-49CF-9C75-491D2F4B11CE} - System32\Tasks\{2A771DDE-9262-4EB0-8398-C970CEADF012} => C:\Program Files\Changyou\Zentia\patcher.exe Task: {BE950A6D-81CB-4DFB-8049-1D76504A23FF} - System32\Tasks\{6586BE00-2E28-44BD-8F0C-A361B71BBD78} => C:\Program Files\Electronic Arts\Harry Potter und der Orden des Phönix\hp.exe Task: {C01212D2-464F-4D6E-93A6-A9C29CFE2D3F} - System32\Tasks\{162A6AD8-106B-4C19-A4B1-281D64BEEC22} => J:\startup.exe Task: {C1DE965C-3A58-4214-A83B-CC053BB338A7} - System32\Tasks\{1C77C66B-9114-46D3-B57D-091E235E12C7} => C:\Program Files\EA SPORTS\FIFA 06 Demo\fifa06 demo.exe Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION Task: {C8B95971-0615-4A22-930F-497F1F05C036} - System32\Tasks\{3B337EAA-C525-4D86-98A4-8F4636C9D23A} => C:\Microids\Die Rückkehr zur Geheimnisvollen Insel 2\RTMI2.exe Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION Task: {CB413622-74BC-44E6-985C-5F4F1941433E} - System32\Tasks\{C0F69074-C3C9-43C0-9E62-0883EDB9AD52} => C:\Program Files\Portrait Professional Studio 9\PortraitProfessionalStudio.exe Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION Task: {D367179D-51C7-4CBF-A496-5C26C25D18C2} - System32\Tasks\{59FC5536-60F1-4046-AE30-521FD21DD8C3} => pcalua.exe -a "C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe" -c RealNetworks|RealPlayer|12.0 Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION Task: {D83A6590-8B91-4CBB-9154-DF65E0FD162A} - System32\Tasks\{FAFB8A66-A5E8-46D8-AB10-41519A7DD50D} => C:\Program Files\Ubisoft\Abenteuer auf dem Reiterhof 3 - Das Erbe der Gräfin\Reiterhof3.exe Task: {D91162AA-8064-40C7-9887-1CDA75FF058D} - System32\Tasks\{98341868-9868-4F93-B186-B2EF031C9524} => C:\Program Files\FIFA06\fifa06 demo.exe Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION Task: {E1422BD5-0558-4973-9380-2CD169B649A7} - System32\Tasks\{1C483E90-D6C1-4EF8-9BC2-3D2B1B56CCDA} => C:\Program Files\gPotato\AikaOnline\AIKALauncher.exe Task: {E2FE5906-3FC0-4CF0-B775-2CF244262600} - System32\Tasks\{C0A21489-2C59-4A15-9D9B-88AA56172945} => C:\Program Files\Skype\Phone\Skype.exe Task: {E67AC7EA-AAD3-4B74-AE04-B1D18FD743C9} - System32\Tasks\{71B95856-969C-4D1F-A7C7-328F667F7495} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {EA31D609-5550-48F9-9C87-E33A3C459E48} - System32\Tasks\{A1243B8A-A37E-4891-A587-9E295C39B9DC} => C:\Program Files\The Adventure Company\Das Böse unter der Sonne\euts.exe Task: {EC4889F0-C3FE-442C-90B7-CE166DB1358C} - System32\Tasks\{6590403D-AF4A-46AF-860B-8EC7EC9D1883} => pcalua.exe -a C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe -c REMOVE=TRUE MODIFY=FALSE Task: {EC8EA56F-8B14-4D04-A6A1-C8F8FDCB49CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated) Task: {FA25C835-088B-4B7A-BE70-7E0F6379F28F} - System32\Tasks\{D7D0F476-5A34-473B-92ED-3F56D37F1B8F} => J:\autorun.exe Task: {FFA49ECB-8D5F-40CA-BB5F-DBEDA81B3D0F} - System32\Tasks\{0547096A-63B8-43D5-8A62-443D81F62B43} => C:\Program Files\The Adventure Company\Frogwares\Dracula Origin\game.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2015-05-03 12:23 - 2015-05-03 12:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-03 12:23 - 2015-05-03 12:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-05-13 15:01 - 2015-05-13 15:01 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051300\algo.dll 2015-05-13 15:46 - 2015-05-13 15:46 - 02927616 _____ () C:\Program Files\AVAST Software\Avast\defs\15051301\algo.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2009-12-27 18:54 - 2007-10-11 17:17 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00116224 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2012-02-09 17:26 - 2012-02-09 17:26 - 00041984 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2012-02-09 17:26 - 2012-02-09 17:26 - 00032768 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll 2014-10-19 09:06 - 2014-10-19 09:06 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll 2012-11-09 19:04 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-02-22 12:43 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2009-12-27 18:54 - 2007-10-11 17:17 - 00167936 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll 2009-12-27 18:54 - 2007-10-11 17:16 - 00102400 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2009-12-27 18:54 - 2007-10-11 17:17 - 00077824 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll 2009-12-27 18:55 - 2007-10-04 14:36 - 00065536 _____ () C:\Program Files\Common Files\Portrait Displays\drivers\vista.dll 2015-03-19 13:54 - 2015-03-19 13:54 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7571 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Flavia\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe" MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCam.exe" /s ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [TCP Query User{B4BE9938-7F72-4A8F-8AFC-59A3E97A8C90}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{CD206E8E-4251-4D41-BBCA-7E1530E9FAA9}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{AF14EA5F-61F8-4FE4-9FE6-C4730BE4F7B6}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{FC1627D8-D25B-45AB-A418-F1486F792E83}C:\users\flavia\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{59302FB5-A1E9-480C-8BF4-45AB55DB672B}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{38D62175-A6FB-480E-952F-9FD4FD6D491C}] => (Block) C:\users\flavia\appdata\roaming\spotify\spotify.exe FirewallRules: [{BC2A5E90-0AC7-48E6-B570-308A64B0DED9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{BEACD746-1789-42A8-B76D-5F42C7882396}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4A26D664-9010-40ED-9DA9-C1EB4EB0038D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D19F2778-75FE-4E14-910A-F664C3ECFF05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{81FB1BFC-6861-4487-9FB6-68FBE4AE9EBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{3F3C3C45-80F2-474F-BDB2-256ED4411935}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{5D697DC0-C1F0-4F6E-BEC5-E90BAB98E186}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [UDP Query User{9EA5A4A1-58A0-45FD-809E-E9A61B40B282}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [{AEFF8D32-76DE-4551-9CA2-45AF568C3EDE}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{6325CFDC-F297-471C-B1F4-54ABC44758FA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{111361FE-47F8-40CC-88C3-94E4EE48A3CC}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{CD642251-541E-443A-A680-09D382B26332}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{431373F4-9F84-47F1-B308-1ABD4215F20B}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe FirewallRules: [{C18CA305-4CDD-4294-AB64-FEB4D343931C}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{E9868860-8969-4BB3-AAC8-CA0E63B49582}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [TCP Query User{7A64FEF9-033E-4D2E-A005-0CB94B57CFCF}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{E9429E86-D119-4158-85AA-2E2A92FFFEA5}C:\users\flavia\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\flavia\appdata\local\akamai\netsession_win.exe FirewallRules: [{C343E5C6-5573-4111-A23F-687E4BFFC92E}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{3285F562-0BFE-47FF-A259-B998E92CF967}] => (Allow) C:\Program Files\eFusion\Dragon Nest Europe\DragonNest.exe FirewallRules: [{34D4736F-C193-400D-96FB-C7E94A79A4F2}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe FirewallRules: [{919CACC1-1EC1-4459-A39D-8F5424015410}] => (Allow) C:\Users\Flavia\Downloads\AW_downloader.exe FirewallRules: [TCP Query User{02286B40-50D8-44F7-AB96-81E2E97DCD2A}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe FirewallRules: [UDP Query User{C3A1ED8C-2CD6-40CF-9D7C-93BF0F8C7495}C:\gbe games\aurora world\area00\bin\release\tuclient.exe] => (Allow) C:\gbe games\aurora world\area00\bin\release\tuclient.exe FirewallRules: [TCP Query User{CE27873A-A8D6-489F-B3B7-02849328CD1B}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe FirewallRules: [UDP Query User{982F5FD8-ADAE-47DC-965B-23FA3695281F}C:\users\flavia\downloads\nw.1.20130309a.7.exe] => (Allow) C:\users\flavia\downloads\nw.1.20130309a.7.exe FirewallRules: [TCP Query User{54C7BBEF-C9C4-4B4F-9808-BB1671AC0790}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [UDP Query User{DB9CB2CE-9614-4406-B0B4-EB16A5F6F704}C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\neverwinter\live\gameclient.exe FirewallRules: [TCP Query User{9B782A49-3613-4A13-B2EC-70AD25A67187}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [UDP Query User{8884CA3A-5AC0-4A2C-9F8A-C6B32A2BAB4A}C:\program files\tera\tera-launcher.exe] => (Allow) C:\program files\tera\tera-launcher.exe FirewallRules: [{744CA3E2-230F-4452-9700-88113294B2EF}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe FirewallRules: [{AEB0600D-5966-4DCF-BEC1-A5BE5238AB95}] => (Allow) C:\Program Files\WEBZEN\C9\C9.exe FirewallRules: [TCP Query User{A4757E28-FE18-4884-979F-8C3F6D760841}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe FirewallRules: [UDP Query User{C36B91E8-7D9D-4596-9E56-65D99E0ED0E3}C:\program files\dragons prophet\dp_x86.exe] => (Allow) C:\program files\dragons prophet\dp_x86.exe FirewallRules: [{4AD73C9B-F847-4C03-B5A3-7EE21FFE91BB}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe FirewallRules: [{3AF77807-C7FF-4EB8-88E7-ECE5146931A8}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe FirewallRules: [{046170AF-457C-4A2B-B1AE-D8B702AAD290}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe FirewallRules: [{41CA41D1-E0C9-4917-A3EF-473DD374F9E0}] => (Allow) C:\Program Files\Dragons Prophet\dp_x86.exe FirewallRules: [{D093AD71-9AF5-45AB-87C5-477A9CF8B594}] => (Allow) C:\Program Files\Dragons Prophet\launcher.exe FirewallRules: [{B14768B3-AC64-4986-A76F-3BBB378D9130}] => (Allow) C:\Program Files\Dragons Prophet\dp_x64.exe FirewallRules: [TCP Query User{B08B02A2-BE4B-427E-80D0-6CDB1EA3EAD6}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{F90E1670-79F8-4D12-83D9-8A8CC2CCBF5F}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Allow) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [{5DA0E919-6DB9-4E31-A26D-4C0CD0E40402}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{FA86693F-21CC-4B76-8413-0083D1888F32}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{143D9615-3757-4244-8DA3-83C3DCF53DAD}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe FirewallRules: [{7AEECADC-8AD9-497B-B5D2-C40983D85B5C}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe FirewallRules: [TCP Query User{2F7AB098-6778-447C-8919-B37CBD0F75EC}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [UDP Query User{6AA73BC2-CEFC-4975-9B3E-43A37004DE2B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe] => (Block) C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe FirewallRules: [TCP Query User{84FC3551-BC28-4714-80D4-F863A31A6D38}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe FirewallRules: [UDP Query User{1E9CDD4F-191A-4823-A463-BB2EC36510E0}C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe] => (Allow) C:\users\flavia\appdata\local\electronic arts\dawngate\game\dawngate.exe FirewallRules: [TCP Query User{1D234196-5AF3-4F68-A2A7-DE37EDD3A0F0}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe FirewallRules: [UDP Query User{17D5432E-962A-498C-BE67-F2C886F771F8}C:\program files\heroesgo\launcher\launcher.exe] => (Allow) C:\program files\heroesgo\launcher\launcher.exe FirewallRules: [TCP Query User{0981AD7C-0896-4656-A233-345BB7729BB8}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe FirewallRules: [UDP Query User{70994A97-7B1C-4602-A6A3-2F21241F43CE}C:\program files\heroesgo\heroesgo_am.exe] => (Allow) C:\program files\heroesgo\heroesgo_am.exe FirewallRules: [{D10FF877-1B1E-43CD-9184-2D513B10DACC}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe FirewallRules: [{E0E7CE75-D7B3-4AD2-88B1-D74C712FD192}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe FirewallRules: [{70FD046F-3941-4940-9A17-139AEA801C03}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin FirewallRules: [{8B10610D-077F-4B30-A3DE-964D291220FE}] => (Allow) C:\AeriaGames\AuraKingdom\game.bin FirewallRules: [{28B5638F-F97B-4F6C-AA78-91AB0FD55B17}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{DF53A54A-E20F-434A-8401-1F019BC5E9E6}] => (Allow) C:\Users\Flavia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{E85FBBD0-A683-427B-80B1-877FBE19D3DD}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{0B685BCF-B227-4354-BFA9-ACD720ABEBAE}C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\flavia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{8F28D682-FA91-4E20-A799-77A8036FA32D}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{457729AF-2B40-4364-8816-17459E5123DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{533CE4C0-41E3-4AEC-B81E-CBE9D41ADCF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{FD04AF46-1FA2-44BC-B930-2AB0450C2562}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{3ED7FBAB-6DE3-4637-A750-313E9C679262}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0CC87D7F-CCAA-46EC-8482-D8749468E1F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{36BBA65E-86A3-4A86-9EE9-AC24A313FFF8}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [{D0BBB486-E9E9-4FA3-A544-A3E50A1B35D1}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [TCP Query User{1E47A4E1-112A-409D-A98A-D54B12DF1F09}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe FirewallRules: [UDP Query User{FAD99B3B-107E-415E-A683-134EB320AF42}C:\program files\snail games usa\blackgold\bin\fxgame.exe] => (Allow) C:\program files\snail games usa\blackgold\bin\fxgame.exe FirewallRules: [{F825764F-4D73-46DA-B8D8-302A3ECA7E5E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{750FD75E-9811-4432-8D8A-35118F1C5A2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A91CF122-54EE-4FC1-80D1-15127DCDF37A}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe FirewallRules: [{984E644F-E2E5-415E-B36B-CA92E9B144EE}] => (Allow) C:\Users\Flavia\AppData\Local\temp\QQGameDownloader\bns_1421910375_89606\MiniQQDL.exe FirewallRules: [{3415B431-3193-4DD8-9B2C-14384A5F2572}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe FirewallRules: [{E9642D98-3A70-4862-A144-E5196B4D58E6}] => (Allow) c:\users\flavia\appdata\local\temp\qqgamedownloader\bns_1421910375_89606\teniodl.exe FirewallRules: [TCP Query User{00D7FE05-581C-4AB8-AF5E-849DCD1A3F14}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe FirewallRules: [UDP Query User{BBAD1188-58DB-4EB5-9E1F-D8BE3B9A85AE}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\tensafe_1.exe FirewallRules: [{4E66913D-358A-403D-A9E8-9B7989A43C39}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe FirewallRules: [{35804F06-7B2E-435C-B4B8-B6A6EA3D475F}] => (Allow) c:\users\flavia\appdata\roaming\tencent\剑灵\7aa487d7eed5b7d8c829d33144690a0c\teniodl\teniodl.exe FirewallRules: [TCP Query User{8FD8D9FF-BB5E-40CF-BF24-20C38C313BE3}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe FirewallRules: [UDP Query User{F6AF6EB6-2BEF-4BF3-9BA0-B87BDA5DFC98}C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\tcls\tenprotect\taslogin.exe FirewallRules: [{ED5DD1D2-BC2A-489F-976A-50A3EFAC211E}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCmgrInstallGuide.exe FirewallRules: [{C9BEB083-89A0-4D6A-88A4-26631F103F77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCTray.exe FirewallRules: [{B1618BF2-1752-4507-9407-C7C4EF22B532}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCMgr.exe FirewallRules: [{C86646EE-C466-40E2-A2C5-A9F137D75316}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCRTP.exe FirewallRules: [{71BA372D-5459-412B-A05A-57F83DE50ED0}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\bugreport.exe FirewallRules: [{BF2D6A2C-DEF3-42C2-AF33-F8DA7ADEC9E1}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCFileOpen.exe FirewallRules: [{1A8C7C91-64F2-4B76-A8AC-B5CFAB265113}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLeakScan.exe FirewallRules: [{5F284AB1-6534-439F-B403-8655FA842427}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLoader.exe FirewallRules: [{2B22D286-39D7-4147-B1D1-BE5F49D8BCA5}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPConfig.exe FirewallRules: [{3361BE24-27CF-4A1E-8625-1EDB10CC9638}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftMgr.exe FirewallRules: [{DFD5C668-7F74-41BA-890A-B1ACCA77A73A}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{97F3E152-8725-4AAE-A1A0-A68DF4B009CB}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QDeskSetup.exe FirewallRules: [{B226C09D-A1DA-46F8-9870-6623B06991A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCBTU.exe FirewallRules: [{B4CE7C15-4C54-4829-AEF9-C81E3C021302}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCClinic.exe FirewallRules: [{66AE12AB-39D6-4533-8EAF-FF5D9117D2F8}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCLaunch.exe FirewallRules: [{31BF9B38-8D0B-4391-9804-173F2F4A9229}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{1D012E8E-D8A7-4EA0-ADA3-2818072909A7}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSoftGame.exe FirewallRules: [{EE4F1111-C79A-47DB-ACED-3314CB673F3D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCSysOptimize.exe FirewallRules: [{E6D8510A-3007-49C6-8F1E-2DC45CCDC318}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCUpdateAVLib.exe FirewallRules: [{11ECB399-C5AF-4833-874E-78A5909206DC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQRepair.exe FirewallRules: [{C0DBA3BE-781C-4DFC-8E4C-B187744F1ECC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\Uninst.exe FirewallRules: [{596392A1-F67C-40A7-8BC5-C9A561B74B77}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QQPCPatch.exe FirewallRules: [{1793F45A-E6F6-415C-9216-552366F0E340}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\TpkUpdate.exe FirewallRules: [{F46F5CC2-5876-4DDB-8200-07592298470D}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe FirewallRules: [{8AEC1FB7-EBBE-4FD7-AF98-44B61A663E39}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMDL.exe FirewallRules: [{716E9B56-29A2-4502-B181-D0197CDB1DBC}] => (Allow) C:\Program Files\腾讯游戏\QQPCMgr\8.11.11347.801\QMAccountProtection.exe FirewallRules: [{255D8D5D-5762-43C1-9F87-7847136588ED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe FirewallRules: [{A1CA16EF-E171-445A-9C46-03B26F13A7BE}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\CrossProxy.exe FirewallRules: [{E7DE9980-8860-490A-A6E6-62DA62D95F78}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe FirewallRules: [{22FC9814-7E39-44A6-859E-34B43C819DED}] => (Allow) C:\Program Files\腾讯游戏\剑灵_腾讯\bin\Cross\Apps\CQS\QTalk\Bin\miniQTalk.exe FirewallRules: [{EF5A7E47-C67A-4B1C-B214-8FB83A1AE6E7}] => (Allow) C:\program files\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{56E2A954-8AC1-4B44-9F08-DCC13E871A8B}] => (Allow) C:\program files\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{7139256C-55B0-4436-977F-5BE69DD9BDE0}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe FirewallRules: [{754D4617-8B07-4055-8E8A-9A703A05DDCE}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\minidown.exe FirewallRules: [{7A0B75BD-6FBA-41E4-B6EB-1A6DA9C446FA}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe FirewallRules: [{14F7DABA-F1DC-43AC-8A89-EC0586904AE2}] => (Allow) c:\users\flavia\appdata\local\temp\tencent\tgpminidown.1367.2.1.5.8204\teniodl\teniodl.exe FirewallRules: [{073F08B8-6C27-4356-8341-97B2FFC84719}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe FirewallRules: [{40C6E482-05FC-4C60-AC8A-96F5994347A4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\tcls_core.exe FirewallRules: [{5C6DB019-088A-42A8-948D-DF170B6A09FB}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe FirewallRules: [{41983DCE-17F7-4B9A-BEEF-2CE05401D8C4}] => (Allow) C:\Program Files\Tencent\TGP\tcls\Tenio\TenioDL\TenioDL.exe FirewallRules: [{A7A13C01-D0B0-4ABF-B739-6EC79DFE9F70}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe FirewallRules: [{7F625C70-A8C4-41D5-BB2B-BF5EF66E33A3}] => (Allow) C:\Program Files\Tencent\TGP\tgp_daemon.exe FirewallRules: [TCP Query User{5A15A186-C8EC-4619-BD41-23637DBB5992}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe FirewallRules: [UDP Query User{4F8F780E-04CD-4C33-8C0F-B8201574E6CF}C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe] => (Allow) C:\program files\腾讯游戏\剑灵_腾讯\bin\client.exe FirewallRules: [TCP Query User{3A501415-8406-445B-892F-80CF2318BA87}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{F7A04728-96EA-4C29-8174-DF89EAC35E16}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{3D061B38-D7EF-4C10-AA3F-6A58BC1CB4FB}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{F8A8F2D8-E493-4F33-B0B4-5D74E679ED2F}C:\users\flavia\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\flavia\appdata\local\mycomgames\mycomgames.exe FirewallRules: [{C21AAC83-B6E7-4EEA-BDA9-4C8D799DCE3B}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{10E9319E-3857-4A0F-9641-912832051A0B}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{A425D2F1-49E5-44BC-8601-CA41AEBA56F3}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{E2F00FF9-7B3D-4FB9-ACE7-07748AE29E46}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{A16F3853-1087-46F5-9DB6-2A553BF193A4}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\The.Sims.4.Launcher.exe FirewallRules: [{1A36DB5C-A112-4BF4-894B-16589671AC88}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{7BB8CD60-887F-4B67-B0F2-6B6515BEF76C}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3E78078E-6ABE-4910-88E2-ED5676E41D97}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{491770F3-B6F1-43C1-9BC9-A454FC5B64D0}] => (Allow) C:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{3566D56A-628D-456F-8823-EF3B2F358837}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{B4967FE5-063F-47C7-9DD2-DF5894E51C8E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe StandardProfile\AuthorizedApplications: [C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe] => Enabled:NEXON_EU_Downloader_Engine.exe ==================== Faulty Device Manager Devices ============= Name: adfs Description: adfs Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: adfs Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: USB Device(VID_1f3a_PID_efe8) Description: USB Device(VID_1f3a_PID_efe8) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: USB Devices Service: usbUDisc Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/13/2015 07:33:47 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Access is denied. . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {b090ed1c-3667-4df4-a457-a49183ca9b15} Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::ResetBIOS Reset SASD failed, error=0 Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::UpdateSASD Failed to set the sleep time, error=0 Error: (05/13/2015 03:45:36 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CISCTPnpDriverApi::SetBIOSWakeTime *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2 Error: (05/13/2015 08:48:31 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm firefox.exe, Version 37.0.2.5583 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 109c Startzeit: 01d08d476303e708 Endzeit: 186 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe Berichts-ID: f67a3e91-f93b-11e4-bbac-bc5ff43154bc Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::ResetBIOS Reset SASD failed, error=0 Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::UpdateSASD Failed to set the sleep time, error=0 Error: (05/13/2015 08:28:37 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CISCTPnpDriverApi::SetBIOSWakeTime *****IOCTL_ISCT_SASD(SASD) Failed, Error=0x2 System errors: ============= Error: (05/13/2015 03:45:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (05/13/2015 03:10:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80080005 fehlgeschlagen: Security Update for Windows 7 (KB3046002) Error: (05/13/2015 03:10:44 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Error: (05/13/2015 08:28:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (05/13/2015 08:28:07 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 13.05.2015 um 08:27:13 unerwartet heruntergefahren. Error: (05/13/2015 08:00:02 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Media Player Network Sharing Service" Korrekturmaßnahmen (Restart the service) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/13/2015 07:59:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office Sessions: ========================= Error: (04/25/2015 04:17:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time. This session ended with a crash. Error: (09/23/2011 04:14:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 54 seconds with 0 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2015-05-13 19:48:53.210 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 19:38:43.512 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 19:31:58.372 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 18:27:08.649 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 15:45:20.979 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 10:30:40.805 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 09:02:49.057 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 08:47:32.847 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 08:36:14.348 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-05-13 08:28:31.649 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Percentage of memory in use: 43% Total physical RAM: 3565.21 MB Available physical RAM: 2025.37 MB Total Pagefile: 7128.73 MB Available Pagefile: 5087.94 MB Total Virtual: 3071.88 MB Available Virtual: 2948.42 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:98.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 66916FAD) Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ==================== End Of Log ============================ |
13.05.2015, 19:09 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse [gelöst] FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AppInit_DLLs: ´ê6 => ´ê6 File Not Found HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - No File Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - No File Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File C:\ProgramData\DT0001.dat C:\ProgramData\DT0006.dat Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION EmptyTemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
13.05.2015, 19:32 | #15 |
| Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse [gelöst] Hab ich gemacht. Allerdings hat sich das FRST-Tool erstmal aufgehängt bevor es den Fix gemacht hat, hoffe der ist trotzdem richtig durchgelaufen. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-05-2015 Ran by Flavia at 2015-05-13 20:15:38 Run:1 Running from C:\Users\Flavia\Desktop Loaded Profiles: Flavia (Available profiles: Flavia) Boot Mode: Normal ============================================== Content of fixlist: ***************** AppInit_DLLs: ´ê6 => ´ê6 File Not Found HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Toolbar: HKLM - No Name - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - No File Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - No File Toolbar: HKU\S-1-5-21-4132011797-2711336362-2655832662-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File C:\ProgramData\DT0001.dat C:\ProgramData\DT0006.dat Task: {051D9757-8B82-499C-84F3-DAA24A3DE582} - System32\Tasks\939a6e80 => C:\Users\Flavia\AppData\Local\Temp\\setup43644544.exe <==== ATTENTION Task: {144C66C0-FD3E-4C35-9168-C4146F8435E6} - System32\Tasks\9d0be300 => C:\Users\Flavia\AppData\Local\Temp\\setup115842944.exe <==== ATTENTION Task: {276F4387-DDCA-4F09-B462-E5FFED32E870} - System32\Tasks\2e912b80 => C:\Users\Flavia\AppData\Local\Temp\\setup536466048.exe <==== ATTENTION Task: {4E565704-159F-4924-B782-8174373FFBC5} - System32\Tasks\750dc200 => C:\Users\Flavia\AppData\Local\Temp\\setup1380827392.exe <==== ATTENTION Task: {711D8645-65A8-4CE5-A3E0-00B3036124CE} - System32\Tasks\fb41c00 => C:\Users\Flavia\AppData\Local\Temp\\setup828756736.exe <==== ATTENTION Task: {714A1540-2A02-4584-9649-0258C90D64F7} - System32\Tasks\39080f80 => C:\Users\Flavia\AppData\Local\Temp\\setup3143229824.exe <==== ATTENTION Task: {75885767-6A67-4842-B477-2CCE374BD762} - System32\Tasks\f4e4a200 => C:\Users\Flavia\AppData\Local\Temp\\setup1919017344.exe <==== ATTENTION Task: {7858E897-E286-44C6-81C1-5E3F359738AB} - System32\Tasks\5eb6d380 => C:\Users\Flavia\AppData\Local\Temp\\setup127876736.exe <==== ATTENTION Task: {8B0E773E-3CCB-4481-AB1B-004E9DCCC22D} - System32\Tasks\a3509c80 => C:\Users\Flavia\AppData\Local\Temp\\setup3791351296.exe <==== ATTENTION Task: {C63A36E3-FC0C-41F7-8401-31E28E135348} - System32\Tasks\72b7df00 => C:\Users\Flavia\AppData\Local\Temp\\setup2246522240.exe <==== ATTENTION Task: {C7430DF4-E05F-4463-A94B-588BCEE90AC1} - System32\Tasks\84919c00 => C:\Users\Flavia\AppData\Local\Temp\\setup115568128.exe <==== ATTENTION Task: {CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871} - System32\Tasks\ac67a900 => C:\Users\Flavia\AppData\Local\Temp\\setup2323362176.exe <==== ATTENTION Task: {CB02E8DD-A292-401A-A47E-8DBA30321AE1} - System32\Tasks\895e7e00 => C:\Users\Flavia\AppData\Local\Temp\\setup196104192.exe <==== ATTENTION Task: {D042EFA4-DB30-481A-B3FC-A5462C3FB398} - System32\Tasks\37afaf80 => C:\Users\Flavia\AppData\Local\Temp\\setup445119232.exe <==== ATTENTION Task: {D38E282A-7EF8-4878-A84E-332D25456102} - System32\Tasks\c3793e00 => C:\Users\Flavia\AppData\Local\Temp\\setup522615808.exe <==== ATTENTION Task: {DDF5E073-5C25-4E88-A462-FFBEA129B65F} - System32\Tasks\66f0bd80 => C:\Users\Flavia\AppData\Local\Temp\\setup1887453440.exe <==== ATTENTION EmptyTemp: ***************** "´ê6" => Value Data removed successfully. "HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{52836EB0-631A-47B1-94A6-61F9D9112DAE} => value deleted successfully. HKCR\CLSID\{52836EB0-631A-47B1-94A6-61F9D9112DAE} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{71576546-354D-41c9-AAE8-31F2EC22BF0D} => value deleted successfully. HKCR\CLSID\{71576546-354D-41c9-AAE8-31F2EC22BF0D} => Key not found. HKU\S-1-5-21-4132011797-2711336362-2655832662-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. C:\ProgramData\DT0001.dat => Moved successfully. C:\ProgramData\DT0006.dat => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{051D9757-8B82-499C-84F3-DAA24A3DE582}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051D9757-8B82-499C-84F3-DAA24A3DE582}" => Key deleted successfully. C:\Windows\System32\Tasks\939a6e80 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\939a6e80" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{144C66C0-FD3E-4C35-9168-C4146F8435E6}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{144C66C0-FD3E-4C35-9168-C4146F8435E6}" => Key deleted successfully. C:\Windows\System32\Tasks\9d0be300 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\9d0be300" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{276F4387-DDCA-4F09-B462-E5FFED32E870}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{276F4387-DDCA-4F09-B462-E5FFED32E870}" => Key deleted successfully. C:\Windows\System32\Tasks\2e912b80 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e912b80" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E565704-159F-4924-B782-8174373FFBC5}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E565704-159F-4924-B782-8174373FFBC5}" => Key deleted successfully. C:\Windows\System32\Tasks\750dc200 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\750dc200" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{711D8645-65A8-4CE5-A3E0-00B3036124CE}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{711D8645-65A8-4CE5-A3E0-00B3036124CE}" => Key deleted successfully. C:\Windows\System32\Tasks\fb41c00 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fb41c00" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{714A1540-2A02-4584-9649-0258C90D64F7}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{714A1540-2A02-4584-9649-0258C90D64F7}" => Key deleted successfully. C:\Windows\System32\Tasks\39080f80 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\39080f80" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75885767-6A67-4842-B477-2CCE374BD762}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75885767-6A67-4842-B477-2CCE374BD762}" => Key deleted successfully. C:\Windows\System32\Tasks\f4e4a200 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\f4e4a200" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7858E897-E286-44C6-81C1-5E3F359738AB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7858E897-E286-44C6-81C1-5E3F359738AB}" => Key deleted successfully. C:\Windows\System32\Tasks\5eb6d380 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5eb6d380" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B0E773E-3CCB-4481-AB1B-004E9DCCC22D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B0E773E-3CCB-4481-AB1B-004E9DCCC22D}" => Key deleted successfully. C:\Windows\System32\Tasks\a3509c80 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\a3509c80" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C63A36E3-FC0C-41F7-8401-31E28E135348}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63A36E3-FC0C-41F7-8401-31E28E135348}" => Key deleted successfully. C:\Windows\System32\Tasks\72b7df00 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\72b7df00" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7430DF4-E05F-4463-A94B-588BCEE90AC1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7430DF4-E05F-4463-A94B-588BCEE90AC1}" => Key deleted successfully. C:\Windows\System32\Tasks\84919c00 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\84919c00" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4F9448-8EB2-4DC7-A9C6-B0133FFAF871}" => Key deleted successfully. C:\Windows\System32\Tasks\ac67a900 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ac67a900" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB02E8DD-A292-401A-A47E-8DBA30321AE1}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB02E8DD-A292-401A-A47E-8DBA30321AE1}" => Key deleted successfully. C:\Windows\System32\Tasks\895e7e00 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\895e7e00" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D042EFA4-DB30-481A-B3FC-A5462C3FB398}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D042EFA4-DB30-481A-B3FC-A5462C3FB398}" => Key deleted successfully. C:\Windows\System32\Tasks\37afaf80 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\37afaf80" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D38E282A-7EF8-4878-A84E-332D25456102}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D38E282A-7EF8-4878-A84E-332D25456102}" => Key deleted successfully. C:\Windows\System32\Tasks\c3793e00 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\c3793e00" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDF5E073-5C25-4E88-A462-FFBEA129B65F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDF5E073-5C25-4E88-A462-FFBEA129B65F}" => Key deleted successfully. C:\Windows\System32\Tasks\66f0bd80 => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0bd80" => Key deleted successfully. EmptyTemp: => Removed 2.3 GB temporary data. The system needed a reboot. ==== End of Fixlog 20:21:11 ==== |
Themen zu Keine Verbindung zum Benachrichtigungsdienst für Systemereignisse |
benachrichtigungsdienst, bluescreen, dokument, fehlercode 24, fehlercode windows, funktioniert, installiert, internet, keine verbindung, mobogenie, mobogenie entfernen, neustarten, pando media booster packages entfernen, pup.optional.crossrider.a, pup.optional.installcore.a, pup.optional.nextlive.a, pup.optional.opencandy, pup.optional.plushd.a, pup.optional.searchelf.c, pup.optional.speedtest.a, pup.optional.updater.a, situation, systemereignisse, taskmanager, this device cannot start. (code10), verbindung, verändert, warum |